Linux: ISDN

Contents

•  My configuration
•  Hints for GSM & X.75 dial-in (terminal + PPP)
•  Hints for T-DSL
•  RedHat 6.0 - 6.2
• Script files
•  DLD 6.0 (old, no longer maintained)
• Script files
•  DLD 5.4 (old, no longer maintained)
• Script files
•  DLD 5.3 (old, no longer maintained)
• Script files
•  DLD 5.21 (old, no longer maintained)
• Script files
•  Other links
•  Credits

• 1.21: Remove hint about tar-balls of this pages (no longer active)
  
• 1.20: Reviewed reject-masq for RH6.2
• 1.17: Add a link to a new page: GSM & X.75 dial-in
• 1.15: Reviewed scripts for RedHat 6.1, update of own configuration information
• 1.13: Getting MS-DNS IP addresses and use it locally
• 1.12: Two new scripts for stopping unintentional dial-on-demand and hangup
• 1.11: Updates for DLD 6.0
• 1.08: Updates for DLD 5.4, DNS offline/online configuration change is now done by ip-up & ip-down, triggered from ppp daemon
• 1.05: isdn.dial now changes the DNS configuration from local to remote, publishing of my DNS offline/online configuration files
• 1.03: Updates for DLD 5.3

My Configuration

• RedHat 6.2 Linux Distribution
• Kernel version: 2.2.17 (writing the document version 1.17)
• For ISDN: isdn4k-utils-3.1-22
• 3 computers (one as ISDN-gateway) + Nokia 9110, connected together in a private intranet, IP masquerading via firewall (transparent proxy) for packet routing through the ISDN connected computer into the Internet (see here a detailed picture)
• Dynamic allocated IPv4 PPP Internet access, now with automatic DNS forwarder switching
• Connection to the 6bone (IPv6) during a controlled tunnel server, see here for more details

Script files for RedHat 6.0 - 6.2

• The masquerading startup script (Reviewed for RedHat 6.1 + 6.2)
• /etc/rc.d/init.d/firewall+masq
• Features: loads all (or only selected) masquerading modules, setup some firewall rules to prevent undesirable dial-on-demand
• A script to prevent unintentional dial-on-demand at connections after a timeout-hangup, which are still in the masquerading table and waiting for the TCP/FIN packet
• /usr/local/sbin/reject-masq (only usable with kernel 2.1.102+ and ipchains!)
• Updated: automatic local network interface and IPv4 network detection and calculation, fix minor bugs
• Idea taken from Jochen Roedenbeck's reject-masq.c [only usable with ipfwadm] (new implementation for ipchains in Bash was faster and easier than hacking the old code...)
• Should be called from /etc/ppp/ip-down and also sometimes from cron (read description in the file!)

Script files for DLD 6.0 (old - no longer maintained)

• The masquerading startup script (it's a improved one, based on the DLD 6.0 original)
• /etc/init.d/masquerade
• Features: loads all (or only selected) masquerading modules, detect kernel automatically to use the correct firewall binary and setup some primitive firewall rules to prevent undesirable dial-on-demand
• A script to prevent unintentional hangups during interactive sessions like SSH or TELNET during long thinking about typing or reading
• /usr/local/sbin/holdconnections
• Should be called from /etc/ppp/ip-up
• Some stuff to to get the MS-DNS server IP addresses from a PPP daemon and using it locally, i.e. as forwarder addresses for a locally running BIND named.
• ftp://ftp.bieringer.de/pub/linux/dialup/

Script files for DLD 5.4 (old - no longer maintained)

Online/offline depended hostname resolving and nameserver configuration

You will need

• The switching script
• /usr/local/sbin/switch_gethostbyname
• Script can be called with option online or offline
• Depending on the given option it creates (with previous making a backup of the older real file) softlinks to the related configuration files. Also, if the local nameserver is running and its configuration file is changed, it gets the signal HUP to notify the changes (nameserver reloading).
• Which is triggered by the ppp-daemon at succcessful dial-up during calling
• /etc/ppp/ip-up (example, this file is executed by ppp daemon after a successful dial-up, if the IP-link is ready to use)
• Here you can see also a trigger for the automatic tunnel setup for IPv6 (see here for details)
• And also triggered by the ppp-daemon if the connection is coming down calling
• /etc/ppp/ip-down (example, this file is executed by ppp daemon after getting a hangup signal before the IP-link is going down)
• Here you can see also a trigger for a script which deletes all routes through the dial-up interface. This prevents you from some strange behavior, if you trigger the next dial-up and get another IP address (I get such problems, because some routes are still there after hangup and wrong after next dial-up).
• /usr/local/sbin/ip4delroute (the route deletetion script)
• The configuration files, now some examples (actually you have to change the contents for your enviroment):
• Nameserver configuration files
• /etc/namedb/named.conf.offline (no query forwarding to outsided nameservers)
• /etc/namedb/named.conf.online (query forwarding to outsided nameservers)
• Name resolver information files
• /etc/resolv.conf.offline (only using the internal nameserver)
• /etc/resolv.conf.online (using outsided, too)
• Name resolver (used by client applications) configuration files
• /etc/host.conf.offline (only using /etc/hosts)
• /etc/host.conf.online (using nameservers, too)

