-This is the README file for ppp-2.3, a package which implements the
+This is the README file for ppp-2.4, a package which implements the
Point-to-Point Protocol (PPP) to provide Internet connections over
serial lines.
The Point-to-Point Protocol (PPP) provides a standard way to establish
a network connection over a serial link. At present, this package
supports IP and the protocols layered above IP, such as TCP and UDP.
-The Linux port of this package also has support for IPX.
+The Linux and Solaris ports of this package have optional support for
+IPV6; the Linux port of this package also has support for IPX.
This software consists of two parts:
- Kernel code, which establishes a network interface and passes
packets between the serial port, the kernel networking code and the
PPP daemon (pppd). This code is implemented using STREAMS modules on
-SunOS 4.x, Solaris 2.x, System V Release 4, and OSF/1, and as a
-line discipline under Ultrix, NextStep, NetBSD, FreeBSD, and Linux.
+SunOS 4.x and Solaris, and as a line discipline under Linux and FreeBSD.
- The PPP daemon (pppd), which negotiates with the peer to establish
the link and sets up the ppp network interface. Pppd includes support
for authentication, so you can control which other systems may make a
PPP connection and what IP addresses they may use.
+The primary platforms supported by this package are Linux and Solaris.
+Code for SunOS 4.x is included here but is largely untested. I have
+code for NeXTStep, FreeBSD, SVR4, Tru64 (Digital Unix), AIX and Ultrix
+but no active maintainers for these platforms. Code for all of these
+except AIX is included in the ppp-2.3.11 release.
+
Installation.
*************
files, are:
Linux README.linux
- Solaris 2 README.sol2
- Digital Unix (OSF/1) README.osf
- NetBSD, FreeBSD README.bsd
- NeXTStep README.next
+ Solaris README.sol2
SunOS 4.x README.sunos4
- System V Release 4 README.svr4
- Ultrix 4.x README.ultrix
-
-In fact, only the Linux and Solaris 2 ports have been tested in this
-release. Code for the other systems is still included; if you use it,
-let me know how it works. If I don't hear from anyone it will
-probably get dropped in a subsequent release. AIX 4 is no longer
-supported, since I don't have a maintainer for the AIX 4 port. If you
-want to volunteer, contact me.
In each case you start by running the ./configure script. This works
out which operating system you are using and creates symbolic links to
user-level code, and (as root) `make install' to install the
user-level programs pppd, chat and pppstats.
-The procedures for installing the kernel code vary from system to
-system. On some systems, the kernel code can be loaded into a running
-kernel using a `modload' facility. On others, the kernel image has to
-be recompiled and the system rebooted. See the README.* files for
-details.
-
N.B. Since 2.3.0, leaving the permitted IP addresses column of the
pap-secrets or chap-secrets file empty means that no addresses are
permitted. You need to put a "*" in that column to allow the peer to
authenticating itself to you, of course.)
-What's new in ppp-2.3.10.
-*************************
-
-* Pppd now supports `plugins', which are pieces of code (packaged as
- shared libraries) which can be loaded into pppd at runtime and which
- can affect its behaviour. The intention is that plugins provide a
- way for people to customize the behaviour of pppd for their own
- needs without needing to change the base pppd source. I have added
- some hooks into pppd (places where pppd will call a function
- pointer, if non-zero, to replace some of pppd's code) and I will be
- receptive to suggestions about places to add more hooks. Plugins
- are supported under Linux and Solaris at present.
-
-* We have a new maintainer for the Solaris port, Adi Masputra of Sun
- Microsystems, and he has updated the Solaris port so that it should
- work on 64-bit machines under Solaris 7 and later.
-
-* Pppd now has an `allow-ip' option, which takes an argument which is
- an IP address (or subnet) which peers are permitted to use without
- authenticating themselves. The argument takes the same form as each
- element of the allowed IP address list in the secrets files. The
- allow-ip option is privileged and may be specified multiple times.
- Using the allow-ip option should be cleaner than putting a line like
- `"" * "" address' in /etc/ppp/pap-secrets.
-
-* Chat can now substitute environment variables into the script. This
- is enabled by the -E flag. (Thanks to Andreas Arens for the patch.)
-
-* If the PAP username and password from the peer contains unprintable
- characters, they will be translated to a printable form before
- looking in the pap-secrets file. Characters >= 0x80 are translated
- to a M- form, and characters from 0 to 0x1f (and 0x7f as well) are
- translated to a ^X form. If this change causes you grief, let me
- know what would be a better translation. It appears that some peers
- send nulls or other control characters in their usernames and
- passwords.
