'Re: [PATCH] pppd/persist, linux 2.14.19+ - PPPIOCDETACH error'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       linux-ppp
Subject:    Re: [PATCH] pppd/persist, linux 2.14.19+ - PPPIOCDETACH error
From:       Michael Tokarev <mjt () tls ! msk ! ru>
Date:       2003-01-27 6:27:41
[Download RAW message or body]

[Bringing up an old topic]

Paul Mackerras wrote at 04 Dec 2002:
> James Cameron writes:
> 
>>I no longer have any issues with your patch.
>>Now you need someone with CVS access to add it.  ;-)
> 
> 
> The better approach is not to use PPPIOCDETACH at all, just close the
> fd and reopen /dev/ppp.  I'll get on to it...

Would this cause new ppp unit to be allocated, thus using ppp1 on a
machine which previously had ppp0 only?  On a machines with a single
dialup connection, this will break scripts/firewalls/etc made with
assumtion that the unit will always be ppp0.  While scripts are easy
to dealt with since unit is passed into all scripts invoked by pppd
(well, mostly: it will be difficult to do some things from an external
script anyway, like a script that checks whenever ppp is up or not:
f.e. I have a script that checks /var/run/ppp0.pid before trying to
run pppd), but firewall isn't that easy: on dialout machine it should
be set up before IP is set up, and there is no way to do this currently,
not using ugly `-i ppp+'.

BTW, what's general recommendations for firewall setup with pppd?  When
an ip-up script is run, IP is already up, and if firewall is set up in
this script, there is a window when there is no firewall in place.  This
may be worked around by setting restrictive firewall (i.e. deny all) by
default and allowing packets in ip-up (and disallowing back in ip-down),
but this is raceful anyway, since there is no guarantee that ip-down
will be completed before new ip-up is run (after a redial) and vice
versa - if I'm not mistaken.

/mjt

P.S. 2.4.19 came out quite some time ago, bringing up this issue which
is still unresolved and asked about in many mailinglists etc - just
google for PPPIOCDETACH to see how many users are asking this all the
time...  Is there a "semi-official" patch for this very issue?

-
To unsubscribe from this list: send the line "unsubscribe linux-ppp" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic