| ppp.conf.sample (89211) | ppp.conf.sample (108533) |
|---|---|
| 1################################################################# 2# 3# PPP Sample Configuration File 4# 5# Originally written by Toshiharu OHNO 6# | 1################################################################# 2# 3# PPP Sample Configuration File 4# 5# Originally written by Toshiharu OHNO 6# |
| 7# $FreeBSD: head/share/examples/ppp/ppp.conf.sample 89211 2002-01-10 14:56:47Z brian $ | 7# $FreeBSD: head/share/examples/ppp/ppp.conf.sample 108533 2003-01-01 18:49:04Z schweikh $ |
| 8# 9################################################################# 10 11# This file is separated into sections. Each section is named with 12# a label starting in column 0 and followed directly by a ``:''. The 13# section continues until the next label. Blank lines and characters 14# after a ``#'' are ignored (a literal ``#'' must be escaped with a ``\'' 15# or quoted with ""). All commands inside sections that do not begin --- 87 unchanged lines hidden (view full) --- 103# On demand dialup example with static IP addresses: 104# Here, the local side uses 192.244.185.226 and the remote side 105# uses 192.244.176.44. 106# 107# # ppp -auto ondemand 108# 109# With static IP numbers, our setup is similar to dynamic: 110# Remember, ppp.linkup is searched for a "192.244.176.44" label, then | 8# 9################################################################# 10 11# This file is separated into sections. Each section is named with 12# a label starting in column 0 and followed directly by a ``:''. The 13# section continues until the next label. Blank lines and characters 14# after a ``#'' are ignored (a literal ``#'' must be escaped with a ``\'' 15# or quoted with ""). All commands inside sections that do not begin --- 87 unchanged lines hidden (view full) --- 103# On demand dialup example with static IP addresses: 104# Here, the local side uses 192.244.185.226 and the remote side 105# uses 192.244.176.44. 106# 107# # ppp -auto ondemand 108# 109# With static IP numbers, our setup is similar to dynamic: 110# Remember, ppp.linkup is searched for a "192.244.176.44" label, then |
| 111# a "ondemand" label, and finally the "MYADDR" label. | 111# an "ondemand" label, and finally the "MYADDR" label. |
| 112# 113ondemand: 114 set phone 1234567 115 set login "ABORT NO\\sCARRIER TIMEOUT 5 ogin:--ogin: ppp word: ppp" 116 set timeout 120 117 set ifaddr 192.244.185.226 192.244.176.44 118 add default HISADDR 119 enable dns --- 229 unchanged lines hidden (view full) --- 349 set filter dial 4 7 0 0 tcp dst eq ftp 350 set filter dial 5 7 0 0 tcp dst eq 24 351 set filter dial 6 deny ! 0 0 tcp dst eq 4000 352 353 # From hosts on a couple of local subnets to the remote peer 354 # If the remote host allowed IP forwarding and we wanted to use it, the 355 # following rules could be split into two groups to separately validate 356 # the source and destination addresses. | 112# 113ondemand: 114 set phone 1234567 115 set login "ABORT NO\\sCARRIER TIMEOUT 5 ogin:--ogin: ppp word: ppp" 116 set timeout 120 117 set ifaddr 192.244.185.226 192.244.176.44 118 add default HISADDR 119 enable dns --- 229 unchanged lines hidden (view full) --- 349 set filter dial 4 7 0 0 tcp dst eq ftp 350 set filter dial 5 7 0 0 tcp dst eq 24 351 set filter dial 6 deny ! 0 0 tcp dst eq 4000 352 353 # From hosts on a couple of local subnets to the remote peer 354 # If the remote host allowed IP forwarding and we wanted to use it, the 355 # following rules could be split into two groups to separately validate 356 # the source and destination addresses. |
| 357 set filter dial 7 permit 172.17.16.0/20 172.17.20.248 358 set filter dial 8 permit 172.17.36.0/22 172.17.20.248 359 set filter dial 9 permit 172.17.118.0/26 172.17.20.248 360 set filter dial 10 permit 10.123.5.0/24 172.17.20.248 | 357 set filter dial 7 permit 172.17.16.0/20 172.17.20.248 358 set filter dial 8 permit 172.17.36.0/22 172.17.20.248 359 set filter dial 9 permit 172.17.118.0/26 172.17.20.248 360 set filter dial 10 permit 10.123.5.0/24 172.17.20.248 |
| 361 362 # Once the link's up, limit outgoing access to the specified hosts | 361 362 # Once the link's up, limit outgoing access to the specified hosts |
| 363 set filter out 0 4 172.17.16.0/20 172.17.20.248 364 set filter out 1 4 172.17.36.0/22 172.17.20.248 365 set filter out 2 4 172.17.118.0/26 172.17.20.248 366 set filter out 3 deny ! 10.123.5.0/24 172.17.20.248 | 363 set filter out 0 4 172.17.16.0/20 172.17.20.248 364 set filter out 1 4 172.17.36.0/22 172.17.20.248 365 set filter out 2 4 172.17.118.0/26 172.17.20.248 366 set filter out 3 deny ! 10.123.5.0/24 172.17.20.248 |
