mgetty and AutoPPP

Configuring pppd, mgetty, & AutoPPP

This FAQ has been adapted from a document written by Mick Dennis <mrdennis@bellatlantic.net>.

The mgetty configuration outlined here is valid for the following system:

pppd version 2.3.7 - ftp://cs.anu.edu.au/pub/software/ppp/
mgetty+sendfax version 1.0.0 - ftp://alpha.greenie.net/pub/mgetty/

Additional information on Mgetty+Sendfax can be found at the Mgetty+Sendfax Archive/Documentation Centre, located at http://alpha.greenie.net/mgetty/.

Kernel Configuration

You will need ppp support. Enabling such support is far beyond the scope of this document and is different for each flavor of operating system.

pppd Configuration

The directions are well written. You should have no trouble building.

First, do a:

./configure

To set up the makefiles.

Linux

If you are using the shadow package, you may find it necessary to edit pppd/auth.c and provide the correct path to the pwauth.h file.

Sun Solaris

Before doing a make, edit svr4/Makedefs. If you are compiling with gcc, it should look like the following:
#
# defines common to several Makefiles
#

INSTALL= /usr/sbin/install

BINDIR = /usr/local/bin
MANDIR = /usr/local/man
ETCDIR = /etc/ppp

#COPTS = -O -Xa -w

# For compiling with gcc, comment out the COPTS definition above and
# uncomment the next 2 definitions.
CC = gcc
COPTS = -O2

If you are using the shadow password package edit pppd/Makefile and add to the CFLAGS the -DHAS_SHADOW option.

Next you will need to setup the pppd options file (typically located in /etc/ppp). Read the pppd man pages for additional information on the semantics and syntax of the options file. Note that the ms-dns and ms-wins lines are optional (one or both may be omitted), and are only useful if you will be serving MS PPP clients.

asyncmap 0
crtscts
lock
mru 576
mtu 576
ms-dns <IP address of DNS server in dotted-decimal>
ms-wins <IP address of WINS server in dotted-decimal>
netmask <netmask in dotted-decimal>
passive
proxyarp
modem
usehostname

Also create an /etc/ppp/options.<ttyname> file (contains default options for the serial port being used, read after ~/.ppprc) for each port to assign an IP address to each end of the link. In forming the <ttyname> part of this filename, an initial /dev/ is stripped from the port name (if present), and any slashes in the remaining part are converted to dots (e.g. /dev/term/a=> options.term.a).

<server address>:<client address>

If your system normally has only one network interface, the default Solaris 2 system startup scripts will disable IP forwarding in the IP kernel module. This will prevent the remote machine from using the local machine as a gateway to access other hosts. The solution is to create an /etc/ppp/ip-up script containing something like this:

#!/bin/sh
#
# /etc/ppp/ip-up
#
# If your system normally has only one network interface, the default
# Solaris 2 system startup scripts will disable IP forwarding in the IP
# kernel module.  This will prevent the remote machine from using the
# local machine as a gateway to access other hosts.
#
# Under Solaris 2.6, the value 2 is invalid; use 1 instead.
# See the man page for ip(7p) for details.
/usr/sbin/ndd -set /dev/ip ip_forwarding 2

Under Solaris 2.6, the value 2 is invalid; use 1 instead. See the man page for ip(7p) for details.

In order to have clients authenticate using PAP against the system password database, create a pap-secrets file that contains the following:

# Secrets for authentication using PAP
# client        server                  secret          IP addresses
*               *                       ""              *

Create a user for the dialin account. Use pppd as the login shell. A typical passwd entry would look like:

pppuser:x:1201:10:PPP Dialup Account:/:/usr/local/bin/pppd

mgetty Configuration

An excellent program from Gert Doering. Capable of far more than simply AutoPPP, later version include callback support as well. Make certain that you read the documentation before attempting an install. Pay special attention to the tuning of policy.h for your system.

AutoPPP

In order to enable AutoPPP support in mgetty you will need to edit the CFLAGS in the makefile and add -DAUTO_PPP to the line in addition to any other changes that need to be made in order to compile for your system.

In addition to changes to the *.config files you will need to perform for your particular system and mode, you'll next want to edit the login.config file. Uncomment the AutoPPP line and edit it so that it reads:
/AutoPPP/       -       -       /usr/local/bin/pppd auth require-pap refuse-chap login
(Note: The second "-" causes the user's login name to appear in utmp/wtmp.)

Remove the 'proxyarp' option if you're using a standalone server or want you dialup users to remain local.

Callback

Setting up a callback system can be very useful for reversing line charges and for security purposes. Mgetty includes this functionality.

Make sure that your callback.config is appropraite for your setup (it is similar in syntax and structure to the mgetty.config and sendfax.config files.

Add an appropriate entry to the login.config file:

cback      -       -       /usr/local/sbin/callback 123-555-5555

In this example, entering a login name of "cback" will cause mgetty to immediately hang up and call the number 123-555-5555 and attempt a data connection. Note that callback does not require or check for a password.

A Win95 DUN script for handling callback connections is easy to write:

;
; This is a script file that demonstrates how to establish a PPP connection
; with a host that uses a callback system.
;
; Note that you must set your modem to always assert Carrier Detect (CD) for
; this script to operate properly; typically by adding "C1" (without the
; quotes) to the modem config.
;


; Main entry point to script
;
proc main

   ; -------------------------------------------------------------------------
   ; Change these variables to customize for your specific Internet service
   ; provider.

