Does anyone have any experience of ppp demand dialing with shorewall? What I observe is that I have providers files: pppp0 8 0x80000 main ppp0 - track $LOC_IF On bringing up ppp so it''s ready to dial my "shorewall show routing" shows: Table pppp0: 10.112.112.112 dev ppp0 proto kernel scope link src 10.160.93.71 192.168.111.0/24 dev br0 proto kernel scope link src 192.168.111.1 default dev ppp0 scope link After ppp is triggered to dial, I can see even before the ip-up scripts are called that the routes have now become: Table pppp0: 192.168.111.0/24 dev br0 proto kernel scope link src 192.168.111.1 So I presume PPP is walking the route table and altering it''s routes. It stuff new routes back in, but of course I''m now missing them from my table. Anyone know if this can be configured away? Otherwise can anyone think of anything better than calling shorewall *again* after ppp comes up? Thanks Ed W ------------------------------------------------------------------------------ For Developers, A Lot Can Happen In A Second. Boundary is the first to Know...and Tell You. Monitor Your Applications in Ultra-Fine Resolution. Try it FREE! http://p.sf.net/sfu/Boundary-d2dvs2
On 4/21/12 1:09 PM, Ed W wrote:> Does anyone have any experience of ppp demand dialing with shorewall? > > What I observe is that I have providers files: > pppp0 8 0x80000 main ppp0 - > track $LOC_IF > > On bringing up ppp so it''s ready to dial my "shorewall show routing" shows:By "bringing up ppp so it''s ready to dial", do you mean ''shorewall enable ppp0''? If so, why don''t you simply bring up ppp0 then enable it via Shorewall? -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ For Developers, A Lot Can Happen In A Second. Boundary is the first to Know...and Tell You. Monitor Your Applications in Ultra-Fine Resolution. Try it FREE! http://p.sf.net/sfu/Boundary-d2dvs2
On 21/04/2012 22:01, Tom Eastep wrote:> On 4/21/12 1:09 PM, Ed W wrote: >> Does anyone have any experience of ppp demand dialing with shorewall? >> >> What I observe is that I have providers files: >> pppp0 8 0x80000 main ppp0 - >> track $LOC_IF >> >> On bringing up ppp so it''s ready to dial my "shorewall show routing" shows: > By "bringing up ppp so it''s ready to dial", do you mean ''shorewall > enable ppp0''? If so, why don''t you simply bring up ppp0 then enable it > via Shorewall? >Sorry, sequence of events is: - shorewall start - start pppd with "ondemand" config. This brings up the PPP interface, but does not dial the modem. A random route is created (usually 10.x.y.z) and the ppp device listens to that IP. - shorewall enable ppp0 (or shorewall restart - not important which) - ping something down the ppp device, causes the modem to dial. The remote ppp server assigns us an IP address (usual stuff). At this point pppd appears to drop it''s old routes and create some new ones pointing to the actual IP we were assigned. I don''t think this can be avoided - at this point my routes are bolloxed... - ... run shorewall restart (or shorewall disable/enable) I believe that there is no avoiding this (although I will investigate modifying pppd). Thoughts appreciated on how to minimise the situation with the incorrect routes in place? Thanks Ed W ------------------------------------------------------------------------------ For Developers, A Lot Can Happen In A Second. Boundary is the first to Know...and Tell You. Monitor Your Applications in Ultra-Fine Resolution. Try it FREE! http://p.sf.net/sfu/Boundary-d2dvs2