diff options
Diffstat (limited to 'package/ppp/files')
| -rw-r--r-- | package/ppp/files/etc/ppp/chap-secrets | 1 | ||||
| -rw-r--r-- | package/ppp/files/etc/ppp/filter | 23 | ||||
| -rwxr-xr-x | package/ppp/files/etc/ppp/ip-down | 9 | ||||
| -rwxr-xr-x | package/ppp/files/etc/ppp/ip-up | 9 | ||||
| -rw-r--r-- | package/ppp/files/etc/ppp/options | 6 | ||||
| -rw-r--r-- | package/ppp/files/etc/ppp/radius.conf | 8 | ||||
| -rw-r--r-- | package/ppp/files/etc/ppp/radius/dictionary | 253 | ||||
| -rw-r--r-- | package/ppp/files/etc/ppp/radius/dictionary.asnet | 3 | ||||
| -rw-r--r-- | package/ppp/files/etc/ppp/radius/dictionary.microsoft | 81 | ||||
| -rw-r--r-- | package/ppp/files/etc/ppp/radius/servers | 2 | ||||
| -rw-r--r-- | package/ppp/files/ppp.sh | 29 | ||||
| -rw-r--r-- | package/ppp/files/pppoa.sh | 20 | ||||
| -rw-r--r-- | package/ppp/files/pppoe.sh | 21 |
13 files changed, 465 insertions, 0 deletions
diff --git a/package/ppp/files/etc/ppp/chap-secrets b/package/ppp/files/etc/ppp/chap-secrets new file mode 100644 index 0000000000..6ab76e49e9 --- /dev/null +++ b/package/ppp/files/etc/ppp/chap-secrets @@ -0,0 +1 @@ +#USERNAME PROVIDER PASSWORD IPADDRESS diff --git a/package/ppp/files/etc/ppp/filter b/package/ppp/files/etc/ppp/filter new file mode 100644 index 0000000000..ec72a81a01 --- /dev/null +++ b/package/ppp/files/etc/ppp/filter @@ -0,0 +1,23 @@ +# +# Expression: outbound and not icmp[0] != 8 and not tcp[13] & 4 != 0 +# +19 +48 0 0 0 +21 0 16 1 +40 0 0 2 +21 0 13 33 +48 0 0 13 +21 0 5 1 +40 0 0 10 +69 9 0 8191 +177 0 0 4 +80 0 0 4 +21 6 7 8 +21 0 5 6 +40 0 0 10 +69 3 0 8191 +177 0 0 4 +80 0 0 17 +69 1 0 4 +6 0 0 4 +6 0 0 0 diff --git a/package/ppp/files/etc/ppp/ip-down b/package/ppp/files/etc/ppp/ip-down new file mode 100755 index 0000000000..334bcb885a --- /dev/null +++ b/package/ppp/files/etc/ppp/ip-down @@ -0,0 +1,9 @@ +#!/bin/sh +[ -z "$6" ] || env -i ACTION="ifdown" INTERFACE="$6" PROTO=ppp /sbin/hotplug "iface" + +[ -d /etc/ppp/ip-down.d ] && { + for SCRIPT in /etc/ppp/ip-down.d/* + do + [ -x "$SCRIPT" ] && "$SCRIPT" $@ + done +} diff --git a/package/ppp/files/etc/ppp/ip-up b/package/ppp/files/etc/ppp/ip-up new file mode 100755 index 0000000000..34b4b50e15 --- /dev/null +++ b/package/ppp/files/etc/ppp/ip-up @@ -0,0 +1,9 @@ +#!/bin/sh +[ -z "$6" ] || env -i ACTION="ifup" INTERFACE="$6" PROTO=ppp /sbin/hotplug "iface" + +[ -d /etc/ppp/ip-up.d ] && { + for SCRIPT in /etc/ppp/ip-up.d/* + do + [ -x "$SCRIPT" ] && "$SCRIPT" $@ + done +} diff --git a/package/ppp/files/etc/ppp/options b/package/ppp/files/etc/ppp/options new file mode 100644 index 0000000000..d74de79306 --- /dev/null +++ b/package/ppp/files/etc/ppp/options @@ -0,0 +1,6 @@ +#debug +noaccomp +nopcomp +nocrtscts +lock +maxfail 0 diff --git a/package/ppp/files/etc/ppp/radius.conf b/package/ppp/files/etc/ppp/radius.conf new file mode 100644 index 0000000000..0f24a8c7f7 --- /dev/null +++ b/package/ppp/files/etc/ppp/radius.conf @@ -0,0 +1,8 @@ +authserver localhost:1812 +acctserver localhost:1813 +dictionary /etc/ppp/radius/dictionary +servers /etc/ppp/radius/servers +mapfile /dev/null +seqfile /tmp/radius.seq +radius_timeout 5 +radius_retries 3 diff --git a/package/ppp/files/etc/ppp/radius/dictionary b/package/ppp/files/etc/ppp/radius/dictionary new file mode 100644 index 0000000000..706d1ce99c --- /dev/null +++ b/package/ppp/files/etc/ppp/radius/dictionary @@ -0,0 +1,253 @@ +# +# Updated 97/06/13 to livingston-radius-2.01 miquels@cistron.nl +# +# This file contains dictionary translations for parsing +# requests and generating responses. All transactions are +# composed of Attribute/Value Pairs. The value of each attribute +# is specified as one of 4 data types. Valid data types are: +# +# string - 0-253 octets +# ipaddr - 4 octets in network byte order +# integer - 32 bit value in big endian order (high byte first) +# date - 32 bit value in big endian order - seconds since +# 00:00:00 GMT, Jan. 1, 1970 +# +# Enumerated values are stored in the user file with dictionary +# VALUE translations for easy administration. +# +# Example: +# +# ATTRIBUTE VALUE +# --------------- ----- +# Framed-Protocol = PPP +# 7 = 1 (integer encoding) +# + +# The dictionary format now supports vendor-specific attributes. +# Vendors are introduced like this: +# +# VENDOR vendor_name vendor_number +# +# For example: +# +# VENDOR RoaringPenguin 10055 +# +# Vendor-specific attributes have a fifth field with the name of the +# vendor. For example: +# +# ATTRIBUTE RP-Upstream-Speed-Limit 1 integer RoaringPenguin +# +# introduces a Roaring Penguin vendor-specific attribbute with name +# RP-Upstream-Speed-Limit, number 1, type integer and vendor RoaringPenguin. + +# +# Following are the proper new names. Use these. +# +ATTRIBUTE User-Name 1 string +ATTRIBUTE Password 2 string +ATTRIBUTE CHAP-Password 3 string +ATTRIBUTE NAS-IP-Address 4 ipaddr +ATTRIBUTE NAS-Port-Id 5 integer +ATTRIBUTE Service-Type 6 integer +ATTRIBUTE Framed-Protocol 7 integer +ATTRIBUTE Framed-IP-Address 8 ipaddr +ATTRIBUTE Framed-IP-Netmask 9 ipaddr +ATTRIBUTE Framed-Routing 10 integer +ATTRIBUTE Filter-Id 11 string +ATTRIBUTE Framed-MTU 12 integer +ATTRIBUTE Framed-Compression 13 integer +ATTRIBUTE Login-IP-Host 14 ipaddr +ATTRIBUTE Login-Service 15 integer +ATTRIBUTE Login-TCP-Port 16 integer +ATTRIBUTE Reply-Message 18 string +ATTRIBUTE Callback-Number 19 string +ATTRIBUTE Callback-Id 20 string +ATTRIBUTE Framed-Route 22 string +ATTRIBUTE Framed-IPX-Network 23 ipaddr +ATTRIBUTE State 24 string +ATTRIBUTE Class 25 string +ATTRIBUTE Session-Timeout 27 integer +ATTRIBUTE Idle-Timeout 28 integer +ATTRIBUTE Termination-Action 29 integer +ATTRIBUTE Called-Station-Id 30 string +ATTRIBUTE Calling-Station-Id 31 string +ATTRIBUTE NAS-Identifier 32 string +ATTRIBUTE Acct-Status-Type 40 integer +ATTRIBUTE Acct-Delay-Time 41 integer +ATTRIBUTE Acct-Input-Octets 42 integer +ATTRIBUTE Acct-Output-Octets 43 integer +ATTRIBUTE Acct-Session-Id 44 string +ATTRIBUTE Acct-Authentic 45 integer +ATTRIBUTE Acct-Session-Time 46 integer +ATTRIBUTE Acct-Input-Packets 47 integer +ATTRIBUTE Acct-Output-Packets 48 integer +ATTRIBUTE Acct-Terminate-Cause 49 integer +ATTRIBUTE Chap-Challenge 60 string +ATTRIBUTE NAS-Port-Type 61 integer +ATTRIBUTE Port-Limit 62 integer +ATTRIBUTE Connect-Info 77 string + +# RFC 2869 +ATTRIBUTE Acct-Interim-Interval 85 integer + +# +# Experimental Non Protocol Attributes used by Cistron-Radiusd +# +ATTRIBUTE Huntgroup-Name 221 string +ATTRIBUTE User-Category 1029 string +ATTRIBUTE Group-Name 1030 string +ATTRIBUTE Simultaneous-Use 1034 integer +ATTRIBUTE Strip-User-Name 1035 integer +ATTRIBUTE Fall-Through 1036 integer +ATTRIBUTE Add-Port-To-IP-Address 1037 integer +ATTRIBUTE Exec-Program 1038 string +ATTRIBUTE Exec-Program-Wait 1039 string +ATTRIBUTE Hint 1040 string + +# +# Non-Protocol Attributes +# These attributes are used internally by the server +# +ATTRIBUTE Expiration 21 date +ATTRIBUTE Auth-Type 1000 integer +ATTRIBUTE Menu 1001 string +ATTRIBUTE Termination-Menu 1002 string +ATTRIBUTE Prefix 1003 string +ATTRIBUTE Suffix 1004 string +ATTRIBUTE Group 1005 string +ATTRIBUTE Crypt-Password 1006 string +ATTRIBUTE Connect-Rate 1007 integer + +# +# Experimental, implementation specific attributes +# +# Limit session traffic +ATTRIBUTE Session-Octets-Limit 227 integer +# What to assume as limit - 0 in+out, 1 in, 2 out, 3 max(in,out) +ATTRIBUTE Octets-Direction 228 integer + +# +# Integer Translations +# + +# User Types + +VALUE Service-Type Login-User 1 +VALUE Service-Type Framed-User 2 +VALUE Service-Type Callback-Login-User 3 +VALUE Service-Type Callback-Framed-User 4 +VALUE Service-Type Outbound-User 5 +VALUE Service-Type Administrative-User 6 +VALUE Service-Type NAS-Prompt-User 7 + +# Framed Protocols + +VALUE Framed-Protocol PPP 1 +VALUE Framed-Protocol SLIP 2 + +# Framed Routing Values + +VALUE Framed-Routing None 0 +VALUE Framed-Routing Broadcast 1 +VALUE Framed-Routing Listen 2 +VALUE Framed-Routing Broadcast-Listen 3 + +# Framed Compression Types + +VALUE Framed-Compression None 0 +VALUE Framed-Compression Van-Jacobson-TCP-IP 1 + +# Login Services + +VALUE