Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I configured a ppp-over-ssh vpn, by bringing up a new ppp interface to a remote site, adding some static routes, and inserting a firewall rule that allows traffic via the new ppp interface.
It works - but only if I issue all commands manually in the right order.
However, it would be nice to create a script that can do the same automatically.
A such script could look like this:
# Bring up the vpn link (i.e. create the new ppp interface) by pppd
/usr/sbin/pppd call vpn
# Run a script that adds my specific routes and inserts a rule into the firewall to allow traffic via the new interface
/usr/local/bin/vpn_addroute.sh
But the above script will not work: the vpn_addroute.sh script will not be run as long as the link is up (because pppd only finishes when the link is brought down).
Maybe I could do this:
/usr/sbin/pppd call vpn &
/usr/local/bin/vpn_addroute.sh
But, in this case, vpn_addroute.sh would be run in parallel with pppd, so, how could it find out when the interface is FULLY brought up, I mean, the /etc/ppp/ip-up script has finished running? ( if the vpn_addroute.sh script inserts the firewall rule before the ip-up script called by pppd has finished, then the new firewall rule will be lost because the standard ip-up script resets the firewall).
Naturally, I could (maybe) modify the ip-up script, but I want a "clean" solution that does not modify any system scripts, only adds (or removes) some scripts or modifies some config files in order to bring up the link.
However, the ip-up.local script is always run, not only when I bring up the vpn. So it would also be run when I just dial in to my ISP, and that way the routes and the firewall rules could be attached to the wrong ppp interface.
To solve the problem, the ip-up.local script should behave differently when bringing up the link to my ISP and when I bringing up the vpn.
So far I have no idea how the ip-up.local script could distinguish between these two cases.
Edit:
Problem solved: the ip-up.local script gets $REMOTEIP as a startup parameter, and that tells the ip-up.local script if it is to bring up the vpn or the link to my ISP.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.