-
-* Pppd has new `ktune' and `noktune' options, which enable/disable
- it to change kernel settings as appropriate. This is only
- implemented under Linux, and requires the /proc filesystem to be
- mounted. Under Linux, with the ktune option, pppd will enable IP
- forwarding in the kernel if the proxyarp option is used, and will
- enable the dynamic IP address kernel option in demand mode if the
- local IP address changes.
-
-* Pppd no longer requires a remote address to be specified for demand
- dialling. If none is specified, it will use a default value of
- 10.112.112.112+unit_number. (It will not propose this default to
- the peer.)
-
-* The default holdoff is now 0 if no connect script is given.
-
-* The IPV6 code from Tommi Komulainen, which I unfortunately only
- partially merged in to ppp-2.3.9, has been fixed and updated.
-
-* The linux compilation glitches should be fixed now.
-
-
-What was new in ppp-2.3.9.
-**************************
-
-* Support for the new generic PPP layer under development for the
- Linux kernel.
-
-* You can now place extra options to apply to specific users at the
- end of the line with their password in the pap-secrets or
- chap-secrets file, separated from the IP address(es) with a "--"
- separator. These options are parsed after the peer is authenticated
- but before network protocol (IPCP, IPXCP) or CCP negotiation
- commences.
-
-* Pppd will apply the holdoff period if the link was terminated by the
- peer. It doesn't apply it if the link was terminated because the
- local pppd thought it was idle.
-
-* Synchronous support for Solaris has been added, thanks to John
- Morrison, and for FreeBSD, thanks to Paul Fulghum.
-
-* IPV6 support has been merged in, from Tommi Komulainen. At the
- moment it only supports Linux and it is not tested by me.
-
-* The `nodefaultip' option can be used in demand mode to say that pppd
- should not suggest its local IP address to the peer.
-
-* The `init' option has been added; this causes pppd to run a script
- to initialize the serial device (e.g. by sending an init string to
- the modem). Unlike the connect option, this can be used in a
- dial-in situation. (Thanks to Tobias Ringstrom.)
-
-* There is a new `logfile' option to send log messages to a file as
- well as syslog.
-
-* There is a new, privileged `linkname' option which sets a logical
- name for the link. Pppd will create a /var/run/ppp-<linkname>.pid
- file containing its process ID.
-
-* There is a new `maxfail' option which specifies how many consecutive
- failed connection attempts are permitted before pppd will exit. The
- default value is 10, and 0 means infinity. :-)
-
-* Sundry bugs fixed.
-
-
-What was new in ppp-2.3.8.
-**************************
-
-* The exit status of pppd will now indicate whether the link was
- successfully established, or if not, what error was encountered.
-
-* Pppd has two new options: fdlog <n> will send log messages to file
- descriptor <n> instead of standard output, and nofdlog will stop log
- messages from being sent to any file descriptor (they will still be
- sent to syslog). Pppd now will not send log messages to a file
- descriptor if the serial port is open on that file descriptor.
-
-* Pppd sets an environment variable called PPPLOGNAME for scripts that
- it runs, indicating the login name of the user who invoked pppd.
-
-* Pppd sets environment variables CONNECT_TIME, BYTES_SENT and
- BYTES_RCVD for the ip-down and auth-down scripts indicating the
- statistics for the connection just terminated. (CONNECT_TIME is in
- seconds.)
-
-* If the user has the serial device open on standard input and
- specifies a symbolic link to the serial device on the command line,
- pppd will detect this and behave correctly (i.e. not detach from its
- controlling terminal). Furthermore, if the serial port is open for
- reading and writing on standard input, pppd will assume that it is
- locked by its invoker and not lock it itself.
-
-* Chat now has a feature where if a string to be sent begins with an
- at sign (@), the rest of the string is taken as the name of a file
- (regular file or named pipe), and the actual string to send is taken
- from that file.
-
-* Support for FreeBSD-2.2.8 and 3.0 has been added, thanks to Paul
- Fulghum.
-
-* The Tru64 (aka Digital Unix aka OSF/1) port has been updated.
-
-* The system panics on Solaris SMP systems related to PPP connections
- being established and terminated should no longer occur.
-
-* Fixed quite a few bugs.
-
-
-What was new in ppp-2.3.7.