Login-Service Telnet 0 +VALUE Login-Service Rlogin 1 +VALUE Login-Service TCP-Clear 2 +VALUE Login-Service PortMaster 3 + +# Status Types + +VALUE Acct-Status-Type Start 1 +VALUE Acct-Status-Type Stop 2 +VALUE Acct-Status-Type Accounting-On 7 +VALUE Acct-Status-Type Accounting-Off 8 + +# Authentication Types + +VALUE Acct-Authentic RADIUS 1 +VALUE Acct-Authentic Local 2 +VALUE Acct-Authentic PowerLink128 100 + +# Termination Options + +VALUE Termination-Action Default 0 +VALUE Termination-Action RADIUS-Request 1 + +# NAS Port Types, available in 3.3.1 and later + +VALUE NAS-Port-Type Async 0 +VALUE NAS-Port-Type Sync 1 +VALUE NAS-Port-Type ISDN 2 +VALUE NAS-Port-Type ISDN-V120 3 +VALUE NAS-Port-Type ISDN-V110 4 + +# Acct Terminate Causes, available in 3.3.2 and later + +VALUE Acct-Terminate-Cause User-Request 1 +VALUE Acct-Terminate-Cause Lost-Carrier 2 +VALUE Acct-Terminate-Cause Lost-Service 3 +VALUE Acct-Terminate-Cause Idle-Timeout 4 +VALUE Acct-Terminate-Cause Session-Timeout 5 +VALUE Acct-Terminate-Cause Admin-Reset 6 +VALUE Acct-Terminate-Cause Admin-Reboot 7 +VALUE Acct-Terminate-Cause Port-Error 8 +VALUE Acct-Terminate-Cause NAS-Error 9 +VALUE Acct-Terminate-Cause NAS-Request 10 +VALUE Acct-Terminate-Cause NAS-Reboot 11 +VALUE Acct-Terminate-Cause Port-Unneeded 12 +VALUE Acct-Terminate-Cause Port-Preempted 13 +VALUE Acct-Terminate-Cause Port-Suspended 14 +VALUE Acct-Terminate-Cause Service-Unavailable 15 +VALUE Acct-Terminate-Cause Callback 16 +VALUE Acct-Terminate-Cause User-Error 17 +VALUE Acct-Terminate-Cause Host-Request 18 + +# +# Non-Protocol Integer Translations +# + +VALUE Auth-Type Local 0 +VALUE Auth-Type System 1 +VALUE Auth-Type SecurID 2 +VALUE Auth-Type Crypt-Local 3 +VALUE Auth-Type Reject 4 + +# +# Cistron extensions +# +VALUE Auth-Type Pam 253 +VALUE Auth-Type None 254 + +# +# Experimental Non-Protocol Integer Translations for Cistron-Radiusd +# +VALUE Fall-Through No 0 +VALUE Fall-Through Yes 1 +VALUE Add-Port-To-IP-Address No 0 +VALUE Add-Port-To-IP-Address Yes 1 + +# +# Configuration Values +# uncomment these two lines to turn account expiration on +# + +#VALUE Server-Config Password-Expiration 30 +#VALUE Server-Config Password-Warning 5 + +# Octets-Direction +VALUE Octets-Direction Sum 0 +VALUE Octets-Direction Input 1 +VALUE Octets-Direction Output 2 +VALUE Octets-Direction MaxOveral 3 +VALUE Octets-Direction MaxSession 4 + +INCLUDE /etc/ppp/radius/dictionary.microsoft diff --git a/package/ppp/files/etc/ppp/radius/dictionary.asnet b/package/ppp/files/etc/ppp/radius/dictionary.asnet new file mode 100644 index 0000000000..337d1e1407 --- /dev/null +++ b/package/ppp/files/etc/ppp/radius/dictionary.asnet @@ -0,0 +1,3 @@ +VENDOR ASNET 