Subject: Re: pppd question on activate connection to ISP
To: Chan Yiu Wah <c5666305@hkstar.com>
From: Frederick Bruckman <fb@enteract.com>
List: current-users
Date: 12/11/1999 00:51:40
On Sat, 11 Dec 1999, Chan Yiu Wah wrote:
> I am using the on demanding pppd (2.3.9), dhcpd and samba (2.0.6) to
> allow our LAN users to share the ISP line. I notice that the pppd will
> activate an connection to the ISP (in down status) when there is traffic
> within the LAN. I would like to limit it to if there is outgoing request
> to the internet (e.g. run netscape at Win98), there should be a request
> for the connection to the ISP. I use active-filter-in option in the peers
> scripts. Any idea on how to limit it to outgoing to internet case? Thanks.
You didn't say you were running named. If the only nameservers are on
the other side of the ppp link, that would bring up the connection on
any network activity, for sure. You can't filter port 53, either, or
the demand dialing won't work satisfactorily. All that's required is a
simple caching only nameserver. (Look at the example named.conf.)
If you run "tcpdump" on the ppp interface with the same filter, while
the clients (should) have no outgoing connections, you'll see exactly
what's slipping through and bringing up the link. Then you can take
appropriate action--either add to the filter, or fix or deinstall the
perpretator on the windoze client.
> # demand dailing additions
> demand
> holdoff 900
> 100.66.33.159:100.82.0.0
> active-filter-in "udp or (tcp and not tcp port ntp)"