Ghosting onto the Net
Next, I acquired and set up the dialer daemon, diald. This handy-dandy piece of software waits until it sees an IP packet destined for the Internet and, if the ppp connection is not up, automatically starts the ppp daemon, which then connects to the Internet.
This package can be obtained from http://www.dna.lth.se/~erics/diald.html. A word of caution—the latest version of diald is 0.16. I am using 0.14. I've tried 0.15, but it had problems reconnecting once I terminated a connection. I have not had time to test out version 0.16. Version 0.14 works just fine for me. If you are interested in upgrading to the latest and greatest diald, send me e-mail, and I'll let you know if it works now. I should have it tested by the time this article is published. Just follow the included instructions to build and install diald.
Once I installed diald, I created some scripts to bring it up and down easily. The script to bring it up is called /etc/ppp/diald-up and appears in Listing 4 with plenty of comments.
Since this script is somewhat obscure, I will cover it in more detail. The route command is used to tell the network software how to get from your computer to other computers and networks. Normally there is a default route the network software uses when it can't find another suitable route in the routing table. To view your routing table, use the netstat -rn command. For more information see the netstat man page.
The first command in Listing 4 removes the default route in order to make sure it is free for diald or the ppp daemon to use. This removal is necessary, since sometimes diald and ppp won't re-assign the default route if one is already assigned.
The second command starts the dialer daemon. (For more details refer to the diald man page.) To use this line in your script, you will need to change three items:
the communications device /dev/cua0
the local address 10.10.10.1
the remote address 192.168.1.2
If you have a fixed IP address, you'll also need to remove the dynamic switch line from the script.
The third, fourth and fifth commands are used to set up the firewall. These commands have to be run after the dialer daemon, because it does the masquerading from the network out to the Internet via the default route. Whenever a packet needs to leave via the default route, the dialer daemon senses it and makes a connection to the Internet using the ppp daemon.
I also have a script to shut down the dialer daemon gracefully. I call it /etc/ppp/diald-down and the source appears in Listing 5.
The dialer daemon can be communicated with using a named pipe specified on the diald command line in the diald-up script. I use the recommended name /etc/diald.fifo. This named pipe allows you to change various parameters of the program while it is running and to gracefully exit the program without resorting to the kill command.
The first command in Listing 5 tells the dialer daemon to clean up and get out. The second command resets the default route back to the Ethernet card.
To test the diald script, execute tail -f /var/log/messages in one virtual console, and in another type ping 220.127.116.11 to ping sun.com. After typing the ping command, you can toggle back over to the first console and watch diald spit out status messages. These status messages tell you if diald dials your modem and activates pppd correctly. If ppp appears to connect properly, you can toggle back over to the other console and see if the ping is returned. If not, don't panic—just break out of it using a Ctrl-C and try again. Sometimes packets get dropped when diald is switching the route from the slip interface to the ppp interface.
I used the IP address in the above commands on the assumption that you do not have a name server running on your machine. If you are interested in getting a name server up and running on your machine—something I recommend—a couple of good sources of information are the DNS HOWTO and the Linux Network Administrators Guide by Olaf Kirch.
Next I created an appear script. The appear script causes diald to connect to the Internet, then sends an indication of where the server can be reached to the desired location. I created a script called /etc/ppp/appear to do the work. This script appears in Listing 6.
Last, I added an entry to the /etc/crontab file. This file is used by the cron daemon to determine what to run when. (For more information on cron take a gander at the cron man page.) This is the line I added:
30 07 * * 1-5 root /etc/ppp/appear
This entry tells the cron daemon to start your appear script Monday through Friday at 7:30 AM. The appear script needs to be started this way only once per day; it will then restart itself whenever the time is right.
After completing all these steps, I was set up to ghost on and off the Internet, and if you've been following these steps, you will be ready too.
One Click, Universal Protection: Implementing Centralized Security Policies on Linux Systems
Join editor Bill Childers and Bit9's Paul Riegle on April 27 at 12pm Central to learn how to keep your Linux systems secure.
Free to Linux Journal readers.Register Now!
|diff -u: What's New in Kernel Development||Aug 20, 2014|
|Security Hardening with Ansible||Aug 18, 2014|
|Monitoring Android Traffic with Wireshark||Aug 14, 2014|
|IndieBox: for Gamers Who Miss Boxes!||Aug 13, 2014|
|Non-Linux FOSS: a Virtualized Cisco Infrastructure?||Aug 11, 2014|
|Linux Security Threats on the Rise||Aug 08, 2014|
- diff -u: What's New in Kernel Development
- Security Hardening with Ansible
- NSA: Linux Journal is an "extremist forum" and its readers get flagged for extra surveillance
- New Products
- Tech Tip: Really Simple HTTP Server with Python
- Monitoring Android Traffic with Wireshark
- [<Megashare>] Watch Mrs Brown's Boys Movie Online Full Movie HD 2014
- RSS Feeds
- Raspberry Pi: the Perfect Home Server
- Linux Systems Administrator