50000 +ATTRIBUTE Speed-Down 1 string ASNET +ATTRIBUTE Speed-Up 2 string ASNET diff --git a/package/ppp/files/etc/ppp/radius/dictionary.microsoft b/package/ppp/files/etc/ppp/radius/dictionary.microsoft new file mode 100644 index 0000000000..09fdbba63f --- /dev/null +++ b/package/ppp/files/etc/ppp/radius/dictionary.microsoft @@ -0,0 +1,81 @@ +# +# Microsoft's VSA's, from RFC 2548 +# +# $Id$ +# + +VENDOR Microsoft 311 Microsoft + +ATTRIBUTE MS-CHAP-Response 1 string Microsoft +ATTRIBUTE MS-CHAP-Error 2 string Microsoft +ATTRIBUTE MS-CHAP-CPW-1 3 string Microsoft +ATTRIBUTE MS-CHAP-CPW-2 4 string Microsoft +ATTRIBUTE MS-CHAP-LM-Enc-PW 5 string Microsoft +ATTRIBUTE MS-CHAP-NT-Enc-PW 6 string Microsoft +ATTRIBUTE MS-MPPE-Encryption-Policy 7 string Microsoft +# This is referred to as both singular and plural in the RFC. +# Plural seems to make more sense. +ATTRIBUTE MS-MPPE-Encryption-Type 8 string Microsoft +ATTRIBUTE MS-MPPE-Encryption-Types 8 string Microsoft +ATTRIBUTE MS-RAS-Vendor 9 integer Microsoft +ATTRIBUTE MS-CHAP-Domain 10 string Microsoft +ATTRIBUTE MS-CHAP-Challenge 11 string Microsoft +ATTRIBUTE MS-CHAP-MPPE-Keys 12 string Microsoft +ATTRIBUTE MS-BAP-Usage 13 integer Microsoft +ATTRIBUTE MS-Link-Utilization-Threshold 14 integer Microsoft +ATTRIBUTE MS-Link-Drop-Time-Limit 15 integer Microsoft +ATTRIBUTE MS-MPPE-Send-Key 16 string Microsoft +ATTRIBUTE MS-MPPE-Recv-Key 17 string Microsoft +ATTRIBUTE MS-RAS-Version 18 string Microsoft +ATTRIBUTE MS-Old-ARAP-Password 19 string Microsoft +ATTRIBUTE MS-New-ARAP-Password 20 string Microsoft +ATTRIBUTE MS-ARAP-PW-Change-Reason 21 integer Microsoft + +ATTRIBUTE MS-Filter 22 string Microsoft +ATTRIBUTE MS-Acct-Auth-Type 23 integer Microsoft +ATTRIBUTE MS-Acct-EAP-Type 24 integer Microsoft + +ATTRIBUTE MS-CHAP2-Response 25 string Microsoft +ATTRIBUTE MS-CHAP2-Success 26 string Microsoft +ATTRIBUTE MS-CHAP2-CPW 27 string Microsoft + +ATTRIBUTE MS-Primary-DNS-Server 28 ipaddr Microsoft +ATTRIBUTE MS-Secondary-DNS-Server 29 ipaddr Microsoft +ATTRIBUTE MS-Primary-NBNS-Server 30 ipaddr Microsoft +ATTRIBUTE MS-Secondary-NBNS-Server 31 ipaddr Microsoft + +#ATTRIBUTE MS-ARAP-Challenge 33 string Microsoft + + +# +# Integer Translations +# + +# MS-BAP-Usage Values + +VALUE MS-BAP-Usage Not-Allowed 0 +VALUE MS-BAP-Usage Allowed 1 +VALUE MS-BAP-Usage Required 2 + +# MS-ARAP-Password-Change-Reason Values + +VALUE MS-ARAP-PW-Change-Reason Just-Change-Password 1 +VALUE MS-ARAP-PW-Change-Reason Expired-Password 2 +VALUE MS-ARAP-PW-Change-Reason Admin-Requires-Password-Change 3 +VALUE MS-ARAP-PW-Change-Reason Password-Too-Short 4 + +# MS-Acct-Auth-Type Values + +VALUE MS-Acct-Auth-Type PAP 1 +VALUE MS-Acct-Auth-Type CHAP 2 +VALUE