Startup script for IP masquerading with kernel-level firewalling (working as a transparent proxy):

• DLD 5.4-init compatible!
• You can't use this script without adaptation in other System V startup enviroments! In this case take the older one.
• Loads and removes all available IP-masquerading kernel modules
• Autodectection of the firewall setup program (for 2.0.x and 2.1.101- needs ipfwadm, 2.1.102+ needs ipchains)
• Sets up firewall rule for IP masquerading
• Enable/disable switch controlled by dldadmin|Services
• I know, masquerading isn't a daemon, but I found no other easy way to control enable/disable by the user. Perhaps sometimes all services (not only daemons) can be controlled at this menu point.

You will need

• The startup script
• /etc/init.d/ip-masq.init
• 3 links to the script (perhaps, if you're using other runlevels, you need additional links, too)
• To start IP-masquerading at runlevel 3 (normal boot level)
• ln -s /etc/init.d/ip-masq /etc/rc3.d/S62ip-masq.init
• To stop IP-masquerading at reboot, halt
• ln -s /etc/init.d/ip-masq /etc/rc0.d/K91ip-masq.init
• ln -s /etc/init.d/ip-masq /etc/rc6.d/K91ip-masq.init
• An additional entry in runservices (required - in other cases you have to change the startup script), now you can enable/disable IP-masquerading by using dldadmin
• /etc/sysconfig/runservices (example)

Script files for DLD 5.3 (old - no longer maintained)

1. Initialisation of the hardware (ISA Plug & Pray)
2. Hardware depended setup
3. PPP depended setup

Only a dialing control is needed for following features:

• Dial-up success tester
• Automatic DNS resolver configuration changing after sucessfull dial-up
• Automatic DNS server configuration changing after sucessfull dial-up
• After hangup, all routes to the dialing interface will be deleted to prevent re-dial-up

You need also the special script ip4delroute

• And here are the configuration files for switching:

• /etc/namedb/named.boot
• /etc/namedb/named.boot.online
• /etc/resolv.conf
• /etc/resolv.conf.online
• /etc/host.conf
• /etc/host.conf.online

And a startup program for IP masquerading with firewall (transparent proxy):

• Loads and remove necessary kernel modules
• Sets up firewall rule for IP masquerading

Script files for DLD 5.21 (old - no longer maintained)

Features of my script files

• Startup script files in SystemV look&feel, tested under Delix DLD 5.21.
• Contents of the configuration files is self-descriptive (I hope so).
• Automatic DNS resolver configuration changing after sucessfull dial-up

1. Initialisation of the hardware (ISA Plug & Pray) - done in DLD 5.3 by
2. Hardware depended setup
3. PPP depended setup

Here the steps:

• /etc/init.d/isapnp is executed by the system startup script via the link /etc/rc*.d/S??isapnp
• It takes the information from /etc/isapnp.confand sets up the information
• More PNP setup information you can get in the actual software package isapnp, which is on the internet
• /etc/init.d/isdn.init is executed by the system startup script via the link /etc/rc*.d/S??isdn.init
1. Calls the hardware depended setup script /usr/local/sbin/isdn-hw.init
1. Takes information from /etc/sysconfig/isdn-hw
2. Sets up the hardware specific parts
1. Checks PNP configuration
2. Load several ISDN related modules
3. Initialize the ISDN driver
4. Starts the ISDN log program
2. Calls the PPP depended setup script /usr/local/sbin/isdn-syncppp.init
1. Takes information from /etc/sysconfig/isdn-syncppp
2. Sets up the protocol specific parts
1. Load masquerading modules
2. Create ISDN network device
3. Configure the ISDN device
4. Starts the ippp-daemon
• /usr/local/sbin/isdn.dial is executed by the root user on demand
• Trigger dial-up
1. Dial-up tries like specified
2. If succeeded, set up default route to the interface and changes the /etc/resolv.conf to a specified one using external DNS
• Trigger hang up
1. Trigger hang-up
2. Clear all routes to the ISDN device with special script ip4delroute and changes the /etc/resolv.conf to a specified one using internal DNS
3. Create ISDN network device
• Trigger sleep
1. Trigger hang-up
2. Changes nothing, so after an access to the interface (a packet will be routed through), an automatic dial-up is triggered

List of links

• http://www.rosat.mpe-garching.mpg.de/~web/ISDN.html
• http://pc16154.pharmazie.uni-marburg.de/dettmering/dld-isdn/index.html

Credits

• Werner Becker <web@mpe-garching.mpg.de>
• Finding errors in this page
• A.N. Kuznetsov <kuznet@ms2.inr.ac.ru> for
• Adaptations concerning compatibility to development kernel
• Jochen Roedenbeck <roe@spl-spindel.de>
• For the idea of reject-masq

Your connection is via: IPv4 Your address: 38.107.179.230

Interest in sending a donation to the author?

www.bieringer.de is maintained by webmaster at bieringer dot de (Impressum)

IPv6 connectivity is provided by