-**************************
-
-* Pppd can now automatically allocate itself a pseudo-tty to use as
- the serial device. This has made three new options possible:
-
- - `pty script' will run `script' with its standard input and output
- connected to the master side of the pty. For example:
- pppd pty 'ssh -t server.my.net pppd'
- is a basic command for setting up a PPP link (tunnel) over ssh.
- (In practice you may need to specify other options such as IP
- addresses, etc.)
-
- - `notty' tells pppd to communicate over its standard input and
- output, which do not have to be a terminal device.
-
- - `record filename' tells pppd to record all of the characters sent
- and received over the serial device to a file called `filename'.
- The data is recorded in a tagged format with timestamps, which can
- be printed in a readable form with the pppdump program, which is
- included in this distribution.
-
-* Pppd now logs the connect time and number of bytes sent and received
- (at the level of the serial device) when the connection is
- terminated.
-
-* If you use the updetach or nodetach option, pppd will print its
- messages to standard output as well as logging them with syslog
- (provided of course pppd isn't using its standard input or output as
- its serial device).
-
-* There is a new `privgroup groupname' option (a privileged option).
- If the user running pppd is in group `groupname', s/he can use
- privileged options without restriction.
-
-* There is a new `receive-all' option, which causes pppd to accept all
- control characters, even the ones that the peer should be escaping
- (i.e. the receive asyncmap is 0). This is useful with some buggy
- peers.
-
-* The default asyncmap is now 0.
-
-* There is a new `sync' option, currently only implemented under
- Linux, which allows pppd to run on synchronous HDLC devices.
-
-* If a value for the device name or for the connect, disconnect,
- welcome or pty option is given in a privileged option file
- (i.e. /etc/ppp/options or a file loaded with the `call' option), it
- cannot be overridden by a non-privileged user.
-
-* Many bugs have been fixed, notably:
- - signals are not blocked unnecessarily, as they were in 2.3.6.
- - the usepeerdns option should work now.
- - the SPEED environment variable for scripts is set correctly.
- - the /etc/ppp/auth-down script is not run until auth-up completes.
- - the device is opened as root if it is the device on standard
- input.
- - pppd doesn't die with the ioctl(PPPIOCSASYNCMAP) error under linux
- if a hangup occurs at the wrong time.
-
-* Some error messages have been changed to be clearer (I hope :-)
-
-
-What was new in ppp-2.3.6.
-**************************
-
-* Pppd now opens the tty device as the user (rather than as root) if
- the device name was given by the user, i.e. on the command line or
- in the ~/.ppprc file. If the device name was given in
- /etc/ppp/options or in a file loaded with the `call' option, the
- device is opened as root.
-
-* The default behaviour of pppd is now to let a peer which has not
- authenticated itself (e.g. your ISP) use any IP address to which the
- system does not already have a route. (This is currently only
- supported under Linux, Solaris and Digital Unix; on the other
- systems, the peer must now authenticate itself unless the noauth
- option is used.)
-
-* Added new option `usepeerdns', thanks to Nick Walker
- <nickwalker@email.com>. If the peer supplies DNS addresses, these
- will be written to /etc/ppp/resolv.conf. The ip-up script can then
- be used to add these addresses to /etc/resolv.conf if desired (see
- the ip-up.local.add and ip-down.local.add files in the scripts
- directory).
-
-* The Solaris ppp driver should now work correctly on SMP systems.
-
-* Minor corrections so that the code can compile under Solaris 7,
- and under Linux with glibc-2.1.
-
-* The Linux kernel driver has been restructured for improved
- performance.
-
-* Pppd now won't start the ip-down script until the ip-up script has
- finished.
-
+What's new in ppp-2.4.2.
+************************
-What was new in ppp-2.3.5.
-**************************
+* Support for MS-CHAP v2 authentication, plus support for
+ authenticating the peer with MS-CHAP v1 or v2.
-* Minor corrections to the Digital UNIX and NetBSD ports.
+* MPPE
-* A workaround to avoid tickling a bug in the `se' serial port driver
-on Sun PCI Ultra machines running Solaris.
+* CBCP updates
-* Fixed a bug in the negotiation of the Microsoft WINS server address
-option.
+* EAP
-* Fixed a bug in the Linux port where it would fail for kernel
-versions above 2.1.99.
+* PPPOE
+* Password-via-pipe plugin
-What was new in ppp-2.3.4.
