[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Configuring Diald on gateway


I've included my configuration files below.  I also included the Register
file below which turns off DNS lookups from Windows.  Hopefully, this may
help.  If not, give me a call.

---


 > From: "zoqix" <http://www.yahoo.com/~zoqix>
 > Date: Tue, 31 Oct 2000 08:14:10 +0800
 >
 > Content-type: text/html ; charset = "Windows-1252"
 > 
 > ---Executing: html-to-ascii
 > Hi Robert,   Sorry for the late reply. May I know how you configure
 > Diald cos mine's not working very consistently. It keeps activating my
 > link when not needed to like when I'm accessing my internal network. For
 > example, pc1 is my gateway. pc2 and pc3 are my clients. The IPs are
 > 192.168.5.1, 2, and 3. pc1, 2, and 3 are their hostnames.   Some
 > examples are: telnet from pc2 to pc3 will activate the link ftp from pc2
 > to pc3 will also activate the link
 > From: "zoqix" <http://www.yahoo.com/~zoqix ,http://www.yahoo.com/~zoqix, >
 >  > Date: Tue, 10 Oct 2000 13:40:34 +0800
 >  >
 >  > Content-type: text/html ; charset = "Windows-1252"
 >  >
 >  > ---Executing: html-to-ascii
 >  > Hi,   I'm currently using the Diald program. My situation is that I'm
 >  > connecting my PC to a hub (which is connected to a gateway installed
 >  > with an adsl modem). When the gateway detect packets for external
 >  > network, it will run a script to activate my adsl modem. At timeout,
 > it
 >  > will run another script to down it. I'm using dynamic IP.   What if I
 >  > want to telnet to my internal network without activating my adsl
 > link?
 >  > How do I setup the dynamic dns on my gateway? I would want it to
 > update
 >  > the caching name server by the dhcp so that I could telnet by
 > hostnames.
 >  >   Thanks in advance, zoqix
 >  >
 > I don't have DSL, but I use diald+ipmasq and I can use my internal
 > network
 > fine w/o bringing up the modem.  If you are still having problems,
 > please
 > email me and I'll see what I can do.

-------------------------------------------------------------------------------
etc/diald.conf
-------------------------------------------------------------------------------
mode ppp
ip-up /etc/ppp/ip-up
pppd-options debug user xxxx lcp-max-configure 60 lcp-max-failure 60 lcp-max-terminate 12 lcp-echo-interval 6 lcp-echo-failure 50 noipdefault
# -pap
# refuse-pap refuse-chap
# ipcp-accept-local ipcp-accept-remote 
proxyarp
start-pppd-timeout 300
first-packet-timeout 240
connect /usr/local/lib/diald/connect
#disconnect /usr/local/lib/diald/disconnect
netmask 255.255.255.0
device /dev/modem
modem
lock
crtscts
local 192.168.0.1
#remote 192.168.0.2
remote 216.126.160.226
dynamic
#-buffer-packets
defaultroute
#impulse 600,599,1
#impulse 320,40
# if we get cut-off, don't even try to reconnect
died-retry-count 0
retry-count 10
outfill 30
#two-way
redial-timeout 6
redial-backoff-start 1
redial-backoff-limit 90
fifo /usr/local/lib/diald/fifo
include /usr/local/lib/diald/standard.filter
-------------------------------------------------------------------------------
lib/diald/standard.filter
-------------------------------------------------------------------------------
# This is a pretty complicated set of filter rules.
# (These are the rules I use myself.)
#
# I've divided the rules up into four sections.
# TCP packets, UDP packets, ICMP packets and a general catch all rule
# at the end.


#------------------------------------------------------------------------------
# Rules for TCP packets.
#------------------------------------------------------------------------------
# General comments on the rule set:
#
# In general we would like to treat only data on a TCP link as signficant
# for timeouts. Therefore, we try to ignore packets with no data.
# Since the shortest possible set of headers in a TCP/IP packet is 40 bytes.
# Any packet with length 40 must have no data riding in it.
# We may miss some empty packets this way (optional routing information
# and other extras may be present in the IP header), but we should get
# most of them. Note that we don't want to filter out packets with
# tcp.live clear, since we use them later to speedup disconnects
# on some TCP links.
#
# We also want to make sure WWW packets live even if the TCP socket
# is shut down. We do this because WWW doesn't keep connections open
# once the data has been transfered, and it would be annoying to have the link
# keep bouncing up and down every time you get a document.
#
# Outside of WWW the most common use of TCP is for long lived connections,
# that once they are gone mean we no longer need the network connection.
# We don't neccessarily want to wait 10 minutes for the connection
# to go down when we don't have any telnet's or rlogin's running,
# so we want to speed up the timeout on TCP connections that have
# shutdown. We do this by catching packets that do not have the live flag set.

