User PPP can be configured to wake up when a connected modem answers an incoming call. After successful authentication, the user is logged into your FBSD system. If this FBSD system also has public Internet access, then that user also has access to the public Internet. This function is commonly used to allow the owner of the system to use his FBSD system from a remote location, or to allow a friend to dial in so he can have free Internet access. This is like your FBSD system acting as a one user ISP. Technically you could have one modem for dial out to your ISP for a public Internet connection and up to 6 modems for incoming calls depending on how many PCI expansion slots there are on the motherboard and external serial com port nipples. Or you could have a PCI serial expansion board that shares one IRQ with up to 24 serial com nipples to service even more dial in phone lines. As a matter of fact, this is how the first ISP's did it in the early days.
It must be pointed out that the ‘incoming function’ does have one drawback. Since there is a sending voice modem calling a receiving voice modem directly, the connection is limited to a max connection speed of 33.6 under the best connections in the USA. This is because of FCC regulation limiting the voltage allowed on the copper wires of the public phone system. This will be true even with 56k modems at both ends. Other countries around the world like Hong Kong, South Africa, and some places in the old USSR who use the old British type voice phone system have higher line voltages and do get higher connection rates using 56k modems at both ends.
The ‘incoming function’ can be used without the ‘dial your ISP function’, like in the case where you have home cable or DSL access to the public Internet and you want to be able to call your home system from work to check your personal Email or to access the public Internet through your home system.
If you're adding the ‘incoming function’ to your ‘dial your ISP function’, it’s absolutely necessary that you have the user PPP ‘dial your ISP function’ tested and working first.
How ever you're going to use the ‘incoming function’, you must first follow the instructions at How to determine if FBSD found my modem at boot time? to verify the incoming modem is found and connected to your FBSD system.
If you want to use the ‘incoming function’ without the ‘dial your ISP function’, you have to uncomment the commented out statements located at the beginning of the following statements and create a /etc/ppp/ppp.conf file that only contains these statements.
If you are adding the ‘incoming function’ to your ‘dial your ISP function’ statements then you can delete the commented out statements located at the beginning of the following statements and add the remaining statements to the end of your current /etc/ppp/ppp.conf file.
Incoming connections are just like LAN connections. Private, non-routable IP addresses must be assigned to the connections. You can copy and paste directly from this web page html file.
#### start of section to process incoming modem call #########
#Section header names start in position 1 like incoming: section header
# All embedded commands start in position 2.
# If you are going to use the incoming function without the
# dial your ISP function, then you have to uncomment the
# following statements, otherwise you can delete all the
# commented out statements up to the
# incoming: section header statement.
#default: # section header name
# set log Phase Chat LCP IPCP CCP tun command #do logging
# set timeout 0 # no idle time, will not disconnect
# disable pred1 deflate lqr # compression features and
# deny pred1 deflate lqr # line quality reporting
incoming: # section header name
enable pap # uses ppp.secret file
# SECURITY WARNING - It is VITAL that PAP is enabled.
# If it is not you are allowing any body to establish a
# dial in PPP session with your FBSD box using any
# ID/password. There is no authentication being done on
# incoming PPP connections if PAP is not enabled. SECURITY WARNING
allow users * # allow all users who pass authentication access
accept dns # give dial in connection access to DNS lookup
# Each incoming sessions needs it own private non-routable
# IP address. The following assigns static private IP address to
# this dial in line and to the receiving FBSD host.
# 10.0.0.2 = Static IP address of this FBSD host
# 10.0.0.5 = Static IP address for this dial in line
set ifaddr 10.0.0.2 10.0.0.5 255.255.255.248
# The following is commented out and is here as a example.
# If I had 4 modems connected to this box, any mix of external
# or internal modems for dial in access and activated the
# appropriate ttyd statements in /etc/ttys file, this incoming
# ppp.conf section will work as is. The following set ifaddr
# command assigns dynamic IP address from
# a range of reserved IP address. 10.0.0.71 through 10.0.0.74.
# 10.0.0.1 is the private IP address assigned to this FBSD host.
# set ifaddr 10.0.0.1 10.0.0.71-10.0.0.74 255.255.255.0
########################### end of file ########################
Every user that will be using PPP dial in services must have an account created on this FBSD box using the adduser or pw commands and have their account ID and password added to the ppp.secret file to authorize them to login using this dial in service. When creating these users be sure to put them in the network group. Only the network group can use dial in services.
cp /usr/share/examples/ppp/ppp.secret.sample /etc/ppp/
The ppp.secret file has a heading and will look like this. Add your users like user jones & his password 777666
# Authname Authkey Peer's IP address Label Callback
You have to create a script to launch the user PPP session telling it to read the incoming section. The program ppp belongs to the group network, so you have to change the file ppplogin's group to network and its permissions to read/write for the owner, read/execute for group, and none for everyone else.
cd /etc/ppp # change into directory
ee ppplogin # create new file & enter the following 2 lines
exec /usr/sbin/ppp -direct incoming
Now you have to set the group this new file belongs to and its permissions:
chgrp network ppplogin # assign file ppplogin to network group
chmod 650 ppplogin # set file permissions
A parameter has to be added to the gettytab default section for automatic PPP recognition by specifying the pp capability. It points to the script we want launched. Add pp=/etc/ppp/ppplogin. Make the default look just like this:
:cb:ce:ck:lc:fd#1000:im=\r\n%s/%m (%h) (%t)\r\n\r\n:sp#1200:\
Now you have to activate a tty serial terminal device in the /etc/ttys file to monitor the com port that the inbound modem is connected to. Com1 equates to ttyd0, com2 equates ttyd1, com3 equates ttyd2 and com4 equates ttyd3. You activate the serial terminal monitor ttyd device by changing the keyword off to on.
