On Fri, 16 Nov 2001, AD Marshall wrote: > > It's supposed to be. But, duh, i'll be danged if i've been able to figure it out so >far, even after reading almost all of the man pages, latest howtos and tutorials. >I've only got this one, for redhat 6.2, to go and i haven't had the nerve to dive >into it yet: >http://www-jerry.oit.duke.edu/linux/HOWTO/AAAfirewall_install_with_ppp_v62.html
My apologies if my suggestions are out of place as I've only cursorily followed this thread. When I did Dial on Demand (ppp) my preference was "diald", a tool I would still recommend. Never had much success in getting pppd's DOD working properly. Another thought, IIRC ppp support pre and post connection script support that, I think, was defined in /etc/ppp/options. Sorry, brain fade comes on pretty quick when the T-1 gets installed and it just works all the time. And lastly a favour? Please have your email client enable word wrap at 72 characters. Generally it is a mail-list etiquette standard and it does make it more difficult to provide a cogent reply. Thanks. > > >>I can't help much there as I don't use DOD. I did have it working a > >>time or two though, and it seems like you have to specify some extra > >>options (in addition to 'demand' and 'idle') in the ifcfg-ppp0 file. > >>Seems like you've got to give it your ISP's IP addr--I can't remember. > >>I think you also have to run 'ifup ppp?' to start pppd, so that it can > >>listen for traffic. Does the PPP-Howto have anything to say about > >>DOD? > >> > >>I never could quite get DOD to do what I wanted because there was > >>always something bringing the link up when I didn't want it to. I run > >>named and several other servers on my LAN, including Apache. Quite > >>often, I or one of my users will load Netscape to look at a local > >>document, and Netscape tries to connect to its home causing the link > >>to come up. That kind of thing was always happening, so I disabled > >>DOD. You might also be interested in diald. I can't remember the > >>url, but I'm sure it's listed at freshmeat. > > > > I found that various things would cause spurious dialups. Microsoft networking >was the worst. I filtered this in the firewall. > > > > Windows also wants to check things in DNS periodically, so I added a caching DNS >server to my firewall. This was set up via the DNS-howto as a caching server. The >only change (aside from local names was to add the line > >" forward only; // check local first, then forward (won't dial?)" > >to the options section of the named.conf file. This should resolve the name locally >first, then dial out to resolve it if it is not in the cache. _______________________________________________ Seawolf-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/seawolf-list