# --- start of rule set proper ---

# When initiating a connection we only give the link 15 seconds initially.
# The idea here is to deal with possibility that the network on the opposite
# end of the connection is unreachable. In this case you don't really
# want to give the link 10 minutes up time. With the rule below
# we only give the link 15 seconds initially. If the network is reachable
# then we will normally get a response that actually contains some
# data within 15 seconds. If this causes problems because you have a slow
# response time at some site you want to regularly access, you can either
# increase the timeout or remove this rule.
#accept tcp 15 tcp.syn
accept tcp 90 tcp.syn

# Keep named xfers from holding the link up
ignore tcp tcp.dest=tcp.domain
ignore tcp tcp.source=tcp.domain

## keep local slip address from holding the link up
#ignore tcp ip.daddr=192.168.0.1
#ignore tcp ip.saddr=192.168.0.1

# I think these are for real audio
keepup tcp 20 tcp.dest=tcp.realaud2
keepup tcp 20 tcp.dest=tcp.realaud1
keepup tcp 20 tcp.source=tcp.realaud2
keepup tcp 20 tcp.source=tcp.realaud1

# Keep netbios from holding us up as well.
ignore tcp tcp.dest=tcp.netbios-ns
ignore tcp tcp.dest=tcp.netbios-dgm
ignore tcp tcp.dest=tcp.netbios-ssn

# (Ack! SCO telnet starts by sending empty SYNs and only opens the
# connection if it gets a response. Sheesh..)
# 7/21/98
keepup tcp 90 ip.tot_len=40,tcp.syn
ignore tcp ip.tot_len=40,tcp.syn

# keep empty packets from holding the link up (other than empty SYN packets)
# 7/20/98 -- don't ignore; let fall through...
#ignore tcp ip.tot_len=40,tcp.live

# make sure http transfers hold the link for 2 minutes, even after they end.
# If the link is already down, don't let a FIN packet bring it back up.
# NOTE: Your /etc/services may not define the tcp service www, in which
# case you should comment out the following two lines or get a more
# up to date /etc/services file. See the FAQ for information on obtaining
# a new /etc/services file.
#ignore tcp !tcp.live,tcp.dest=tcp.www
#ignore tcp !tcp.live,tcp.source=tcp.www
# 7/20/98 -- just fall through; will probably get 5 mins anyway...
#accept tcp 300 tcp.dest=tcp.www
#accept tcp 300 tcp.source=tcp.www

# Once the link is no longer live, we let the connection go down
# slowly (1.5 minutes).
keepup tcp 90 !tcp.live
ignore tcp !tcp.live

# an ftp-data or ftp connection can be expected to show reasonably frequent
# traffic.
# 7/21/98
#accept tcp 120 tcp.dest=tcp.ftp
#accept tcp 120 tcp.source=tcp.ftp

#NOTE: ftp-data is not defined in the /etc/services file provided with
# the latest versions of NETKIT, so I've got this commented out here.
# If you want to define it add the following line to your /etc/services:
# ftp-data        20/tcp
# and uncomment the following two rules.
# 7/21/98
#accept tcp 120 tcp.dest=tcp.ftp-data
#accept tcp 120 tcp.source=tcp.ftp-data

#ssh sessions should be up for 15 mins
keepup tcp 900 tcp.dest=tcp.ssh
keepup tcp 900 tcp.dest=tcp.sshcont

# If we don't catch it above, give the link 5 minutes up time.
keepup tcp 300 any
ignore tcp any

# Rules for UDP packets
#
# We time out domain requests right away, we just want them to bring
# the link up, not keep it around for very long.
# This is because the network will usually come up on a call
# from the resolver library (unless you have all your commonly
# used addresses in /etc/hosts, in which case you will discover
# other problems.)
# Note that you should not make the timeout shorter than the time you
# might expect your DNS server to take to respond. Otherwise
# when the initial link gets established there might be a delay
# greater than this between the initial series of packets before
# any packets that keep the link up longer pass over the link.

# Don't bring the link up for rwho.
ignore udp udp.dest=udp.who
ignore udp udp.source=udp.who
# Don't bring the link up for RIP.
ignore udp udp.dest=udp.route
ignore udp udp.source=udp.route
# Don't bring the link up for NTP or timed.
ignore udp udp.dest=udp.ntp
ignore udp udp.source=udp.ntp
ignore udp udp.dest=udp.timed
ignore udp udp.source=udp.timed
## keep local slip address from holding the link up
#ignore udp ip.daddr=192.168.0.1
#ignore udp ip.saddr=192.168.0.1
# Don't bring up on domain name requests between two running nameds.
#ignore udp udp.dest=udp.domain,udp.source=udp.domain
# Bring up the network whenever we make a domain request from someplace
# other than named.
accept udp 90 udp.dest=udp.domain 
ignore udp udp.source=udp.domain
#accept udp 90 udp.source=udp.domain
# Do the same for netbios-ns broadcasts
# NOTE: your /etc/services file may not define the netbios-ns service
# in which case you should comment out the next three lines.
ignore udp udp.dest=udp.netbios-ns
ignore udp udp.dest=udp.netbios-dgm
ignore udp udp.dest=udp.netbios-ssn
# windows is f**king pain
#keepup udp 30 udp.dest=udp.netbios-ns
#keepup udp 30 udp.source=udp.netbios-ns
#accept udp 30 udp.dest=udp.netbios-ns
#accept udp 30 udp.source=udp.netbios-ns
# keep routed and gated transfers from holding the link up
ignore udp tcp.dest=udp.route
ignore udp tcp.source=udp.route

# Anything else gest 2 minutes.
accept udp 120 any

# Give icmp packets 30 seconds.
accept icmp 30 any

# Any packets we did not catch above belong to some bizzare protocol
# that we don't know about. Keep up the line for 90 seconds.

keepup any 90 any
-------------------------------------------------------------------------------
dns-reg.reg
-------------------------------------------------------------------------------
REGEDIT4

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\VxD\MSTCP]
"EnableDNS"="0"





Why do you want this page removed?