PPPD and idle counter!

Dear all,

I have set up a RH9 linux box as my home gw to the internet (it is also
print server, ntp server, etc...)

I can not figure out one thing. The man pages for pppd 2.4.1 say that the
<active-filter> "This option is currently only available under NetBSD,
and then only if both the kernel and pppd were compiled with PPP_FILTER
defined."

OK then. How do I make ppp drop the connection if all my PCs in the internal
network are shut? tcpdump reports any kind of broadcast traffic on the ppp0
interface coming from the ISP (including OSPF multicasts)

I could add a rule with iptables but that did not work. Would not the pppd
be the first to peek up the incoming broadcast as traffic (thus reseting the
idle counter) before the packets are filtered by any netfilter/iptables
rule?

How can I do that?

Sincerely
Theophanis

HAPPY NEW YEAR...........

On Fri, 02 Jan 2004 01:47:56 +0200, Theophanis Kontogiannis wrote:

> [...]
> OK then. How do I make ppp drop the connection if all my PCs in the
> internal network are shut? tcpdump reports any kind of broadcast traffic
> on the ppp0 interface coming from the ISP (including OSPF multicasts)
> [...]

There is a dial-on-demand option. Combined with the idle-timeout the
Internet connection should be up only if one of the computers needs it.

Dragan

Theophanis Kontogiannis <(E-Mail Removed)> wrote:

> I have set up a RH9 linux box as my home gw to the internet (it is also
> print server, ntp server, etc...)

> I can not figure out one thing. The man pages for pppd 2.4.1 say that the
> <active-filter> "This option is currently only available under NetBSD,
> and then only if both the kernel and pppd were compiled with PPP_FILTER
> defined."

The man pages are behind the code curve; the active-filter option works
for pppd 2.4.1 under Linux when compiled with PPP_FILTER defined.

> OK then. How do I make ppp drop the connection if all my PCs in the
> internal network are shut? tcpdump reports any kind of broadcast
> traffic on the ppp0 interface coming from the ISP (including OSPF
> multicasts)

Use the pppd idle option with the active-filter set to prevent inbound
traffic from resetting the idle timer (so that only outbound traffic
resets the timer).

> I could add a rule with iptables but that did not work. Would not
> the pppd be the first to peek up the incoming broadcast as traffic
> (thus reseting the idle counter) before the packets are filtered
> by any netfilter/iptables rule?

Correct.

> How can I do that?

See above. For active-filter examples see the web site in my signature.

--
Clifford Kite Email: "echo xvgr_yvahk-(E-Mail Removed)|rot13"
PPP-Q&A links, downloads: http://ckite.no-ip.net/