From 10fcba53ef6983f49604f8f0da1619428df97c97 Mon Sep 17 00:00:00 2001
From: YASUOKA Masahiko <yasuoka@cvs.openbsd.org>
Date: Fri, 8 Jul 2011 18:30:18 +0000
Subject: Include PIPEX in kernel by default.  And add new sysctl variable
 `net.pipex.enable' to enable PIPEX.   By default, pipex is disabled and it
 will not process packets from wire.  Update man pages and update
 HOWTO_PIPEX_NPPPD.txt for testers.

discussed with dlg@, ok deraadt@ mcbride@ claudio@
---
 usr.sbin/npppd/HOWTO_PIPEX_NPPPD.txt | 31 +++++++++++++++----------------
 1 file changed, 15 insertions(+), 16 deletions(-)

(limited to 'usr.sbin')

diff --git a/usr.sbin/npppd/HOWTO_PIPEX_NPPPD.txt b/usr.sbin/npppd/HOWTO_PIPEX_NPPPD.txt
index 58ab59329a1..c2ca9d358ae 100644
--- a/usr.sbin/npppd/HOWTO_PIPEX_NPPPD.txt
+++ b/usr.sbin/npppd/HOWTO_PIPEX_NPPPD.txt
@@ -1,4 +1,4 @@
-$Id: HOWTO_PIPEX_NPPPD.txt,v 1.4 2011/07/06 20:52:28 yasuoka Exp $
+$Id: HOWTO_PIPEX_NPPPD.txt,v 1.5 2011/07/08 18:30:17 yasuoka Exp $
 
 How to test npppd and pipex
 ---------------------------
@@ -10,36 +10,33 @@ on server
 
   1. update your source tree
 
-  2. enable PIPEX on your kernel and reboot with the kernel
-     Add bellow line to your kernel configuration file
+  2. build and update kernel
 
-	option          PIPEX           # Pppac IP EXtension, for npppd
-
-  3. build and update kernel
-
-  4. build npppd
+  3. build npppd
 
 	% cd /usr/src/usr.sbin/npppd
 	% make
 	% sudo make install
 
-  5. install npppd.conf and npppd-users.csv to /etc/npppd/
-
+  4. install npppd.conf and npppd-users.csv to /etc/npppd/
      sample npppd.conf and npppd-user.csv attached below on this file.
 
 	% sudo mkdir 0755 /etc/npppd
 	% sudo cp npppd.conf /etc/npppd/
 	% sudo cp npppd-users.csv /etc/npppd/
 
-  6. create user '_npppd'
+  5. create user '_npppd'
 
-     	% sudo groupadd _npppd
-     	% sudo useradd -d /var/empty -s /sbin/nologin -g _npppd _npppd
+	% sudo groupadd _npppd
+	% sudo useradd -d /var/empty -s /sbin/nologin -g _npppd _npppd
 
-  6. set net.inet.gre.allow=1
-	% sudo sysctl net.inet.gre.allow=1
+  6. enable PIPEX and GRE by sysctl
+
+	% sudo sysctl net.inet.gre.allow=1  (for PPTP)
+	% sudo sysctl net.pipex.enable=1    (for PIPEX)
 
   7. run npppd
+
 	% sudo /usr/sbin/npppd -d
 
 on client
@@ -88,7 +85,7 @@ How to test L2TP/IPsec
 #
 # Simplest npppd.conf sample
 #
-# $Id: HOWTO_PIPEX_NPPPD.txt,v 1.4 2011/07/06 20:52:28 yasuoka Exp $
+# $Id: HOWTO_PIPEX_NPPPD.txt,v 1.5 2011/07/08 18:30:17 yasuoka Exp $
 
 interface_list:                         tun0
 interface.tun0.ip4addr:                 10.0.0.1
@@ -134,6 +131,8 @@ l2tpd.require_ipsec:                    false
 # PPPoE daemon
 #pppoed.enabled:                                true
 #pppoed.interface:                      PPPoE vic0
+
+#pipex.enabled:				false
 -------------------------------------------------------------------------------
 
 [npppd-users.csv]
-- 
cgit v1.2.3