lf192, System Administration: �� Internet

�� : English Castellano Deutsch Francais Nederlands Russian Turkce

�� Guido Socher

�� :

Guido �� Linux. �� -�� , �� -�� Linux.

��:

��
�� pppd
DNS proxy
��
Trouble shooting
��
��

�� Internet

��:

�� �� ISP �� Linux � �� .
�� Internet, �� , ��, �� Internet �� . ��, �� - �� DNS proxy (DNS forwarding) � IP masquerading �� Linux.

��

� �� Internet �� . �� ISP �� . �� - �� . � �� "Internet by Call". �� -�� . �� . �� , �� Internet. �� Internet �� . �� "Internet by Call" �� , �� , �� . �� , �� Internet ��.

�� , �� - point-to-point (PPP). �� Linux �� pppd, �� . �� , �� , � �� , �� . �� ISP � �� :

�� IP ��
�� DNS
chap �� pap ��
�� http �� proxy

�� . ��, �� - �� , �� .

�� IP masquerading �� Linux �� Internet �� ppp-��. �� , �� Linux.

�� IP masquerading � �� :

�� DNS ��, �� .
�� ISP, �� . �� .

�� 1) �� DNS proxy dnrd � 2) cgi �� web �� (screenshot) � �� .

�� pppd

�� pppd �� /etc/ppp � �� root. �� root'��. �� . �� root'�, �� -�� .

�� pppd :

/etc/ppp/options : ��, �� ISP
/etc/ppp/pap-secrets : �� pap ��
/etc/ppp/ip-up : ��, �� PPP-��
/etc/ppp/ip-up : ��, �� PPP-��
/etc/ppp/peers/ : �� , �� ISP

�� ppp.tar.gz, �� /etc, �� ppp � �� . �� /etc/ppp �� :

cd /etc
mv ppp ppp_old
tar zxvf ppp.tar.gz

�� . �� . (�� : ��-�� . �� . �� web ��.)

�� ISP arcor :

# This is /etc/ppp/peers/arcor
# Home page of the ISP arcor: http://www.arcor-online.de/
#----------
# serial device and modem speed (normally 38400 or 57600):
/dev/modem 57600
# modem dial-out script with phone number:
connect '/etc/ppp/scripts/ppp-on-dialer-pap 0192070'
# specific options, common options are
# read from /etc/ppp/options
noipdefault
# tell pppd to use this users name for PAP authentication:
user arcor
# try dynamic dns:
usepeerdns
#

��, �� # - ��. �� (/dev/modem) �� . �� softlink � ��, �� (/dev/ttyS0 �� /dev/ttyS1):

cd /dev
ln -s ttyS0 modem

57600 - �� , �� . ��, �� "connect" �� (/etc/ppp/scripts/ppp-on-dialer-pap) �� AT ��. �� . ��, �� (0192070) - �� .
�� noipdefault �� IP ��, � usepeerdns - �� DNS, �� - �� ISP �� IP �� 1 � 2 DNS ��, �� /etc/ppp/ip-up script �� DNS1 � DNS2.

�� resolver �� /etc/resolv.conf. �� (/etc/resolv.conf) �� netscape, sendmail... �� DNS ��. � �� ip-up �� /etc/resolv.conf.

��, �� (0192070, �� ), �� , �� pppd. � �� /etc/ppp/options. �� man page pppd. �� (arcor). �� (�� ) :
login name: arcor
password: internet

�� /etc/ppp/pap-secrets, � �� /etc/ppp/peers/arcor. �� /etc/ppp/pap-secrets:

# This is /etc/ppp/pap-secrets
# client server secret IP-addr
arcor * internet 0.0.0.0

�� . �� :

pppd call arcor

arcor � �� - �� /etc/ppp/peers/
�� online. � �� /sbin/ifconfig �� ppp0. �� /sbin/ifconfig �� . �� linuxfocus.org.

�� :

killall pppd

�� . �� . �� �� , ��  ISP. �� -�� -�� , �� shooting section � �� .

� �� . �� :

�� /etc/ppp/peers/arcor � ��
��
�� /etc/ppp/pap-secrets

�� .

�� . �� , �� . � �� Set-UID perl �� Internet �� (�� root'��).

Set-UID - ��, �� . �� , �� . �� ppp.tar.gz, �� . � �� "s" � �� - root :

> cd /etc/ppp/scripts
> ls -al ppp-on ppp-off
-rwsr-sr-x 1 root root 1258 Jan 7 13:24 ppp-off
-rwsr-sr-x 1 root root 2619 Jan 9 20:30 ppp-on

�� , �� :
chmod 6755 ppp-off ppp-on.
�� - pppd call some-config-file �� killall pppd. �� , �� . �� ppp-on �� ISP �� DNS. �� . �� :

���������� ���������� :
/etc/ppp/scripts/ppp-on arcor
��������� Internet ���������� :
/etc/ppp/scripts/ppp-off

�� . arcor - �� /etc/ppp/peers/. �� -��.