| 367 368 # Allow established TCP connections 369 set filter out 4 permit 0 0 tcp estab 370 371 # And new connections to http, rlogin, rsh, telnet, ftp and ports 372 # 24 and 4000 373 set filter out 5 permit 0 0 tcp dst eq http 374 set filter out 6 permit 0 0 tcp dst eq login --- 101 unchanged lines hidden (view full) --- 476 set sp 115200 477 set timeout 900 478 set lqrperiod 10 479 set log Phase Chat LQM 480 set login "ABORT NO\\sCARRIER TIMEOUT 5 ogin:--ogin: ppp word: ppp HELLO" 481 set ifaddr 10.0.4.2 10.0.4.1 482 enable lqr 483 accept lqr | 367 368 # Allow established TCP connections 369 set filter out 4 permit 0 0 tcp estab 370 371 # And new connections to http, rlogin, rsh, telnet, ftp and ports 372 # 24 and 4000 373 set filter out 5 permit 0 0 tcp dst eq http 374 set filter out 6 permit 0 0 tcp dst eq login --- 101 unchanged lines hidden (view full) --- 476 set sp 115200 477 set timeout 900 478 set lqrperiod 10 479 set log Phase Chat LQM 480 set login "ABORT NO\\sCARRIER TIMEOUT 5 ogin:--ogin: ppp word: ppp HELLO" 481 set ifaddr 10.0.4.2 10.0.4.1 482 enable lqr 483 accept lqr |
| 484 | 484 |
| 485direct-server: 486 set timeout 0 487 set lqrperiod 10 488 set log Phase LQM 489 set ifaddr 10.0.4.1 10.0.4.2 490 enable lqr 491 accept lqr 492 --- 69 unchanged lines hidden (view full) --- 562inet-loop: 563 set timeout 0 564 set log phase chat connect lcp ipcp command 565 set device localhost:ppploop 566 set dial 567 set login 568 set ifaddr 127.0.0.2 127.0.0.3 569 set server /var/run/ppp/loop "" 0177 | 485direct-server: 486 set timeout 0 487 set lqrperiod 10 488 set log Phase LQM 489 set ifaddr 10.0.4.1 10.0.4.2 490 enable lqr 491 accept lqr 492 --- 69 unchanged lines hidden (view full) --- 562inet-loop: 563 set timeout 0 564 set log phase chat connect lcp ipcp command 565 set device localhost:ppploop 566 set dial 567 set login 568 set ifaddr 127.0.0.2 127.0.0.3 569 set server /var/run/ppp/loop "" 0177 |
| 570 | 570 |
| 571inet-loop-in: 572 set timeout 0 573 set log phase lcp ipcp command 574 allow mode direct 575 576# Example of a VPN. 577# If you're going to create a tunnel through a public network, your VPN 578# should be set up something like this: --- 103 unchanged lines hidden (view full) --- 682 load loop 683 set device /dev/cuaa0 /dev/cuaa1 /dev/cuaa2 # Use any of these devices 684 set mode interactive 685 set mrru 1500 686 set mru 1504 # Room for the MP header 687 clone 1 2 3 688 link deflink remove 689 # dial | 571inet-loop-in: 572 set timeout 0 573 set log phase lcp ipcp command 574 allow mode direct 575 576# Example of a VPN. 577# If you're going to create a tunnel through a public network, your VPN 578# should be set up something like this: --- 103 unchanged lines hidden (view full) --- 682 load loop 683 set device /dev/cuaa0 /dev/cuaa1 /dev/cuaa2 # Use any of these devices 684 set mode interactive 685 set mrru 1500 686 set mru 1504 # Room for the MP header 687 clone 1 2 3 688 link deflink remove 689 # dial |
| 690 # link 2 dial 691 # link 3 dial | 690 # link 2 dial 691 # link 3 dial |
| 692 693mloop-in: 694 set timeout 0 # No idle timer 695 set log tun phase 696 allow mode direct 697 set mrru 1500 698 set mru 1504 # Room for the MP header 699 --- 75 unchanged lines hidden (view full) --- 775# If you want to test concurrency, try using ``ppp -dd loop'' instead. 776# 777loop: 778 set timeout 0 779 set log 780 set device "!ppp -direct loop-in" 781 set dial 782 set login | 692 693mloop-in: 694 set timeout 0 # No idle timer 695 set log tun phase 696 allow mode direct 697 set mrru 1500 698 set mru 1504 # Room for the MP header 699 --- 75 unchanged lines hidden (view full) --- 775# If you want to test concurrency, try using ``ppp -dd loop'' instead. 776# 777loop: 778 set timeout 0 779 set log 780 set device "!ppp -direct loop-in" 781 set dial 782 set login |
| 783 set ifaddr 10.0.1.1/0 10.0.10.1-10.0.19.255 | 783 set ifaddr 10.0.1.1/0 10.0.10.1-10.0.19.255 |
| 784 disable deflate pred1 mppe 785 deny deflate pred1 mppe | 784 disable deflate pred1 mppe 785 deny deflate pred1 mppe |
| 786 | 786 |
| 787loop-in: 788 set timeout 0 789 set log 790 allow mode direct 791 set ifaddr 10.0.10.1/0 10.0.1.1-10.0.9.255 792 disable deflate pred1 mppe 793 deny deflate pred1 mppe | 787loop-in: 788 set timeout 0 789 set log 790 allow mode direct 791 set ifaddr 10.0.10.1/0 10.0.1.1-10.0.9.255 792 disable deflate pred1 mppe 793 deny deflate pred1 mppe |