Наши партнеры

Книги по Linux (с отзывами читателей)

Библиотека сайта rus-linux.net

Next: The Point-to-Point Protocol Up: Serial Line IP Previous: mode and default

Running in Server Mode

Setting up your SLIP client was the hard part. Doing the opposite, namely configuring your host to act as a SLIP server, is much easier.

One way to do this is to to use dip in server mode, which can be achieved by invoking it as diplogin. Its main configuration file is /etc/diphosts, which associates login names with the address this host is assigned. Alternatively, you can also use sliplogin, a BSD-derived tool that features a more flexible configuration scheme that lets you execute shell scripts whenever a host connects and disconnects. It is currently at Beta.

Both programs require that you set up one login account per SLIP client. For instance, assume you provide SLIP service to Arthur Dent at dent.beta.com, you might create an account named dent by adding the following line to your passwd file:

           dent:*:501:60:Arthur Dent's SLIP account:/tmp:/usr/sbin/diplogin

Afterwards, you would set dent's password using the passwd utility.

Now, when dent logs in, dip will start up as a server. To find out if he is indeed permitted to use SLIP, it will look up the user name in /etc/diphosts. This file details the access rights and connection parameter for each SLIP user. A sample entry for dent could look like this:

           dent::dent.beta.com:Arthur Dent:SLIP,296

The first of the colon-separated fields is the name the user must log in as. The second field may contain an additional password (see below). The third is the hostname or IP-address of the calling host. Next comes an informational field without any special meaning (yet). The last field describes the connection parameters. This is a comma-separated list specifying the protocol (currently one of SLIP or CSLIP), followed by the MTU.

When dent logs in, diplogin extracts the information on him from the diphosts file, and, if the second field is not empty, prompts for an ``external security password''. The string entered by the user is compared to the (unencrypted) password from diphosts. If they do not match, the login attempt is rejected.

Otherwise, diplogin proceeds by flipping the serial line to CSLIP or SLIP mode, and sets up the interface and route. This connection remains established until the user disconnects and the modem drops the line. diplogin will then return the line to normal line discipline, and exit.

diplogin requires super-user privilege. If you don't have dip running setuid root, you should make diplogin a separate copy of dip instead of a simple link. diplogin can then safely be made setuid, without affecting the status of dip itself.


Next: The Point-to-Point Protocol Up: Serial Line IP Previous: mode and default

Andrew Anderson
Thu Mar 7 23:22:06 EST 1996