Reviewed by:

svn path=/cvs2svn/branches/R093/; revision=6056

etc/ppp/ppp.conf.filter.sample

@@ -0,0 +1,49 @@
+#
+# $Id:$
+#
+# An example of packet filter definition.
+#
+#
+filterd:
+#
+# Don't dial with ICMP packet
+#
+ set dfilter 0 deny icmp
+ set dfilter 1 permit 0/0 0/0
+#
+# Allow ident packet pass through
+#
+ set ifilter 0 permit tcp dst eq 113
+ set ofilter 0 permit tcp src eq 113
+#
+# Allow telnet connection to the Internet
+#
+ set ifilter 1 permit tcp src eq 23 estab
+ set ofilter 1 permit tcp dst eq 23
+#
+# Allow ftp access to the Internet
+#
+ set ifilter 2 permit tcp src eq 21 estab
+ set ofilter 2 permit tcp dst eq 21
+ set ifilter 3 permit tcp src eq 20 dst gt 1023
+ set ofilter 3 permit tcp dst eq 20
+#
+# Allow access to DNS
+#
+ set ifilter 4 permit udp src eq 53
+ set ofilter 4 permit udp dst eq 53
+#
+# Allow access from/to my company network
+#
+ set ifilter 5 permit 192.244.191.0/24 0/0
+ set ofilter 5 permit 0/0 192.244.191.0/24
+#
+# Allow ping and traceroute response
+#
+ set ifilter 6 permit icmp
+ set ofilter 6 permit icmp
+ set ifilter 7 permit udp dst gt 33433
+ set ofilter 7 permit udp dst gt 33433
+#
+# If none of above rules matches, then packet is blockd.
+#

etc/ppp/ppp.conf.iij

@@ -0,0 +1,72 @@
+#############################################################################
+#
+#  Examples to connect to IIJ Dialup PPP service
+#
+#	1) On IIJ servive, both user side and server side address can
+#	   not be predicted by a customer. In this circumstance, you need
+#	   some trick to use on-demand dialup. See iij-demand for example.
+#
+#       2) IIJ has 3 kinds of authentication method; getty, PAP and CHAP.
+#	   In all cases, you can use same username and password assigned
+#	   from IIJ.
+#
+#  $Id:$
+#
+#############################################################################
+#
+#  Very simple case. Note that this example automatically dials into IIJ.
+#  Please be sure to check phone number to access nearest location.
+#
+#	% ppp iij
+#
+iij:
+ set phone 0332425701
+ set authname MyUserName
+ set authkey  MyPassword
+ set login "TIMEOUT 5 login:-\\r-login: \\U word: \\P PPP"
+ set timeout 0
+ dial
+#
+#  If you prefer to use PAP authentification, use this one.
+#
+#	% ppp iij-pap
+#
+iij-pap:
+ set phone 0332425701
+ accept pap
+ set authname MyUserName
+ set authkey  MyPassword
+ set login "TIMEOUT 5 login:-\\r-login:"
+ set timeout 0
+ set openmode active
+ dial
+#
+#  Use "% ppp iij-chap" for CHAP authentification
+#
+iij-chap:
+ set phone 0332425701
+ accept chap
+ deny pap
+ set authname MyUserName
+ set authkey  MyPassword
+ set login "TIMEOUT 5 login:-\\r-login:"
+ set timeout 0
+ set openmode active
+ dial
+#
+# Here, we assume that IIJ server has 192.244.177.2 as their address.
+# This assumption may not be correct, but we'll fix it later.
+# Also, take a look at ppp.linkup.
+#
+#	% ppp -auto iij-demand
+#
+# Use dummy ping to generate a call to IIJ.
+#
+#	% ping 192.244.177.2
+#
+iij-demand:
+ set debug lcp
+ set phone 0355118852
+ set login "TIMEOUT 5 login:-\\r-login: MyUserName word: MyPassword PPP"
+ set ifaddr 0 192.244.177.2/20
+ add 0 0 192.244.177.2

