Close

Dial UP and PPP server in modern Linux

A project log for The RetroServer - Networking for old computers

A device that acts as a bridge between old and new computers. More simple that what is sounds.

LeonardoLeonardo 03/15/2017 at 18:272 Comments

This is really simple to do, at least in Debian Jessie.

Since the innittab file is gone, we setup mgetty as a service with systemd.

we create a service in /lib/systemd/system/mgetty.service

[Unit]
Description=Linea 1 Modem USB
Documentation=man:mgetty(8)
Requires=systemd-udev-settle.service
After=systemd-udev-settle.service

[Service]
Type=simple
ExecStart=/sbin/mgetty -x0 -s 57600 /dev/ttyUSB0
Restart=always
PIDFile=/var/run/mgetty.pid.ttyUSB0

[Install]
WantedBy=multi-user.target

then, standard setup:

systemctl start mgetty.service

systemctl enable mgetty.service

and last mgetty config

/etc/mgetty/mgetty.config

debug 5
port ttyUSB0
data-only y
toggle-dtr n

Now, PPP, this is also really simple.

After we install PPP, we edit the /etc/ppp/options

debug
login
default-asyncmap
require-pap
proxyarp
ktune
ms-dns 192.168.32.1

then create a device option file

/etc/ppp/options.ttyUSB0

local
lock
nocrtscts
192.168.32.1:192.168.32.105
netmask 255.255.255.0
debug
noauth

then we create the user and configure secrets.

useradd -G dialout,dip,users -d /home/dial -g users -s /usr/sbin/pppd dial

i did change this user password to "dial"

now we need to create the pap-secrets so we can authenticate with ppp: /etc/ppp/pap-secrets

dial * dial *

and last, at least for now, you enable packet forwarding for IP4 editing /etc/sysctl.conf

# Uncomment the next line to enable packet forwarding for IPv4
net.ipv4.ip_forward=1

with this you get networking working over serial, atleast with modem, haven't tested direct serial yet.

Discussions

Ruben.vallinga wrote 05/27/2018 at 20:15 point

Nice how-to! really helpful now most of the old how-to's don't work anymore. 

I am experiencing a number of problems. I can dial into the modem and see in the mgetty log that I am connected. Unfortunately I do not have access to internet, and no internet access on the raspberry anymore. When i disconnect the modem my raspberry has internet connection again. 

I can make internal connections, for example VNC (from the PC with dial out modem to the raspberry) and log in to the raspberry terminal. 

below you can see all my configuration files and log file.
my router has the ip address 10.0.1.1 and my raspberry 10.0.1.37

settings: 

/lib/systemd/system/mgetty.service

[Unit]

Description=Linea 1 Modem USB

Documentation=man:mgetty(8)

Requires=systemd-udev-settle.service

After=systemd-udev-settle.service

[Service]

Type=simple

ExecStart=/sbin/mgetty -x0 -s 115200 /dev/ttyUSB0

Restart=always

PIDFile=/var/run/mgetty.pid.ttyUSB0

[Install]

WantedBy=multi-user.target

/etc/mgetty/mgetty.config

debug 5

port ttyUSB0

data-only y

toggle-dtr n

/etc/ppp/options

debug

login

default-asyncmap

require-pap

proxyarp

ktune

ms-dns 10.0.1.1     (tried also google 8.8.8.8, didn't work too) 

