# c-mserver config file # Charles P. Wright # cpwright@villagenet.com # Which interface does the server listen on . Default is 0.0.0.0:224, which # means the server listens on ALL interfaces on port 224. #listen_on = "192.168.1.1:224,192.168.1.1:222,127.0.0.1:224,127.0.0.1:222" listen_on = "192.168.1.1:224,127.0.0.1:224" #listen_on = "0.0.0.0:224,0.0.0.0:222" #listen_on = "0.0.0.0:224" # Do we fork into the background and close stdin, stdout, and sterr? demon = true # How many clients can we have waiting on the incoming queue before they get # locked out slimit = 15 # Should we disconnect if we are not currently serving any clients? zeroclientdisconnect = true # If there is more than one client is one of them allowed to hangup the # connection? multiclientkill = true # The location of the file containing the LICENSE that is returned by the # LICENSE command. You should have recieved a copy of the GPL with this # program. license = /usr/share/mserver/COPYING # The location of the file containing the version history that is returned by # the HISTORY command. history = /usr/share/mserver/ChangeLog # What version of getstat should we use? pppdlock, netdev, lockonly and # exitcode are your choices if you are using PPP then you should really use # pppdlock. If you have a weird method of connecting use netdev. If you want # to check if a file simply exists then use lockonly. Exitcode will execute a # program and if it returns the value in goodcode then the link will count as # being up. pppdpid will record the pid of pppd when it connects and ensures # that that process is still a pppd. stattype = pppdlock # Other stattype options: # stattype = netdev # stattype = exitcode # stattype = lockonly # stattype = pppdpid # What should pppdlock look for in /proc/net/dev? pppkey = "pppd" # What is the name of your interface that exists when and only when you are # connected? This can used for the stat check and it is used for the netload # feature. You can set this on a device by device basis. netdev = ppp0 # What file should we look for netdevices in? devfile = "/proc/net/dev" # What command should we use to check the link status? If the link is good # it should return 0, otherwise it should return a non-zero value. This is used # as the format string to snprintf, the %s will be replaced with the checkhost # which is defined below. linkcheck = "/bin/ping -c 1 %s" # This is for testing non-link dependent portions of the server. The linkhost # is ignored for this entry. # linkcheck = "/home/cpwright/src/mserver/fakelink/linkcheck %s" # What host should we make sure is active when performing a linkcheck? I # suggest using an IP number instead of a hostname to expedite the operation, # this gets performed a lot and the longer it takes for it to happen the more # frustrated a user will get. checkhost = "0.0.0.0" # Your ISP DNS IP, this is my choice to check # What code do we want our linkcheck command to return. This is most likely # zero. goodcode = 0 # What is the lockfile for your modem, dial out as normal and then look in # /var/lock # /var/lock/LCK..ttyS1 or /var/lock/LCK..modem for example lockfile = "/var/lock/LCK..ttyS1" # Where do pppd and chat spit out their messages? logfile = "/var/log/messages" # What machines are allowed to capture the modem? capture_ipallow = "127.0.0.1:192.168.1.*" # What machines are allowed to administer the server. I recommend you make # this a machine that only you have access to. The firewall (localhost) is # usually a good choice. You can disable this by setting it to 0.0.0.0 (I am # assuming no host will have that IP address). admin_ipallow = "127.0.0.1" # What users are allowed to administer the server. I would choose your account # but not root. Having the root password being transmitted over the network # can be a *really* bad thing. If you are using it on only loopback it isn't # as bad. admin_userallow = "root" # What machines are allowed to lock and unlock connections? lock_ipallow="192.168.1.*:127.0.0.1" # What users are allowed to lock and unlock connections? lock_userallow = "root" # Accept KILL requests when locked and kill connection when the last KILL lock # is released? lock_pendingkill = true # How fast is your modem, this is a hack so that it will return a value # for the connection speed. Eventually I might get this working correctly, # but my modem only returns 115200 (which is wrong). cspeed = 56000 # The default kill action, this must be a script that will kill your connection # regardless of which one is active, the default is internal and you probably # shouldn't change it kill = "internal" # The signal to use when killing PPPD for an internal shutdown method, you # need to preface it with a - since this is the second argument to the kill # command killsig = "-TERM" # How long will we try to look at the PPPD logfile before giving up? logtimeout = 120 # How long after doing something to the connection should we wait to try a # stat method? statwait = 2 # What should we do to parse the logfile to give interactive output? # Valid options are pppd, ipppd, pap, or none. parselog = pppd # Should we check for the speed, or just use the cspeed variable? # speedcheck = false speedsearch = true # What indicates a modem speed. This was originally hardcoded, most people # should not have a need to change it, but if your modem returns something # different you may need too. validspeed = "128000,112000,64000,57333,56000,54666,54667,54000,53333,52000,50666,50667,50000,49333,48000,46666,46667,46000,45333,44000,42666,42667,42000,41333,40000,38000,37333,36000,34000,34000,33333,32000,31200,28800,26400,24000,12600,19200,16800,14400,12000,9600,7200,4800,2400,1200,300,110,ARQ,V34,V90,LAPM,V42,V90,V120" # What