Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
SDN 101: An Introduction to Software Defined Networking
Discover the advantages of SDN.
SDN has quickly become one of the hottest trends in IT. But not all SDN solutions offer real software-defined functionality. As more enterprises consider SDN, they want to know, “What is SDN? And what are the real benefits?” If you're ready to explore the advantages of SDN, and want to know how it should be implemented within your enterprise, start by reading our introductory white paper.
Click Here to receive this Complete Guide absolutely free.
I configured a ppp-over-ssh vpn, by bringing up a new ppp interface to a remote site, adding some static routes, and inserting a firewall rule that allows traffic via the new ppp interface.
It works - but only if I issue all commands manually in the right order.
However, it would be nice to create a script that can do the same automatically.
A such script could look like this:
# Bring up the vpn link (i.e. create the new ppp interface) by pppd
/usr/sbin/pppd call vpn
# Run a script that adds my specific routes and inserts a rule into the firewall to allow traffic via the new interface
But the above script will not work: the vpn_addroute.sh script will not be run as long as the link is up (because pppd only finishes when the link is brought down).
Maybe I could do this:
/usr/sbin/pppd call vpn &
But, in this case, vpn_addroute.sh would be run in parallel with pppd, so, how could it find out when the interface is FULLY brought up, I mean, the /etc/ppp/ip-up script has finished running? ( if the vpn_addroute.sh script inserts the firewall rule before the ip-up script called by pppd has finished, then the new firewall rule will be lost because the standard ip-up script resets the firewall).
Naturally, I could (maybe) modify the ip-up script, but I want a "clean" solution that does not modify any system scripts, only adds (or removes) some scripts or modifies some config files in order to bring up the link.
However, the ip-up.local script is always run, not only when I bring up the vpn. So it would also be run when I just dial in to my ISP, and that way the routes and the firewall rules could be attached to the wrong ppp interface.
To solve the problem, the ip-up.local script should behave differently when bringing up the link to my ISP and when I bringing up the vpn.
So far I have no idea how the ip-up.local script could distinguish between these two cases.
Problem solved: the ip-up.local script gets $REMOTEIP as a startup parameter, and that tells the ip-up.local script if it is to bring up the vpn or the link to my ISP.