I have listed the whole group of serial terminals ttyd statements here so you can better find them in the /etc/ttys file.
# name getty type status comments
# Serial terminals
# The 'dialup' keyword identifies dial in lines to login.
ttyd0 "/usr/libexec/getty std.9600" dialup off secure
ttyd1 "/usr/libexec/getty std.9600" dialup off secure
ttyd2 "/usr/libexec/getty std.9600" dialup off secure
ttyd3 "/usr/libexec/getty std.9600" dialup off secure
As you can see this file has not been updated to reflect the serial port baud rate of the modern modems currently on the market. These statements are configured for 9600 baud legacy modems which have not been manufactured in 10 years. The serial port baud rate is the speed that the serial port controller talks to the modem hardware. It’s not the speed the modem connects to the remote modem.
Change all the std.9600 to std.115200 which is the serial port baud rate for 56K modems.
For a PCI modem you have to replicate the ttyd3 line and name it ttyd4 for com5. Remember that when the boot probe process finds a PCI modem it moves it to sio4 which is com5, which has a device name of cuaa4.
In our example of user PPP configuration for incoming calls we are using a PCI 56k modem. You have to create the ttyd4 statement and change the off to on to enable it.
ttyd0 "/usr/libexec/getty std.115200" dialup off secure
ttyd1 "/usr/libexec/getty std.115200" dialup off secure
ttyd2 "/usr/libexec/getty std.115200" dialup off secure
ttyd3 "/usr/libexec/getty std.115200" dialup off secure
ttyd4 "/usr/libexec/getty std.115200" dialup on secure
Reboot to enable your changes, you will see the ttyd4 serial terminal device you enabled above in the active task list using the ps ax command.
If you want the dial in user to have access to the public Internet you have to add a additional options statements to rc.conf file. Your FBSD system will have to become a gateway.
ALL external and internal PCI voice modems since they were first developed have been manufactured to comply to the Hayes standard. When you turn on your modem or reset it, your modem loads the ‘active configuration profile’ into non-volatile memory (NVRAM). The active configuration profile is a group of configuration settings, derived from the values of the modem’s internal S registers, that define how the modem will operate. The active configuration profile can be either the factory default, or one of two user defined profiles. The first time your modem is turned on, the factory default profile is loaded into the ‘active profile' in non-volatile memory (NVRAM). The factory default profile is stored in the modem’s read-only memory (ROM) and cannot be changed. The factory default profile contains standard settings which allow the majority of users to use their modem without ever knowing about the Hayes standard. Modems are not factory configured to answer incoming calls by default, so you will have to manually create your own user profile, enable auto answer on first ring, save it to one of the user profiles in NVRAM, and tell the modem to use it as the default profile on power up and reset.
Use the 'tip' command to send Hayes commands to permanently configure the modem to answer incoming calls.
Note: The Hayes modem commands are capital letters and the '0' is a zero.
On the command line enter
tip comX # where X is the com port your modem is on.
AT&F0 # load the factory default profile0 into current profile.
ATS0=1 # tell current profile to answer on first ring.
AT # Enter AT command 10 times to train modem to 115200 speed
AT&W0 # write current profile to saved user profile0.
AT&Y0 # tell modem to load user profile0 as default on power up.
Use the keyboard ~ key followed by the . key to exit tip.
The serial terminal device ttyd4 is listening on the com port waiting for the PCI modem to answer an incoming call. After the modem answers an incoming call the ttyd4 device recognizes that fact and launches the script ppplogin that was specified by the gettytab pp= option. The ppplogin script issues the embedded command to execute the ppp program using the ppp.conf incoming section to authenticate the caller's ID and password in the ppp.secret file. After a successful login the remote caller can use their web browser to access the public Internet or use telnet to login to their FBSD system account for access to your FBSD system.
To test you need 3 phone lines. One for the FBSD dial out to your ISP, one for your dial in modem and one for a second PC to dial out on to call the FBSD dial in modem. I used a MS/Windows PC to call into the FBSD box. Just make a new dialer from MS/Windows dial-up networking, giving it the phone number of the FBSD dial in modem and use a user ID and password that you have created an account for and added to ppp.secret. After the MS/Windows dialer logs in, you can use telnet to test the connection. You will have to use 10.0.0.2 as the host name to point to your FBSD system if you used the IP address in the above example.
To do this in WIN 95, 98, or ME, click on 'Start', then 'run', type in C:\WINDOWS\command.com and then hit enter. This will open a native DOS window. WINXP has a menu option in ‘accessories’ for the native DOS prompt. There you type in telnet 10.0.0.2 and press enter. Respond with the user ID and password to get access. Type in 'exit' to terminate the telnet session. This test verifies you have dial in connectivity into your FBSD dial in system. You should be able the use your MS/Windows Internet browser to access the public Internet through your FBSD gateway system.
This FreeBSD Installer Guide is an public domain HOW-TO. This content may be reproduced, in any form or by any means, and used by all without permission in writing from the author.