controlling connection - PPP

This is a discussion on controlling connection - PPP ; Hi, Is there a way to enforce stopping linux ppp connection after a fixed time period as my idle time disconnect parameter is being defeated by port scanning.... Thanks Berni Elbourn...

+ Reply to Thread
Results 1 to 4 of 4

Thread: controlling connection

  1. controlling connection

    Hi,

    Is there a way to enforce stopping linux ppp connection after a fixed
    time period as my idle time disconnect parameter is being defeated by
    port scanning....

    Thanks

    Berni Elbourn


  2. Re: controlling connection

    On Mon, 08 Sep 2003 17:44:41 +0100, Berni Elbourn wrote:
    >
    >
    > Hi,
    >
    > Is there a way to enforce stopping linux ppp connection after a fixed
    > time period as my idle time disconnect parameter is being defeated by
    > port scanning....
    >
    > Thanks
    >
    > Berni Elbourn
    >



    Maybe you could have a script like the following run:

    while true ; do

    if X | grep Y ; then

    sleep n

    killall Z

    else sleep 10

    fi

    done


    where X was a utility whose output included the information about the
    state of the interface/port

    and Y was the specific information on that port's state

    n was the number of seconds to keep the interface/port up

    and Z was the specific command to kill the interface.


    This would be a sort-of daemon, checking every 10 seconds to see if the
    connection was up, and if so, killing it after n seconds.

    On my simple system it would be:

    while true ; do

    if ps a | grep [p]ppd ; then

    sleep n

    killall pppd

    else sleep 10

    fi

    done


    Hope this gives you some ideas, Berni.



    Alan C


    --

    take control of your mailbox ----- elrav1 ----- http://tinyurl.com/l55a



  3. Re: controlling connection

    Hi Clifford,

    you wrote:
    > Adding the pppd option
    > active-filter 'outbound'
    > will prevent all in-bound traffic from resetting the pppd idle timer.


    Did you try this? When giving the 'outbound' expression to tcpdump it
    gives:
    tcpdump: inbound/outbound not supported on linktype 113

    When looking into the source this is caused by the fact libpcap does
    uses a PF_PACKET socket on linux which does not provide a in-/outbound
    notification inside of the packet data and BPF only able to act on the
    packet data not on data supplied out-of-band.


    Michael

    --
    Linux@TekXpress
    http://www-users.rwth-aachen.de/Mich...kxp/tekxp.html

  4. Re: controlling connection

    Hi Clifford,

    you wrote:
    > > When looking into the source this is caused by the fact libpcap does
    > > uses a PF_PACKET socket on linux which does not provide a in-/outbound
    > > notification inside of the packet data and BPF only able to act on the
    > > packet data not on data supplied out-of-band.

    >
    > Interesting, I just supposed that tcpdump itself omitted that support.
    > Also pppd 2.4.1 and 2.4.2b3 seem to use libpcap. ?


    I looked into it now. Yes, pppd does use libpcap. But not its functions
    to snoop the packets since it does get them anyway. So pppd can
    circumvent the problem caused by using the PF_PACKET socket.


    Michael

    --
    Linux@TekXpress
    http://www-users.rwth-aachen.de/Mich...kxp/tekxp.html

+ Reply to Thread