[Q] PPP - ip-up.d
Drake Diedrich
dld at coyote.com.au
Mon Jun 10 17:19:59 EST 2002
On Mon, Jun 10, 2002 at 02:43:29PM +1000, Donovan J. Edye wrote:
> G'Day,
>
> Env: Debian -- Linux lisa 2.4.9 #8 Thu Oct 4 05:04:16 EST 2001 i686 unknown
>
> I want to take some action only when a particular connection is dialled. I
> realise I can use /etc/ppp/ip-up.d to run scripts I want, but how do I
> distinguish between:
>
> pon MyCon_One
> pon MyCon_Two
You can wrap what you want to happen in test on the various environment
variables. For instance:
#!/bin/sh -x
if [ "$PPP_TTY" = "/dev/ttyS1" ]; then
date >>/var/log/telstra.log
echo "Telstra link up - $PPP_IFACE" >>/var/log/telstra.log
echo 1 > /proc/sys/net/ipv4/ip_forward
ipchains -A input -j DENY -s 203.2.192.0/24 -l
ipchains -A input -j DENY -p udp -i $PPP_IFACE -d 0.0.0.0/0 route -l
ipchains -A output -j DENY -p udp -i $PPP_IFACE -s 0.0.0.0/0 route
ipchains -A input -j DENY -i $PPP_IFACE -d 10.0.0.0/8 -l
ipchains -A output -j DENY -i $PPP_IFACE -s 10.0.0.0/8
ipchains -A input -j DENY -i $PPP_IFACE -d 192.168.0.0/16 -l
ipchains -A output -j DENY -i $PPP_IFACE -s 192.168.0.0/16
ipchains -A input -j DENY -i $PPP_IFACE -d 172.16.0.0/12 -l
ipchains -A output -j DENY -i $PPP_IFACE -s 172.16.0.0/12
....
fi
variables exported to the ip-up.d scripts:
export PPP_IFACE PPP_TTY PPP_SPEED PPP_LOCAL PPP_REMOTE PPP_IPPARAM
export PPP_TTYNAME
In each of the peers/ files for each connection, you can specify an
ipparam 'something', then test in your ip-up.d files for
PPP_IPPARAM='something', or any of the other automatic variables.
More information about the linux
mailing list