PPP connection with call-back

PPP connection with call-back

Post by Javier Martin Rued » Fri, 23 May 1997 04:00:00



Hello. I want to make a PPP connection between two sites using call-back
for better security, so that I can only access the remote site from a
set of specified telephone numbers.

Has anybody used any of the FreeBSD packages to do that?

 
 
 

PPP connection with call-back

Post by Brian Some » Sat, 24 May 1997 04:00:00




Quote:> Hello. I want to make a PPP connection between two sites using call-back
> for better security, so that I can only access the remote site from a
> set of specified telephone numbers.

> Has anybody used any of the FreeBSD packages to do that?

It's possible in theory with ppp, but I've never tried it.
If you do get it to work, an update to the handbook would be
great (nudge nudge:).

--

      <http://www.awfulhak.org>
Don't _EVER_ lose your sense of humour !

 
 
 

PPP connection with call-back

Post by Javier Martin Rued » Wed, 28 May 1997 04:00:00


Hi. It's me again :-)

I worked a little bit on this issue (establishing a PPP callback
connection) and this is what I've got. Of course, this is a very simple
and straightforward solution that is enough for me. It should be made
more general, better protected against unexpected errors, etc, but I'm
sending it here so that anyone who is interested can try it right
now. When I get more time, I'll try to make it more generic and document
it in the FAQ or Handbook (if anybody else has done it before :-) ).
By the way, I'm using ijppp. It works this way:

I want to make a PPP callback connection between these two machines, so
that machine A calls machine B, authenticates, and then machine B
returns the call to machine A:

machine A: IP address of PPP interface: 10.0.25.1. Phone: 555-1111.
machine B: IP address of PPP interface: 10.0.26.1. Phone: 555-2222.

In machine A, this is my configuration:

File /etc/ppp/ppp.conf:

====
default:
 set device /dev/modem
 set speed 115200
 disable lqr
 deny lqr

pppcb:
 set ifaddr 10.0.25.1 10.0.26.1
 set timeout 450
 set afilter 0 permit 0/0 0/0
 set ifilter 0 permit 0/0 0/0
 set ofilter 0 permit 0/0 0/0
 set dfilter 1 permit 0/0 0/0
====

PPP account:

_ACCOUNT_NAME_:*:65000:68::/home/ppp:/home/ppp/retrollamada
(Important: I make the PPP user to be in group dialer, as my modem can
only be accessed from that group.)

callback program (/home/ppp/retrollamada):
Comments are in Spanish, but I think it's easy to follow. My modem is
on COM2 (/dev/modem is a soft link to /dev/cuaa1).

/*
 * Programa para hacer retrollamada en un acceso a travs del mdem.
 *
 * Escrito por Javier Martn Rueda, mayo de 1997.
 */

/* Dispositivo del mdem. */
#define DISP_MODEM "/dev/modem"
#define DISP_TTYMODEM "/dev/ttyd1"

/* Nmero de telfono al que hay que devolver la llamada. */
#define TELEFONO "5552222"

/* Comando que hay que ejecutar tras devolver la llamada. */
#define COMANDO execl("/usr/sbin/ppp", "ppp", "-direct", "pppcb", NULL)

#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <termios.h>
#include <fcntl.h>
#include <unistd.h>
#include <signal.h>
#include <libutil.h>
#include <sys/errno.h>

void main(void)
{
  struct termios term_cb, term_orig;
  FILE *modem;
  int fd;

  /*
   * Hacer que el proceso ignore la deteccin de portadora, para evitar
   * que el sistema lo termine automticamente al colgar para devolver
   * la llamada.
   */
  if (tcgetattr(0, &term_orig) == -1) {
        perror("tcgetattr");
        exit(1);
  }
  term_cb = term_orig;
  term_cb.c_cflag |= CLOCAL;
  if (tcsetattr(0, TCSANOW, &term_cb) == -1) {
        perror("tcsetattr");
        exit(1);
  }

  /*
   * Cuelga el mdem, espera unos segundos y devuelve la llamada.
   * Si no logra conectar de nuevo antes de 120 segundos, sale sin ms.
   */
  cfsetospeed(&term_cb, B0);
  if (tcsetattr(0, TCSANOW, &term_cb) == -1) {
        perror("tcsetattr");
        exit(1);
  }
  close(0);
  close(1);
  close(2);
  sleep(5);
  if ((modem = fopen(DISP_MODEM, "r+")) == NULL)
        exit(1);
  fprintf(modem, "AT\r");
  fflush(modem);
  sleep(2);
  fprintf(modem, "AT\r");
  fflush(modem);
  sleep(2);
  fprintf(modem, "ATDT%s\r", TELEFONO);
  fflush(modem);
  fclose(modem);
  signal(SIGALRM, exit);
  alarm(120);
  fd = open(DISP_TTYMODEM, O_RDWR, 0);
  if (fd == -1)
        exit(1);
  if (login_tty(fd) == -1)
        exit(1);
  COMANDO;

Quote:}

Additionally, you may deny all logins in ttyd1, except this account
adding this to /etc/login.access:

-:ALL EXCEPT _ACCOUNT_NAME_:ttyd1

In machine B, this is my configuration:

File /etc/ppp/ppp.conf:

====
default:
 set device /dev/modem
 set speed 115200
 disable lqr
 deny lqr

pppcb:
 set phone 5551111
 set dial "ABORT BUSY ABORT NO\\sDIAL ABORT ERROR TIMEOUT 5 \"\" ATZ0 OK-AT-OK \\dATM0E0Q0DT\\T TIMEOUT 40 CONNECT"
 set login "TIMEOUT 5 login:-\\r-login: _ACCOUNT_NAME_ word: _PASSWORD_ TIMEOUT 60 NO\\sCARRIER \"\" RING ATA"
 set ifaddr 10.0.26.1 10.0.25.1
 set timeout 450
 set afilter 0 permit 0/0 0/0
 set ifilter 0 permit 0/0 0/0
 set ofilter 0 permit 0/0 0/0
 set dfilter 1 permit 0/0 0/0
====

I execute the ppp daemon like this: "ppp -auto pppcb".

As you can see, when ppp attempts to establish a connection, it will
dial machine A, login in the remote ppp account, expect that the call be
dropped, wait for an incoming call, and answer.

On the other hand, when machine A receives a call, it answers and asks
for a login with getty as always. If it is the ppp account, the callback
program is executed, which drops the call, calls back (waiting no more
that 120 seconds for an answer), and when both modems have connected,
executes the ppp daemon in direct mode.

I hope this is more or less clear enough, and that I haven't forgotten
anything.

 
 
 

PPP connection with call-back

Post by Javier Martin Rued » Wed, 28 May 1997 04:00:00


Hi. It's me again :-)

I worked a little bit on this issue (establishing a PPP callback
connection) and this is what I've got. Of course, this is a very simple
and straightforward solution that is enough for me. It should be made
more general, better protected against unexpected errors, etc, but I'm
sending it here so that anyone who is interested can try it right
now. When I get more time, I'll try to make it more generic and document
it in the FAQ or Handbook (if anybody else has done it before :-) ).
By the way, I'm using ijppp. It works this way:

I want to make a PPP callback connection between these two machines, so
that machine A calls machine B, authenticates, and then machine B
returns the call to machine A:

machine A: IP address of PPP interface: 10.0.25.1. Phone: 555-1111.
machine B: IP address of PPP interface: 10.0.26.1. Phone: 555-2222.

In machine A, this is my configuration:

File /etc/ppp/ppp.conf:

====
default:
 set device /dev/modem
 set speed 115200
 disable lqr
 deny lqr

pppcb:
 set ifaddr 10.0.25.1 10.0.26.1
 set timeout 450
 set afilter 0 permit 0/0 0/0
 set ifilter 0 permit 0/0 0/0
 set ofilter 0 permit 0/0 0/0
 set dfilter 1 permit 0/0 0/0
====

PPP account:

_ACCOUNT_NAME_:*:65000:68::/home/ppp:/home/ppp/retrollamada
(Important: I make the PPP user to be in group dialer, as my modem can
only be accessed from that group.)

callback program (/home/ppp/retrollamada):
Comments are in Spanish, but I think it's easy to follow. My modem is
on COM2 (/dev/modem is a soft link to /dev/cuaa1).

