Hi, On Wed, 1 Feb 2023 21:32:29 +0300 Vitaliy Makkoveev <m...@openbsd.org> wrote: > On Wed, Feb 01, 2023 at 09:00:13PM +0900, YASUOKA Masahiko wrote: >> ... >> >> But I think we should keep the part since it is needed when adding a >> tunneling protocol which is not supported by pipex, or running npppd >> on another OS. >> >> >> If having "pipex yes/no" configuration is misleading, we can improve >> >> the man page or the configuration itself. >> > >> > pipex yes | no >> > Specify whether npppd(8) uses pipex(4). The default is >> > “yes”. The sysctl(8) variable net.pipex.enable should >> > also be enabled to use pipex(4). >> > >> > There is no misleading. But with "pipex no" npppd(8) is usable with >> > pppac(4), but with pppx(4) it is not. Also, I don't like that it >> > successfully creates connection. Guess, it better to deny "pipex no" >> > for pppx(4). >> >> I agree both. >> > > So, deny "pipex no" for pppx(4) interfaces.
ok yasuoka Thanks, > Index: usr.sbin/npppd/npppd/npppd.conf.5 > =================================================================== > RCS file: /cvs/src/usr.sbin/npppd/npppd/npppd.conf.5,v > retrieving revision 1.30 > diff -u -p -r1.30 npppd.conf.5 > --- usr.sbin/npppd/npppd/npppd.conf.5 31 Mar 2022 17:27:30 -0000 1.30 > +++ usr.sbin/npppd/npppd/npppd.conf.5 1 Feb 2023 18:28:29 -0000 > @@ -362,6 +362,11 @@ variable > .Va net.pipex.enable > should also be enabled to use > .Xr pipex 4 . > +This value must be > +.Dq yes > +for > +.Xr pppx 4 > +interfaces. > .It Ic debug-dump-pktin Ar protocol ... > If this option is specified, > .Xr npppd 8 > Index: usr.sbin/npppd/npppd/parse.y > =================================================================== > RCS file: /cvs/src/usr.sbin/npppd/npppd/parse.y,v > retrieving revision 1.25 > diff -u -p -r1.25 parse.y > --- usr.sbin/npppd/npppd/parse.y 15 Oct 2021 15:01:28 -0000 1.25 > +++ usr.sbin/npppd/npppd/parse.y 1 Feb 2023 18:28:29 -0000 > @@ -924,6 +924,14 @@ bind : BIND TUNNEL FROM STRING AUTHENTI > free($9); > YYERROR; > } > + if (tunn->pipex == 0 && iface->is_pppx) { > + yyerror("pipex should be enabled for" > + " interface %s", $9); > + free($4); > + free($7); > + free($9); > + YYERROR; > + } > if ((n = malloc(sizeof(struct confbind))) == NULL) { > yyerror("out of memory"); > free($4); >