diff options
| author | YASUOKA Masahiko <yasuoka@cvs.openbsd.org> | 2011-07-08 18:30:18 +0000 |
|---|---|---|
| committer | YASUOKA Masahiko <yasuoka@cvs.openbsd.org> | 2011-07-08 18:30:18 +0000 |
| commit | 10fcba53ef6983f49604f8f0da1619428df97c97 (patch) | |
| tree | cfcb48c33f5803859f0a19286ecac3e7e8f14b24 /usr.sbin | |
| parent | 48142241ec73b235e102c03fa64123d49a404e71 (diff) | |
Include PIPEX in kernel by default. And add new sysctl variable
`net.pipex.enable' to enable PIPEX. By default, pipex is disabled
and it will not process packets from wire. Update man pages and
update HOWTO_PIPEX_NPPPD.txt for testers.
discussed with dlg@, ok deraadt@ mcbride@ claudio@
Diffstat (limited to 'usr.sbin')
| -rw-r--r-- | usr.sbin/npppd/HOWTO_PIPEX_NPPPD.txt | 31 |
1 files changed, 15 insertions, 16 deletions
diff --git a/usr.sbin/npppd/HOWTO_PIPEX_NPPPD.txt b/usr.sbin/npppd/HOWTO_PIPEX_NPPPD.txt index 58ab59329a1..c2ca9d358ae 100644 --- a/usr.sbin/npppd/HOWTO_PIPEX_NPPPD.txt +++ b/usr.sbin/npppd/HOWTO_PIPEX_NPPPD.txt @@ -1,4 +1,4 @@ -$Id: HOWTO_PIPEX_NPPPD.txt,v 1.4 2011/07/06 20:52:28 yasuoka Exp $ +$Id: HOWTO_PIPEX_NPPPD.txt,v 1.5 2011/07/08 18:30:17 yasuoka Exp $ How to test npppd and pipex --------------------------- @@ -10,36 +10,33 @@ on server 1. update your source tree - 2. enable PIPEX on your kernel and reboot with the kernel - Add bellow line to your kernel configuration file + 2. build and update kernel - option PIPEX # Pppac IP EXtension, for npppd - - 3. build and update kernel - - 4. build npppd + 3. build npppd % cd /usr/src/usr.sbin/npppd % make % sudo make install - 5. install npppd.conf and npppd-users.csv to /etc/npppd/ - + 4. install npppd.conf and npppd-users.csv to /etc/npppd/ sample npppd.conf and npppd-user.csv attached below on this file. % sudo mkdir 0755 /etc/npppd % sudo cp npppd.conf /etc/npppd/ % sudo cp npppd-users.csv /etc/npppd/ - 6. create user '_npppd' + 5. create user '_npppd' - % sudo groupadd _npppd - % sudo useradd -d /var/empty -s /sbin/nologin -g _npppd _npppd + % sudo groupadd _npppd + % sudo useradd -d /var/empty -s /sbin/nologin -g _npppd _npppd - 6. set net.inet.gre.allow=1 - % sudo sysctl net.inet.gre.allow=1 + 6. enable PIPEX and GRE by sysctl + + % sudo sysctl net.inet.gre.allow=1 (for PPTP) + % sudo sysctl net.pipex.enable=1 (for PIPEX) 7. run npppd + % sudo /usr/sbin/npppd -d on client @@ -88,7 +85,7 @@ How to test L2TP/IPsec # # Simplest npppd.conf sample # -# $Id: HOWTO_PIPEX_NPPPD.txt,v 1.4 2011/07/06 20:52:28 yasuoka Exp $ +# $Id: HOWTO_PIPEX_NPPPD.txt,v 1.5 2011/07/08 18:30:17 yasuoka Exp $ interface_list: tun0 interface.tun0.ip4addr: 10.0.0.1 @@ -134,6 +131,8 @@ l2tpd.require_ipsec: false # PPPoE daemon #pppoed.enabled: true #pppoed.interface: PPPoE vic0 + +#pipex.enabled: false ------------------------------------------------------------------------------- [npppd-users.csv] |