/etc/ppp/options.ttyUSB0

local

lock

nocrtscts

10.0.1.1:10.0.1.50

netmask 255.255.255.0   

debug

noauth

/etc/ppp/pap-secrets

# This is a pap-secrets file to be used with the AUTO_PPP function of

# mgetty. mgetty-0.99 is preconfigured to startup pppd with the login option

# which will cause pppd to consult /etc/passwd (and /etc/shadow in turn)

# after a user has passed this file. Don't be disturbed therefore by the fact

# that this file defines logins with any password for users. /etc/passwd

# (again, /etc/shadow, too) will catch passwd mismatches.

#

# This file should block ALL users that should not be able to do AUTO_PPP.

# AUTO_PPP bypasses the usual login program so it's necessary to list all

# system userids with regular passwords here.

#

# ATTENTION: The definitions here can allow users to login without a

# password if you don't use the login option of pppd! The mgetty Debian

# package already provides this option; make sure you don't change that.

# INBOUND connections

# Every regular user can use PPP and has to use passwords from /etc/passwd

*       hostname        ""      *

# UserIDs that cannot use PPP at all. Check your /etc/passwd and add any

# other accounts that should not be able to use pppd!

("privacy")   *       ("privacy")      *

# OUTBOUND connections

# Here you should add your userid password to connect to your providers via

# PAP. The * means that the password is to be used for ANY host you connect

# to. Thus you do not have to worry about the foreign machine name. Just

# replace password with your password.

# If you have different providers with different passwords then you better

# remove the following line.

#       *       password

/etc/sysctl.conf

# /etc/sysctl.conf - Configuration file for setting system variables

# See /etc/sysctl.d/ for additional system variables.

# See sysctl.conf (5) for information.

#

#kernel.domainname = example.com

# Uncomment the following to stop low-level messages on console

#kernel.printk = 3 4 1 3

##############################################################3

# Functions previously found in netbase

#

# Uncomment the next two lines to enable Spoof protection (reverse-path filter)

# Turn on Source Address Verification in all interfaces to

# prevent some spoofing attacks

#net.ipv4.conf.default.rp_filter=1

#net.ipv4.conf.all.rp_filter=1

# Uncomment the next line to enable TCP/IP SYN cookies

# See http://lwn.net/Articles/277146/

# Note: This may impact IPv6 TCP sessions too

#net.ipv4.tcp_syncookies=1

# Uncomment the next line to enable packet forwarding for IPv4

#net.ipv4.ip_forward=1

net.ipv4.ip_forward=1

# Uncomment the next line to enable packet forwarding for IPv6

#  Enabling this option disables Stateless Address Autoconfiguration

#  based on Router Advertisements for this host

#net.ipv6.conf.all.forwarding=1

###################################################################

# Additional settings - these settings can improve the network

# security of the host and prevent against some network attacks

# including spoofing attacks and man in the middle attacks through

# redirection. Some network environments, however, require that these

# settings are disabled so review and enable them as needed.

#

# Do not accept ICMP redirects (prevent MITM attacks)

#net.ipv4.conf.all.accept_redirects = 0

#net.ipv6.conf.all.accept_redirects = 0

# _or_

# Accept ICMP redirects only for gateways listed in our default

# gateway list (enabled by default)

# net.ipv4.conf.all.secure_redirects = 1

#

# Do not send ICMP redirects (we are not a router)

#net.ipv4.conf.all.send_redirects = 0

#

# Do not accept IP source route packets (we are not a router)

#net.ipv4.conf.all.accept_source_route = 0

#net.ipv6.conf.all.accept_source_route = 0

#

# Log Martian Packets

#net.ipv4.conf.all.log_martians = 1

data log mgetty: 

May 27 21:38:21 raspberrypi pppd[1147]: pppd 2.4.6 started by root, uid 0
May 27 21:38:21 raspberrypi pppd[1147]: Using interface ppp0
May 27 21:38:21 raspberrypi pppd[1147]: Connect: ppp0 <--> /dev/ttyUSB0
May 27 21:38:24 raspberrypi pppd[1147]: user modem logged in on tty ttyUSB0 intf ppp0
May 27 21:38:24 raspberrypi pppd[1147]: PAP peer authentication succeeded for modem
May 27 21:38:24 raspberrypi kernel: [10272.660734] PPP BSD Compression module registered
May 27 21:38:24 raspberrypi kernel: [10272.672007] PPP Deflate Compression module registered
May 27 21:38:24 raspberrypi pppd[1147]: found interface wlan0 for proxy arp
May 27 21:38:24 raspberrypi pppd[1147]: local  IP address 10.0.1.1
May 27 21:38:24 raspberrypi pppd[1147]: remote IP address 10.0.1.50
May 27 21:38:40 raspberrypi rsyslogd-2007: action 'action 17' suspended, next retry is Sun May 27 21:40:10 2018 [try http://www.rsyslog.com/e/2007 ]

internet connections: 

eth0      Link encap:Ethernet  HWaddr b8:27:eb:6a:92:45  
          inet6 addr: fe80::c29:dca7:11de:352b/64 Scope:Link
          UP BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:849 errors:0 dropped:0 overruns:0 frame:0
          TX packets:849 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1 
          RX bytes:148408 (144.9 KiB)  TX bytes:148408 (144.9 KiB)

ppp0      Link encap:Point-to-Point Protocol  
          inet addr:10.0.1.1  P-t-P:10.0.1.50  Mask:255.255.255.255
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1500  Metric:1
          RX packets:43 errors:0 dropped:0 overruns:0 frame:0
          TX packets:34 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:3 
          RX bytes:3208 (3.1 KiB)  TX bytes:2248 (2.1 KiB)

wlan0     Link encap:Ethernet  HWaddr b8:27:eb:3f:c7:10  
          inet addr:10.0.1.37  Bcast:10.0.1.255  Mask:255.255.255.0
          inet6 addr: fe80::73d:fcbb:6308:5bed/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:69050 errors:0 dropped:0 overruns:0 frame:0
          TX packets:97882 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:8487324 (8.0 MiB)  TX bytes:89636292 (85.4 MiB)

I hope u can help me out, thanks!! 

  Are you sure? yes | no

Leonardo wrote 10/20/2018 at 00:41 point

Hi Ruben, sorry about the looong delay, but did not get any notification about this, do you still have the issue?

  Are you sure? yes | no