-**************************
+* Solaris updates
-* The NeXT port has been updated, thanks to Steve Perkins.
+* ECP
-* ppp-2.3.4 compiles and works under Solaris 2.6, using either gcc or
-cc.
+* Radius plugin code included
-* With the Solaris, SVR4 and SunOS ports, you can control the choice
-of C compiler, C compiler options, and installation directories by
-editing the svr4/Makedefs or sunos4/Makedefs file.
+* Extra hooks for plugins
-* Until now, we have been using the number 24 to identify Deflate
-compression in the CCP negotiations, which was the number in the draft
-RFC describing Deflate. The number actually assigned to Deflate is
-26. The code has been changed to use 26, but to allow the use of 24
-for now for backwards compatibility. (This can be disabled with the
-`nodeflatedraft' option to pppd.)
+* maxoctets option
-* Fixed some bugs in the linux driver and deflate compressor which
-were causing compression problems, including corrupting long
-incompressible packets sometimes.
+* ipcp-no-addresses and ipcp-no-address options
-* Fixes to the PAM and shadow password support in pppd, from Al
-Longyear and others.
+* remotenumber and allow-number options
-* Pppd now sets some environment variables for scripts it invokes
-(ip-up/down, auth-ip/down), giving information about the connection.
-The variables it sets are PEERNAME, IPLOCAL, IPREMOTE, UID, DEVICE,
-SPEED, and IFNAME.
+* lock filename changes?
-* Pppd now has an `updetach' option, which will cause it to detach
-from its controlling terminal once the link has come up (i.e. once it
-is available for IP traffic).
+* Fixed several bugs, including potential buffer overflows in chat.
-What was new in ppp-2.3.3.
+What was new in ppp-2.4.1.
**************************
-* Fixed compilation problems under SunOS.
-
-* Fixed a bug introduced into chat in 2.3.2, and compilation problems
-introduced into the MS-CHAP implementation in 2.3.2.
+* Pppd can now print out the set of options that are in effect. The
+ new `dump' option causes pppd to print out the option values after
+ option parsing is complete. The `dryrun' option causes pppd to
+ print the options and then exit.
-* The linux kernel driver has been updated for recent 2.1-series
-kernel changes, and it now will ask kerneld to load compression
-modules when required, if the kernel is configured to support kerneld.
+* The option parsing code has been fixed so that options in the
+ per-tty options file are parsed correctly, and don't override values
+ from the command line in most cases.
-* Pppd should now compile correctly under linux on systems with glibc.
+* The plugin option now looks in /usr/lib/pppd/<pppd-version> (for
+ example, /usr/lib/pppd/2.4.1b1) for shared objects for plugins if
+ there is no slash in the plugin name.
+* When loading a plugin, pppd will now check the version of pppd for
+ which the plugin was compiled, and refuse to load it if it is
+ different to pppd's version string. To enable this, the plugin
+ source needs to #include "pppd.h" and have a line saying:
+ char pppd_version[] = VERSION;
-What was new in ppp-2.3.2.
-**************************
+* There is a bug in zlib, discovered by James Carlson, which can cause
+ kernel memory corruption if Deflate is used with the lowest setting,
+ 8. As a workaround pppd will now insist on using at least 9.
-* In 2.3.1, I made a change which was intended to make pppd able to
-detect loss of CD during or immediately after the connection script
-runs. Unfortunately, this had the side-effect that the connection
-script wouldn't work at all on some systems. This change has been
-reversed.
+* Pppd should compile on Solaris and SunOS again.
-* Fix compilation problems in the Linux kernel driver.
+* Pppd should now set the MTU correctly on demand-dialled interfaces.
-What was new in ppp-2.3.1.
+What was new in ppp-2.4.0.
**************************
-* Enhancements to chat, thanks to Francis Demierre. Chat can now
-accept comments in the chat script file, and has new SAY, HANGUP,
-CLR_ABORT and CLR_REPORT keywords.
-
-* Fixed a bug which causes 2.3.0 to crash Solaris systems.
-
-* Bug-fixes and restructuring of the Linux kernel driver.
-
-* The holdoff behaviour of pppd has been changed slightly: now, if
-the link comes up for IP (or other network protocol) traffic, we
-consider that the link has been successfully established, and don't
-enforce the holdoff period after the link goes down.
+* Multilink: this package now allows you to combine multiple serial
+ links into one logical link or `bundle', for increased bandwidth and
+ reduced latency. This is currently only supported under the
+ Linux-2.3.99pre5 or later kernels.