/*
 * Programa para hacer retrollamada en un acceso a travs del mdem.
 *
 * Escrito por Javier Martn Rueda, mayo de 1997.
 */

/* Dispositivo del mdem. */
#define DISP_MODEM "/dev/modem"
#define DISP_TTYMODEM "/dev/ttyd1"

/* Nmero de telfono al que hay que devolver la llamada. */
#define TELEFONO "5552222"

/* Comando que hay que ejecutar tras devolver la llamada. */
#define COMANDO execl("/usr/sbin/ppp", "ppp", "-direct", "pppcb", NULL)

#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <termios.h>
#include <fcntl.h>
#include <unistd.h>
#include <signal.h>
#include <libutil.h>
#include <sys/errno.h>

void main(void)
{
  struct termios term_cb, term_orig;
  FILE *modem;
  int fd;

  /*
   * Hacer que el proceso ignore la deteccin de portadora, para evitar
   * que el sistema lo termine automticamente al colgar para devolver
   * la llamada.
   */
  if (tcgetattr(0, &term_orig) == -1) {
        perror("tcgetattr");
        exit(1);
  }
  term_cb = term_orig;
  term_cb.c_cflag |= CLOCAL;
  if (tcsetattr(0, TCSANOW, &term_cb) == -1) {
        perror("tcsetattr");
        exit(1);
  }

  /*
   * Cuelga el mdem, espera unos segundos y devuelve la llamada.
   * Si no logra conectar de nuevo antes de 120 segundos, sale sin ms.
   */
  cfsetospeed(&term_cb, B0);
  if (tcsetattr(0, TCSANOW, &term_cb) == -1) {
        perror("tcsetattr");
        exit(1);
  }
  close(0);
  close(1);
  close(2);
  sleep(5);
  if ((modem = fopen(DISP_MODEM, "r+")) == NULL)
        exit(1);
  fprintf(modem, "AT\r");
  fflush(modem);
  sleep(2);
  fprintf(modem, "AT\r");
  fflush(modem);
  sleep(2);
  fprintf(modem, "ATDT%s\r", TELEFONO);
  fflush(modem);
  fclose(modem);
  signal(SIGALRM, exit);
  alarm(120);
  fd = open(DISP_TTYMODEM, O_RDWR, 0);
  if (fd == -1)
        exit(1);
  if (login_tty(fd) == -1)
        exit(1);
  COMANDO;

Quote:}

Additionally, you may deny all logins in ttyd1, except this account
adding this to /etc/login.access:

-:ALL EXCEPT _ACCOUNT_NAME_:ttyd1

In machine B, this is my configuration:

File /etc/ppp/ppp.conf:

====
default:
 set device /dev/modem
 set speed 115200
 disable lqr
 deny lqr

pppcb:
 set phone 5551111
 set dial "ABORT BUSY ABORT NO\\sDIAL ABORT ERROR TIMEOUT 5 \"\" ATZ0 OK-AT-OK \\dATM0E0Q0DT\\T TIMEOUT 40 CONNECT"
 set login "TIMEOUT 5 login:-\\r-login: _ACCOUNT_NAME_ word: _PASSWORD_ TIMEOUT 60 NO\\sCARRIER \"\" RING ATA"
 set ifaddr 10.0.26.1 10.0.25.1
 set timeout 450
 set afilter 0 permit 0/0 0/0
 set ifilter 0 permit 0/0 0/0
 set ofilter 0 permit 0/0 0/0
 set dfilter 1 permit 0/0 0/0
====

I execute the ppp daemon like this: "ppp -auto pppcb".

As you can see, when ppp attempts to establish a connection, it will
dial machine A, login in the remote ppp account, expect that the call be
dropped, wait for an incoming call, and answer.

On the other hand, when machine A receives a call, it answers and asks
for a login with getty as always. If it is the ppp account, the callback
program is executed, which drops the call, calls back (waiting no more
that 120 seconds for an answer), and when both modems have connected,
executes the ppp daemon in direct mode.

I hope this is more or less clear enough, and that I haven't forgotten
anything.

 
 
 

1. How realize a CALL-BACK PPP connection ?

Hello guys,
tanks very very much for the help, now I have IP masquerading working
at home and office !!!

But I want to make more with this wonderful LINUX.

Is there someone that know how to realize a call-back PPP connection?

At the moment I have two linux boxes, one at home and one in the office:
the office box is the PPP server, and the home box the client, all
structured
like explained in the PPP-howto an SERIAL-howto.

I've no ideas where to start !!!

Tanks in advance for the help

--
-----------------------------------------------------------------------
Andrea Partinico                          The opinion expressed here
TELECOM Italia                            is mine and not necessarly
Torino Italy                              those of TELECOM Italia S.p.A

2. xcalendar seg faults?

3. call-back connection

4. XF86Config for Trident 3/D 795 @ 16bpp

5. Reading from POP3 server using Sockets - HELP!

6. call-back connections

7. NEC260 IDE CDROM problems

8. ppp call-back configuration

9. ppp call-back howto

10. ...........[for my broken message about PPP call-back server].............

11. ...........How to make my linux pc a PPP call-back server?...........

12. CALL-BACK PPP HOWTO