Quickly perused the diald-examples man...I just happen to have it on a
machine here at the office (although I have no use for diald here).
Anyway...one last question...
I may have just missed this in my once-over of the man page...but rules are
parsed in order as they are in the file correct?...
so I could have a line like:
accept any 60 any
followed by:
ignore tcp tcp.dest=tcp.domain
ignore tcp tcp.source=tcp.domain
And diald would except any packets and ignore DNS packets...
whereas if I were to put:
ignore tcp tcp.dest=tcp.domain
ignore tcp tcp.source=tcp.domain
followed by:
accept any 60 any
DNS packets would be accepted...
----- Original Message -----
From: Mike Jagdis <[EMAIL PROTECTED]>
To: Sean M. Alderman <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Wednesday, October 06, 1999 9:37 AM
Subject: Re: diald.conf specs...
> On Mon, 4 Oct 1999, Sean M. Alderman wrote:
>
> > Currently what happens is - from a non-dialed state, I issue a ping
> > www.freshmeat.net
> > Diald picks the line up and makes the connection, I get pings for a
while
> > (about 30 seconds) then the line hangs up....which the way I have it set
> > right now should happen (the disconnect I mean). However...from the
file I
> > have, I can't tell what I need to do to keep the connection alive if
icmp
> > packets are moving out over the connection...
>
> Normally icmp packets should be caught by the "accept any 30 any"
> rule at the end of the usual filter rules. If that isn't the case
> then either they are being caught by an earlier rule or diald
> doesn't actually believe the link has come up (which appears to
> be a frequent problem for people using RedHat for some strange
> reason - usually related to not having understood what a diald
> connect script does).
>
> If you prefer you can add a specific filter rule for icmp
> such as "keepup icmp 60 any".
>
> > What I'm looking for is a detailed doc on what the directives in the
> > diald.conf file are and do. What I'm curious about also, is whether or
not
> > I can add rules that are not covered in the configuration file...or
perhaps
> > make some rules more specific. So that I can set up diald to hold the
> > connection as long as packets for service ABC are flowing (where ABC is
any
> > service I specify), but it will only dial on a DNS lookup.
>
> See "man diald" and "man diald-examples". You can add whatever
> rules you like.
>
> Mike
>
> --
> .----------------------------------------------------------------------.
> | Mike Jagdis | Internet: [EMAIL PROTECTED] |
> | 280, Silverdale Road, Earley, | Voice: +44 118 926 6996 |
> | Reading RG6 7NU ENGLAND | Work: +44 118 989 0403 |
> `----------------------------------------------------------------------'
>
>
-
To unsubscribe from this list: send the line "unsubscribe linux-diald" in
the body of a message to [EMAIL PROTECTED]