�� . Cgi-�� - �� . �� cgi-�� . �� .

�� Linux � �� -�� apache. �� pppcontrol.gz � �� cgi �� -�� (�� /home/httpd/cgi-bin/), �� chmod 755 pppcontrol � �� $url. �� url �� . ��, �� , �� IP �� :

$url="http://127.0.0.1/cgi-bin/pppcontrol";

Cgi-�� pppcontrol �� /etc/ppp/gpppwrap.conf, �� :

ppponarg: <agument_to_pass_to_ppp_on> - some additional comment string

�� (-) � �� - ��, �� pppcontrol, �� /etc/ppp/scripts/ppp-on. �� "arcor" � "talknet" � /etc/ppp/peers :

# This is /etc/ppp/gpppwrap.conf
ppponarg: arcor -- arcor.net 3pf/min
ppponarg: talknet -- internet by call 3.5pf/min

�� : �� 3pf/min � 3.5pf/min �� .

�� , �� , �� /�� ISP, �� .
�� ISP �� .

DNS proxy

� �� . �� DNS �� , �� /etc/resolv.conf �� .
�� IP masquerading �� , �� /etc/resolv.conf �� . �� Windows, �� , �� DNS �� . �� - DNS proxy. �� DNS �� DNS server �� , � �� , �� DNS �� ISP. �� Bind-DNS �� , �� .
�� dnrd. �� .
network with IP
masquerading

�� dnrd �� Linux � �� IP �� (192.168.0.1) � �� DNS �� .

�� dnrd �� :

unapck it:
tar zxvf dnrd-2.8.tar.gz
cd dnrd-2.8/src/
compile it:
make
strip dnrd
install it:
cp dnrd /usr/local/sbin/
create the empty directory /etc/dnrd/ :
mkdir /etc/dnrd/

�� DNS proxy dnrd (195.50.149.33 � 195.50.140.6 - DNS �� ISP) :

when the ppp-link becomes active:
dnrd -s 195.50.149.33 -s 195.50.140.6
when you terminate the connection you run:
dnrd

� �� dnrd �� /etc/ppp/ip-up � /etc/ppp/ip-down, �� dnrd � �� /usr/local/sbin/.

dnrd �� . �� DNS �� . �� Unix - �� /etc/host.conf
order hosts, bind
�� /etc/hosts . � �� Windows. �� dnrd �� /etc/hosts �� - �� DNS �� . �� !

�� /etc/hosts :

# syntax:
# ip-addr hostname alias1 alias2 ...
# example:
192.168.0.1 linuxpc.mynet linuxpc
192.168.0.2 peppermint.mynet pepper mint

dnrd �� http://linuxpc.mynet/ �� http://linuxpc/ �� http://192.168.0.1/

�� dnrd �� DNS proxy, �� DNS �� . ��

daemon /usr/local/sbin/dnrd

� �� start �� /etc/rc.d/init.d/network (�� redhat, mandrake... �� ).

�� . �� Internet �� , �� ISP. �� cgi-�� pppcontrol.

��

�� dnrd � �� DNS proxy, �� /etc/ppp/ip-up � /etc/ppp/ip-down �� /etc/resolv.conf. �� , ��
echo .....> /etc/resolv.conf
��
cat > /etc/resolv.conf << ENDOFCAT
...
ENDOFCAT
�� DNS ��

# This is /etc/resolv.conf when dnrd is running
nameserver 127.0.0.1

�� DNS proxy � �� nslookup:

>nslookup
Default Server:  localhost
Address:  127.0.0.1

>pepper
Server:  localhost
Address:  127.0.0.1

Non-authoritative answer:
Name:    peppermint.mynet
Address:  192.168.0.2

�� nslookup (crtl-d).

Trouble shooting

� �� , �� pppd. �� . � �� , �� .

��, � �� pppd - �� (/dev/modem �� /dev/ttyS0) �� /etc/ppp/scripts/ppp-on-dialer-pap. �� , � �� , �� AT ��, � �� ISP. �� - �� /etc/ppp/connect-errors. � �� . �� - �� AT. �� - minicom (�� Linux) �� cu (�� uucp) �� kermit (http://www.columbia.edu/kermit/ck70.html). �� . �� AT �� "OK". �� - �� , �� .�. �� "OK" - �� ATDT1234. �� 1234. �� - �� . �� ATD1234 (�� T)...

�� ISP �� . �� /etc/syslog.conf �� ";daemon.debug " � ��, �� /var/log/messages :

*.info;mail.none;authpriv.none;daemon.debug   /var/log/messages

�� syslog :
/etc/rc.d/init.d/syslog restart
�� "debug" �� /etc/ppp/options (�� , �� Setting up pppd). �� :

tail -f /var/log/messages

� �� ISP.

