On 29-Jul-99 Chan Yiu Wah wrote:
> Hello,
> 
> I am going to setup the ipnat for our organization to share the dialup
> service for a small lan (three machines running Win98) next week. 
> I would like to know if there is tool to monitor and tunning it.  If so,
> where can I get this information.  Thanks.

If you're working with a ppp dialup line the hardest part isn't setting up the
ipnat.conf, (I'd suggest you to also install socks5, many windows applications
get advantage of it...) but getting ppp's active filter right to make it
connect only when a connection is really needed.

Windows tends to generate a lot of noise on a network, and often it or
other programs try to send ackets to the internet even if users didn't mean
it.(some cd and mpeg players try to connect to internet databases for
example...)

So I'd suggest you to use tcpdump for a while logging everything, so, when the
router unexpectedly connects to the internet you have the logs to discover
which packet activated it, and modify the active filter accordingly.

I've never used anything more than tcpdump to monitor and tune pppd....
 
another issue are dns lookups, if someone tries to do a query about a name not
in you domain the router will connect to the internet, so i think it is a good
idea to disable the ns port...And perhaps also the icmp proto, just in case
someone tries to keep the connection indefinitely up in this trivial way...

Guido Falsi <mad@mail.cosmos.it>