-* Pppd should now correctly wait for CD (carrier detect) from the
-modem, even when the serial port initially had CLOCAL set, and it
-should also detect loss of CD during or immediately after the
-connection script runs.
+* All the pppd processes running on a system now write information
+ into a common database. I used the `tdb' code from samba for this.
-* Under linux, pppd will work with older 2.2.0* version kernel
-drivers, although demand-dialling is not supported with them.
-
-* Minor bugfixes for pppd.
-
-
-What was new in ppp-2.3.
-************************
+* New hooks have been added.
-* Demand-dialling. Pppd now has a mode where it will establish the
-network interface immediately when it starts, but not actually bring
-the link up until it sees some data to be sent. Look for the demand
-option description in the pppd man page. Demand-dialling is not
-supported under Ultrix or NeXTStep.
-
-* Idle timeout. Pppd will optionally terminate the link if no data
-packets are sent or received within a certain time interval.
-
-* Pppd now runs the /etc/ppp/auth-up script, if it exists, when the
-peer successfully authenticates itself, and /etc/ppp/auth-down when
-the connection is subsequently terminated. This can be useful for
-accounting purposes.
-
-* A new packet compression scheme, Deflate, has been implemented.
-This uses the same compression method as `gzip'. This method is free
-of patent or copyright restrictions, and it achieves better
-compression than BSD-Compress. It does consume more CPU cycles for
-compression than BSD-Compress, but this shouldn't be a problem for
-links running at 100kbit/s or less.
-
-* There is no code in this distribution which is covered by Brad
-Clements' restrictive copyright notice. The STREAMS modules for SunOS
-and OSF/1 have been rewritten, based on the Solaris 2 modules, which
-were written from scratch without any Clements code.
-
-* Pppstats has been reworked to clean up the output format somewhat.
-It also has a new -d option which displays data rate in kbyte/s for
-those columns which would normally display bytes.
-
-* Pppd options beginning with - or + have been renamed, e.g. -ip
-became noip, +chap became require-chap, etc. The old options are
-still accepted for compatibility but may be removed in future.
-
-* Pppd now has some options (such as the new `noauth' option) which
-can only be specified if it is being run by root, or in an
-"privileged" options file: /etc/ppp/options or an options file in the
-/etc/ppp/peers directory. There is a new "call" option to read
-options from a file in /etc/ppp/peers, making it possible for non-root
-users to make unauthenticated connections, but only to certain trusted
-peers. My intention is to make the `auth' option the default in a
-future release.
-
-* Several minor new features have been added to pppd, including the
-maxconnect and welcome options. Pppd will now terminate the
-connection when there are no network control protocols running. The
-allowed IP address(es) field in the secrets files can now specify
-subnets (with a notation like 123.45.67.89/24) and addresses which are
-not acceptable (put a ! on the front).
-
-* Numerous bugs have been fixed (no doubt some have been introduced :-)
-Thanks to those who reported bugs in ppp-2.2.
+For a list of the changes made during the 2.3 series releases of this
+package, see the Changes-2.3 file.
Compression methods.
If you find bugs in this package, please report them to the maintainer
for the port for the operating system you are using:
-Linux Paul Mackerras <Paul.Mackerras@cs.anu.edu.au>
-Solaris 2 Adi Masputra <adi.masputra@sun.com>
+Linux Paul Mackerras <paulus@linuxcare.com>
+Solaris James Carlson <james.d.carlson@east.sun.com>
SunOS 4.x Adi Masputra <adi.masputra@sun.com>
-Digital Unix (OSF/1) Sowmini Varadhan <varadhan@zk3.dec.com>
-NetBSD Matthew Green <mrg@eterna.com.au>
-FreeBSD Peter Wemm <peter@haywire.DIALix.COM>
-NeXTStep Steve Perkins <perkins@cps.msu.edu>
-System V Release 4 Matthias Apitz <Matthias.Apitz@SOFTCON.de>
-Ultrix 4.x Paul Mackerras (for want of anybody better :-)
Copyrights:
The primary site for releases of this software is:
- ftp://cs.anu.edu.au/pub/software/ppp/
+ ftp://ftp.samba.org/pub/ppp/
-($Id: README,v 1.21 1999/09/17 05:20:36 paulus Exp $)
+($Id: README,v 1.28 2003/05/01 12:43:16 paulus Exp $)
projects / ppp.git / blobdiff