�� :

Jan 14 17:18:11 bearix pppd[721]: pppd 2.3.10 started by root, uid 0
Jan 14 17:18:34 bearix pppd[721]: Serial connection established.
Jan 14 17:18:34 bearix pppd[721]: Using interface ppp0
Jan 14 17:18:34 bearix pppd[721]: Connect: ppp0 <--> /dev/modem
Jan 14 17:18:35 bearix pppd[721]: sent [LCP ConfReq id=0x1 ]
Jan 14 17:18:37 bearix pppd[721]: rcvd [LCP ConfReq id=0x46 ]
Jan 14 17:18:37 bearix pppd[721]: sent [LCP ConfNak id=0x46 ]
Jan 14 17:18:38 bearix pppd[721]: rcvd [LCP ConfReq id=0x47 ]
Jan 14 17:18:38 bearix pppd[721]: sent [LCP ConfAck id=0x47 ]
Jan 14 17:18:38 bearix pppd[721]: sent [LCP ConfReq id=0x1 ]
Jan 14 17:18:38 bearix pppd[721]: rcvd [LCP ConfAck id=0x1 ]
Jan 14 17:18:38 bearix pppd[721]: sent [PAP AuthReq id=0x1 user="arcor" password="internet"]
Jan 14 17:18:40 bearix pppd[721]: rcvd [LCP ConfReq id=0x49 ]
Jan 14 17:18:40 bearix pppd[721]: sent [LCP ConfReq id=0x2 ]
Jan 14 17:18:40 bearix pppd[721]: sent [LCP ConfAck id=0x49 ]
Jan 14 17:18:41 bearix pppd[721]: rcvd [LCP ConfAck id=0x2 ]
Jan 14 17:18:41 bearix pppd[721]: rcvd [CHAP Challenge id=0x5 <0c7672840494152025f937ac4f5e135e>, name = "klndiinternet"]
Jan 14 17:18:41 bearix pppd[721]: sent [CHAP Response id=0x5 , name = "arcor"]
Jan 14 17:18:41 bearix pppd[721]: rcvd [CHAP Success id=0x5 ""]
Jan 14 17:18:41 bearix pppd[721]: sent [IPCP ConfReq id=0x1 ]
Jan 14 17:18:41 bearix pppd[721]: sent [CCP ConfReq id=0x1 ]
Jan 14 17:18:41 bearix pppd[721]: rcvd [IPCP ConfReq id=0x8e ]
Jan 14 17:18:41 bearix pppd[721]: sent [IPCP ConfAck id=0x8e ]
Jan 14 17:18:41 bearix pppd[721]: rcvd [IPCP ConfRej id=0x1 ]
Jan 14 17:18:41 bearix pppd[721]: sent [IPCP ConfReq id=0x2 ]
Jan 14 17:18:41 bearix pppd[721]: rcvd [LCP ProtRej id=0xfb 80 fd 01 01 00 0f 1a 04 78 00 18 04 78 00 15 03 2f]
Jan 14 17:18:41 bearix pppd[721]: rcvd [IPCP ConfNak id=0x2 ]
Jan 14 17:18:41 bearix pppd[721]: sent [IPCP ConfReq id=0x3 ]
Jan 14 17:18:41 bearix pppd[721]: rcvd [IPCP ConfAck id=0x3 ]
Jan 14 17:18:41 bearix pppd[721]: local IP address 145.253.88.6
Jan 14 17:18:41 bearix pppd[721]: remote IP address 145.253.1.150
Jan 14 17:18:41 bearix pppd[721]: primary DNS address 145.253.2.11
Jan 14 17:18:41 bearix pppd[721]: secondary DNS address 145.253.2.75
Jan 14 17:18:41 bearix pppd[721]: Script /etc/ppp/ip-up started (pid 723)
Jan 14 17:18:42 bearix pppd[721]: Script /etc/ppp/ip-up finished (pid 723), status = 0x0

�� ppp. � �� , �� - "sent ... ConfReq" �� , "rcvd ... ConfAck" - ��, "rcvd ... ConfRej" - ��. �� - �� IP �� IP �� .

�� , �� . �� . �� -�� -�� , �� -�� - �� ISP. ��, �� .

��

�� , ��, ��.
�� , �� : ppp.tar.gz, pppcontrol.gz, dnrd-2.10.tar.gz
�� DNS proxy dnrd: http://members.home.com/garsh/dnrd/ �� dnrd-2.10, �� LinuxFocus : dnrd-2.10.tar.gz
ppp ��, �� - �� gpppwrap. gpppwrap, �� gtk+ GUI. gpppwrap �� : http://main.linuxfocus.org/~guido/
��, �� , �� . ��, � �� Masqdialer �� .

��

� �� . �� .

talkback page

Webpages maintained by the LinuxFocus Editor team
© Guido Socher, FDL
LinuxFocus.org
Click here to report a fault or send a comment to LinuxFocus

Translation information:

en	->	--	Guido Socher
en	->	ru	Kirill Poukhliakov

2001-02-24, generated by lfparser version 2.8

������������� ������ ����������� ��� ������� � Internet

��������

��������� pppd

DNS proxy

�������������

Trouble shooting

������

�������� �������

�� Internet

��

�� pppd

��

��

��