MS-Acct-Auth-Type MS-CHAP-1 3 +VALUE MS-Acct-Auth-Type MS-CHAP-2 4 +VALUE MS-Acct-Auth-Type EAP 5 + +# MS-Acct-EAP-Type Values + +VALUE MS-Acct-EAP-Type MD5 4 +VALUE MS-Acct-EAP-Type OTP 5 +VALUE MS-Acct-EAP-Type Generic-Token-Card 6 +VALUE MS-Acct-EAP-Type TLS 13 + diff --git a/package/ppp/files/etc/ppp/radius/servers b/package/ppp/files/etc/ppp/radius/servers new file mode 100644 index 0000000000..0d4f0691d0 --- /dev/null +++ b/package/ppp/files/etc/ppp/radius/servers @@ -0,0 +1,2 @@ +# SERVER SECRET +localhost secret diff --git a/package/ppp/files/ppp.sh b/package/ppp/files/ppp.sh new file mode 100644 index 0000000000..343223af1b --- /dev/null +++ b/package/ppp/files/ppp.sh @@ -0,0 +1,29 @@ +scan_ppp() { + config_get ifname "$1" ifname + pppdev="${pppdev:-0}" + config_set "$1" ifname "ppp$pppdev" + config_set "$1" unit "$pppdev" +} + +start_pppd() { + local cfg="$1"; shift + config_get device "$cfg" device + config_get unit "$cfg" unit + config_get username "$cfg" username + config_get password "$cfg" password + config_get keepalive "$cfg" keepalive + interval="${keepalive%%*[, ]}" + [ "$interval" != "$keepalive" ] || interval=5 + + config_get demand "$cfg" demand + [ -n "$demand" ] && echo "nameserver 1.1.1.1" > /tmp/resolv.conf + /usr/sbin/pppd "$@" \ + ${keepalive:+lcp-echo-interval $interval lcp-echo-failure ${keepalive##[, ]*}} \ + ${demand:+precompiled-active-filter /etc/ppp/filter demand idle }${demand:-persist} \ + usepeerdns \ + defaultroute \ + replacedefaultroute \ + ${username:+user "$username" password "$password"} \ + linkname "$cfg" \ + ipparam "$cfg" +} diff --git a/package/ppp/files/pppoa.sh b/package/ppp/files/pppoa.sh new file mode 100644 index 0000000000..e6530b073e --- /dev/null +++ b/package/ppp/files/pppoa.sh @@ -0,0 +1,20 @@ +scan_pppoa() { + scan_ppp "$@" +} + +setup_interface_pppoa() { + local iface="$1" + local config="$2" + + config_get device "$config" device + + for module in slhc ppp_generic pppoatm; do + /sbin/insmod $module 2>&- >&- + done + + config_get mtu "$cfg" mtu + mtu=${mtu:-1492} + start_pppd "$config" \ + plugin pppoatm.so ${atm_vpi:-8}.${atm_vci:-35} \ + mtu $mtu mru $mtu +} diff --git a/package/ppp/files/pppoe.sh b/package/ppp/files/pppoe.sh new file mode 100644 index 0000000000..f263caaeef --- /dev/null +++ b/package/ppp/files/pppoe.sh @@ -0,0 +1,21 @@ +scan_pppoe() { + scan_ppp "$@" +} + +setup_interface_pppoe() { + local iface="$1" + local config="$2" + + config_get device "$config" device + + for module in slhc ppp_generic pppox pppoe; do + /sbin/insmod $module 2>&- >&- + done + + config_get mtu "$cfg" mtu + mtu=${mtu:-1480} + start_pppd "$config" \ + plugin rp-pppoe.so \ + mtu $mtu mru $mtu \ + "nic-$device" +} |