should we look for in the logfile to decide what a (I)PPPD string is? # If you have a normal modem this is most probably "pppd[", however if you use # IPPPD this may be "pppd[" or "ipppd[". pppdstr = "pppd[" # What should we look for in the logfile to decide what a chat string is? # I don't know why you would want to change this, but put it in for # completeness since you can select the pppd string. chatstr = "chat[" # What is an identifying feature of your modems connect string. Most say # CONNECT, but I have been told CARRIER crops up as well. connectstr = "CONNECT" # What file contains the username/password combinations. It is in the format of # /etc/passwd. You might want to choose something else as your file since # transmitting unix passwords over the network in the clear is a bad thing. # You can use the provided authgen utility to setup an authorization file. authfile = "/etc/passwd" # Should we use shadow passwords? This requires that you run the daemon as # root and that you use the account names in /etc/passwd. This is probably # not as good as a separate authorization file because the passwords are being # sent over the network, but it is convenient. If you use this option the # authfile will be ignored and the server will use the functions in shadow.h! shadow = true # Should we use PAM (Pluggable Authentication Modules) to authenticate? This # If you use this option the authfile will be ignored and the server will use # the PAM system. This requires that you run the daemon as root and provide a # valid PAM configuration file for mserver. An example PAM file is # distributed with mserver, and is normally placed in /etc/pam.d/mserver. # This option is ignored if you compiled mserver without PAM support. # This option will take precedence over shadow, and any other authorization # configuration! pamauth = false # Should we allow only valid users to perform the who command? This in theory # could provide information to nasty people, but your blocking this port to the # outside world anyway (or you should be). whoauth = false # Require valid authentication to do any manipulations? (You can achieve this # that is * would be only validated users, not any user if set to true, # other wise anyone can dial!) reqauth = false # What script should we run just after a client connects? # The argument is the client hostname # clientup = "/usr/sbin/clientup" # What script should we run just after a client disconnects? # The argument is the client hostname # clientdown = "/usr/sbin/clientdown" # What script should we run just after a user authenticates? # The argument is the client hostname and username # authup = "/usr/sbin/authup" # What script should we run just after a client unauthenticates? # The argument is the client hostname and username # authdown = "/usr/sbin/authdown" # What script should we run after the link has been brought up? # This can be specified on a per connection basis. # The argument is the connection's name # linkup = "/usr/sbin/linkup" # What script should we run right before the link has been intentionally brought # down? # prekill = "/usr/sbin/prekill" # What script should we run after the link has been intentionally brought down? # linkdown = "/usr/sbin/linkdown" # how long do we allow a silent client ? (default = 0 = no timeout) client_timeout = 0 # Which connection do you want mserver to auto-dial? # comment this out if you don't want it to auto-dial. # autodial "ISP_Internet" # What are the names of our connections? The order that they are listed # is the order that LIST will use, the first one is the default connection # for some clients. cname = "ISP_Internet" # Actually Define our connections # What is the command you use to bring up the connection, this can be a script # or you can call pppd directly. # ASB_script = "/sbin/ifup asb" ISP_Internet_script = "/usr/sbin/ppp-go" # What IP addresses are allowed to manipulate this connection. You are allowed # up to 10 different masks separated by colons. You must either use the real # numbers or a '*' to match any in each quad. You must specify all of the quads# that is '*' wouldn't work but '*.*.*.*' would. # ASB_ipallow = "192.168.1.*:127.0.0.1" ISP_Internet_ipallow = "192.168.1.*:127.0.0.1" # What users are allowed to dial out this connection? "*" or "" will allow any # user to dial out, otherwise provide a comma separated list of users. # ASB_userallow = "cpwright,mswright,ehwright" # ISP_Internet_userallow = "*" # This is a string that is displayed when CINFO is called, it isn't actually # used for any dialing, but just for cosmetics. The clients may eventually # depend on this so I suggest setting it. # ASB_info = "America's Suggestion Box" ISP_Internet_info = "Your ISP Info" # The internal kill method is much more reliable unless you have something wierd# you should really use it! # ASB_kill = "/sbin/ifdown asb" ISP_Internet_kill = "/usr/sbin/ppp-off" # The per connection netdev, this is only needed for the netdev stat method # it defaults to the value of netdev. # ASB_netdev = "ppp0" ISP_netdev = "ppp0" # The per connection checkhost, this is only needed for the exitcode stat method # it defaults to the value of checkhost. # ASB_checkhost = "164.254.128.5" ISP_checkhost = "0.0.0.0" # Your ISP DNS or Proxy IP # Which method of parsing the logfile should we use for this connection? # ASB_parselog = "pap" ISP_parselog = "pppd" # What users are allowed to do what? userallow = "root" # This guy can do anything userallow_connect = "*" # Anyone can connect userallow_disconnect = "*" # Anyone can disconnect