   ; Attempt to login at most 'nTries' times.
   integer nTries = 3

   ; This is the login prompt and timeout values.
   string szLogin = "ogin:"
   integer nLoginTimeout = 3

   ; This is the password prompt and timeout values

   string szPW = "ssword:"
   integer nPWTimeout = 3

   ; Timer values for modem command communication.
   integer nGuard = 1
   integer nATTimeout = 10

   ; Callback user account name.
   string szCallbackUser = "cback"
   
   ; The "pre-welcome" message sent by callback.
   string szPreWelcome = "onnection established, please wait..."
   ; Connection message.
   string szConnect = "ok"
   ; Use PAP authentication in conjunction with AutoPPP.
   boolean nUSE_AutoPPP = FALSE;

   ;
   ; -------------------------------------------------------------------------

   while 0 < nTries do
      ; Wait for the login prompt before entering the user ID, timeout
      ; after 'nLoginTimeout' seconds.
      waitfor szLogin then DoLogin until nLoginTimeout

      ; Attempt to wake up terminal.
      transmit "^M"
      nTries = nTries - 1
   endwhile

   ; Failed to get a 'login:' prompt, bail out.
   goto BailOut

DoLogin:
   ; Send callback user account name.
   transmit szCallbackUser, raw

   ; Send final <CR> to complete callback user account name, and kick off
   ; the callback process.
   transmit "^M"
   ; Wait for the line to drop.
   waitfor "NO CARRIER"
   transmit "AT E0 Q0^M"
   ; Wait for an incoming call.
   waitfor "RING"
   ; Pick up the line in answer mode.
   transmit "AT A^M"
   waitfor "CONNECT"
   waitfor szPreWelcome
   waitfor szConnect

   if nUSE_AutoPPP
     then goto Done
   endif

   while 0 < nTries do
      ; Wait for the login prompt before entering the user ID, timeout
      ; after 'nLoginTimeout' seconds.
      waitfor szLogin then DoLogin2 until nLoginTimeout
TryAgain2:
      ; Attempt to wake up terminal.
      transmit "^M"
      nTries = nTries - 1
   endwhile

   ; Failed to get a 'login:' prompt, bail out.
   goto BailOut

DoLogin2:
   ; Enter user ID

   transmit $USERID, raw
   transmit "^M"
   ; Wait for the password prompt 

   waitfor szPW until nPWTimeout
   if FALSE == $SUCCESS then
      goto TryAgain2
   endif

   ; Send the password

   transmit $PASSWORD, raw
   transmit "^M"
   goto Done

BailOut:
   ; Something isn't responding.  Halt the script
   ; and let the user handle it manually.

   set screen keyboard on
   halt

Done:
   delay 1

endproc

Make certain that the dialing modem on the Win95 system is set to always assert Carrier Detect (CD) or the DUN manager will termanate the script as soon as the remote system hangs up.

Edit your /etc/inittab file to reflect your hardware. Utilizing 8 ports of a Cyclades Cyclom board would look as follows:

s0:45:respawn:/usr/local/sbin/mgetty /dev/ttyC0
s1:45:respawn:/usr/local/sbin/mgetty /dev/ttyC1
s2:45:respawn:/usr/local/sbin/mgetty /dev/ttyC2
s3:45:respawn:/usr/local/sbin/mgetty /dev/ttyC3
s4:45:respawn:/usr/local/sbin/mgetty /dev/ttyC4
s5:45:respawn:/usr/local/sbin/mgetty /dev/ttyC5
s6:45:respawn:/usr/local/sbin/mgetty /dev/ttyC6
s7:45:respawn:/usr/local/sbin/mgetty /dev/ttyC7

However, using a modem attached to a standard serial interface under Slackware, the following would be needed:

s0:45:respawn:/usr/local/sbin/mgetty /dev/ttyS0
s1:45:respawn:/usr/local/sbin/mgetty /dev/ttyS1

On a Sun Solaris 2.5.1 box with modems on the A/B serial ports:

ya:234:respawn:/usr/local/sbin/mgetty term/a
yb:234:respawn:/usr/local/sbin/mgetty term/b

Note that you must provide the correct path to your mgetty executable, e.g. /usr/sbin/mgetty as well as the correct runlevel.

Force init to reload inittab. On a Solaris box, this would be done by issuing the command:

init q

You should see your modem(s) initialize.

Try dialing in from a remote machine. If the modem answers, then mgetty should be working.

Additional troubleshooting information (such as that related to in- or out-going faxes) is contained in the mgetty documentation. Read the mgetty and pppd documentation and use the debugging features to narrow down the problem - is it related to mgetty, or the PPP negotiation phase. Most problems will come from improper settings in the pppd options file or problems with authentication.

Creating a Win95 DUN Connection

First, open the Dial-Up Networking folder and start the wizard by double-clicking "Make New Connection"

Give it a name and select an appropriate device.
Enter the area code, phone number, and country code of the server's incoming modem line.
Click "Finish".
Open up the "Properties" dialog for the connection you just created and select the "Server Types" tab.
Set "Type of Dial-Up Server" to "PPP: Windows 95, Windows NT 3.5, Internet".
Under "Advanced options" uncheck everything. OPTIONAL: Check "Enable software compression". The connection should attempt to negotiate a compatible software compression mode during the call setup, and fall back to none if one cannot be negotiated. Some users have reported performance problems with using this option; however, hard technical data on the nature of the problem is in short supply.
Under "Allowed network protocols"
uncheck everything except "TCP/IP".
Under "TCP/IP Settings" select "Server assigned IP address", "Server assigned name server addresses", "Use IP header compression", and "Use default gateway on remote network".
All other settings should be left at the defaults.

When the Dial-Up Networking connection is opened, enter the username and password of the dialin connection account that was previously created. During the call, mgetty will detect the PPP negotiation and hand off to pppd, which will negotiate with the client the assigned IP address, gateway, DNS, and WINS servers - no scripting necessary.