etc/ppp/ppp.conf.sample

@@ -0,0 +1,125 @@
+#################################################################
+#
+#  	PPP  Sample Configuration File
+#
+#	  Written by Toshiharu OHNO
+#
+# $Id:$
+#
+#################################################################
+#
+# Default setup. Executed always when PPP is invoked.
+#
+default:
+ set device /dev/tty01
+ set speed 38400
+ disable lqr
+ deny lqr
+ set dial "ABORT BUSY ABORT NO\\sCARRIR TIMEOUT 5 \"\" AT OK-AT-OK \\dATDT\\T TIMEOUT 40 CONNECT"
+#
+# Example with login script
+#   o From PPP prompt,
+#	ppp> dial simplesite
+#     will automatically dials and perform login procedure.
+#
+#       ppp> load simplesite
+#     will also load and execute commands, but don't dial.
+#
+#   o From shell, invoke as
+#       % ppp simplesite
+#     will load commands associated with the label. Use,
+#       ppp> dial
+#     to establish the connection.
+#
+simplesite:
+ set phone 12345678
+ set login "TIMEOUT 5 login:-\\r-login: ppp word: ppp"
+ set timeout 120
+#
+# If peer reqires to use CHAP, don't forget to supply authname and authkey.
+#
+# If you'd like to use CHAP to authentificate peer, comment out the line
+# ``enable chap'' below. You also need to prepare /etc/ppp.secret.
+#
+# If remote system sends its system name within CHAP packet and it is
+# found in /etc/ppp.secret, then secret key is taken from the file and
+# value of authkey is ignored.
+#
+chapsite:
+ set phone 12345678
+ set login "TIMEOUT 5 login:-\\r-login: ppp word: ppp"
+ deny pap
+ accept chap
+# enable chap
+ set authname MySystemName
+ set authkey  OurSecretKey
+#
+# To speak PAP is just smilar to CHAP
+#
+papsite:
+ set phone 12345678
+ set login "TIMEOUT 5 login:-\\r-login: ppp word: ppp"
+ deny chap
+ accept pap
+# enable pap
+ set authname MyUserName
+ set authkey  MyPassword
+#
+# On demand dialup example
+#  Here, we assume that local side use 192.244.185.226 and
+#  remote side use 192.244.176.44 as their IP address.
+#  You must supply -auto option to invoke PPP.
+#
+#  ex. % ppp -auto ondemand
+#
+ondemand:
+ set phone 1234567
+ set login "TIMEOUT 5 login:-\\r-login: ppp word: ppp"
+ set timeout 120
+ set ifaddr 192.244.185.226 192.244.176.44
+ add 0 255.255.255.0 192.244.176.44
+#
+# Another on demand example
+#  If peer assign some IP address for us, and we can't predict it
+#  until we make a connection, use 0 as local side address.
+#
+pmdemend:
+ set phone 1234567
+ set login "TIMEOUT 5 login:-\\r-login: ppp word: ppp"
+ set timeout 120
+ set ifaddr 0 192.244.176.44
+ add 0 255.255.255.0 192.244.176.44
+#
+# Example to validate incoming user with CHAP
+#  Invod as ``ppp -direct users'' from login script. User's system name
+#  and secret-key must be registered into /etc/ppp.secret.
+#  IP address assigned to peer is registered in ppp.secret, then that
+#  value is used and value in ``ifaddr'' command has no effect.
+#
+users:
+ disable pap
+ enable chap
+ set authname ppp-server
+ set ifaddr 192.244.176.44 292.244.184.31
+#
+# Example of Callback Request
+#
+#  Here, we assume that peer will hangup the line and initiates a callback
+#  after successful authentification. We simply use chat script capabiluty
+#  and wait for a "NO CARRIRER" response from our modem.
+#
+#  % ppp callback
+#
+callback:
+ set phone 0312345678
+ set login "ABORT NO\\sCARRIER TIMEOUT 5 login:-\\r-login: MyName word: MySecret TIMEOUT 20 DUMMY"
+ set debug phase chat
+ dial
+ quit
+#
+# Example for PPP/TELNET and PPP/TCP. Read doc for further details
+#
+ppptelnet:
+ set escape 0xff
+ppptcp:
+ set device 192.244.191.33:2400

etc/ppp/ppp.linkup.sample

@@ -0,0 +1,37 @@
+#########################################################################
+#
+#          Example of ppp.linkup file
+#
+#
+#  This file is checked when PPP establishes network level connection.
+#  PPP command seaches label in this file in following way and order.
+#
+#  1) At first, IP address assigned into our side is serched and execute
+#     associated command.
+#
+#  2) If it didn't found, then label name specified at startup time is
+#     searched.
+#
+#  3) If given label name is not found, then label MYADDR is serched.
+#
+# $Id:$
+#
+#########################################################################
+#
+# If we've got 192.244.176.32 as our address, then regard peer as a gateway
+# to 192.244.176.0 network.
+#
+#192.244.176.32:
+# add 192.244.176.0 255.255.255.0 HISADDR
+#
+# If we are invked with an argument ``iij-demand'', then
+# delete existing route entry and add peer as default gateway.
+#
+iij-demand:
+ delete ALL
+ add 0 0 HISADDR
+#
+# Otherwide, simply add peer as default gateway.
+#
+MYADDR:
+ add 0 0 HISADDR

etc/ppp/ppp.secret.sample

@@ -0,0 +1,8 @@
+##################################################
+# Sysname	Secret Key	Peer's IP address
+#
+# $Id:$
+#
+##################################################
+oscar		OurSecretKey	192.244.184.34/24
+BigBird		X4dWg9327	192.244.184.33/32