diff --git a/Manuals/Tcpi-ug/Configurations/Dialup.docbook b/Manuals/Tcpi-ug/Configurations/Dialup.docbook new file mode 100644 index 0000000..3df9460 --- /dev/null +++ b/Manuals/Tcpi-ug/Configurations/Dialup.docbook @@ -0,0 +1,10 @@ + + + IP Through Telephone Line + + &configurations-dialup-intro; + &configurations-dialup-modem; + &configurations-dialup-server; + &configurations-dialup-client; + + diff --git a/Manuals/Tcpi-ug/Configurations/Dialup/client.docbook b/Manuals/Tcpi-ug/Configurations/Dialup/client.docbook new file mode 100644 index 0000000..866a65e --- /dev/null +++ b/Manuals/Tcpi-ug/Configurations/Dialup/client.docbook @@ -0,0 +1,35 @@ + + + The Client Computer + + + In order for you to reach the web interface that let you get + registered into the ISP, you need to configure a + point-to-point connection in your workstation using the + following information: + + + + + ISP Name: projects.centos.org + + + + + ISP Phone: +53 043 515094 + + + + + Username: ppp-client + + + + + Password: isp4everyone + + + + + + diff --git a/Manuals/Tcpi-ug/Configurations/Dialup/intro.docbook b/Manuals/Tcpi-ug/Configurations/Dialup/intro.docbook new file mode 100644 index 0000000..6c3a7b8 --- /dev/null +++ b/Manuals/Tcpi-ug/Configurations/Dialup/intro.docbook @@ -0,0 +1,211 @@ + + + Introduction + + + This chapter describes two computers configuration, one acting + as server and other as client. The server computer will be + configured to provide internet services and the client to make + use of internet services provided by the server computer. The + connection medium both client and server computer use is the + telelphone line (i.e., the same medium you use to realize + phone calls). In this configuration, both client and server + computers use special devices named Modems to + transmit data in form of sound across the telephone line. The + configuration described in this chapter could be a good choise + when the only communication medium you have access to is the + telephone system. + + + + Even this configuration tries to reduce the lack of + communication, there are limitations around it that we cannot + take off, yet. The following list shows what these limitations + are: + + + + + + Only one connection (of 15 minutes) is possible at a time. + + + + + More than 3 consecutive connections from the same phone number + in a time range of 60 minutes means that that number is + attacking the ISP to provoke a Denying of + Service (DoS) attacks. In such cases, the phone number + originating the phone call will be denyed from realizing + further phone calls onto the ISP in the next 15 minutes. If + after 15 mintes, 3 new consecutive connections are detected + from the same phone number than before, the delay time will be + duplicated on each consecutive interval (e.g., 15*1 for the + first time, 15*2 for the second time, 15*3 for the third time, + and so on). + + + + + In order to achieve an acceptable degree of efficiency when + controlling consecutive connections from the same phone + number, it is required that both the client's phone number and + connection time be registered somehow in the server (e.g., Is + it on pppd's log file?). Without such information it would be + very difficult to achieve any prevention against DoS attacks + originated from incoming calls. + + + + + + + The ISP is isolated from Internet, so it is not possible to + provide Internet access through the ISP. For example, don't + ever think you will be able to send international e-mail to + Gmail or Yahoo, nor visit web sites like Google or Wikipedia. + I really would like to provide such accesses, but without a + link to Internet I don't have where to send your requests. + + + + + The information generated inside the ISP is jailed to it. This + way, it will be available to people registered inside the ISP + only (e.g., through the web interface). + + + + + The implementation of services that required persistent + connections (e.g., chats) will not + be considered as a practical offer. Instead, only + asynchronous services (e.g., + e-mail) will be supported. This + restriction is required to reduce the connection effective + times. For example, consider an environment where you connect + the ISP to send/receive e-mails only and then quickly + disconnect from ISP to release the line for others to use. + There is no need for you to be connected at the same time + someone else sends you an e-mail, this in order for you to + receive it. E-mail messages sent to you will be available in + your mailbox the next time you establish a point-to-point + connection with the ISP and use your mail client to send and + receive new messages. Likewise, you don't need to be connected + to the ISP in order to write your e-mail messages. You can + write your messages off-line and then establish connection to + send it whe it be ready. + + + + + Your user profile will be automatically removed from the ISP + when no effective point-to-point connection be established by + you in a period greater than 7 days since the last effective + point-to-point connection you established to the ISP. When + your user profile is removed, you will need to get registered + again (i.e., create a new user profile) using the web + interface provided by the ISP. + + + + When a user receive messages, the user's e-mail client must be + configure to move the e-mail messages from server to client. + This is forced in the ISP computer by denying user's from + accessing the IMAP service. Only POP service will be + available. This restriction is required to save disk space on + ISP computer. + + + + + + I'm very sorry about these limitations, but this is the best I + can offer with one PC, one modem, and one single telephone + line. If you think this configuration can be improved somehow, + please send me an e-mail to + al@projects.centos.org. Notice that, in order + for you to be able to send e-mails to this address you need to + do it using the Mail Transfer Agent provided in the server + computer. I don't answer phone calls personally, the phone is + very busy answering point-to-point connections ;). + + + + + The projects.centos.org mentioned in + this chapter must not be confused with the real infrastructure + provided by &TCP; on Internet. The domain name mentioned in + this chapter is not available on Internet and was created to + illustrate the real infrastructure inside an isolated + environment. + + + + + In order for you to share information with others, it is + required that both you and the person you want to share + information with, have an e-mail address registered inside + ISP. This registration process is realized through a secured + web interface accessable through an encrypted connection. The + web interface provided should permit everyone to update or + delete their personal profiles. All actions realized through + this web interface must be simple enough to be achieved in + less than 15 minutes (the time you have before the + point-to-point connection be closed by the ISP). + + + + Inside the ISP, user information is stored inside an LDAP + server. The web application manipulates LDAP records and all + related files inside the operating system that make possible a + user to establish a point-to-point connection to the ISP, as + well as registering, updating or deleting its profile inside + the ISP. Care should be taken to prevent one user to + modify/delete profiles from other users. The user's profile + administration is individual to each user using the user's + identity as reference. The user's identity is determined by a + username (e.g., the e-mail address) and a password. The LDAP + server will be available for everyone to consult from their + mail clients. Inside the web application, verifications must + be included to avoid duplicated values, invalid characters and + similar stuff. + + + + Inside the ISP, all related subsystems (e.g., Postix, + Cyrus-Imapd and Saslauthd) must retrive user information from + LDAP server. Likewise, the mailbox administration must be + automated based on the users in the LDAP server. The web + application must be able to be aware of all files related + inside the infrastructure in a way that administration tasks + can be automated and presented friendly to end users (this + will required the web application to run some program that + needs root privileges =:-|). The whole process would be as + follows: + + + + + Establish a point-to-point connection to ISP, as described in + . + + + + + Register a new user profile through the web application + provided by the ISP. + + + + + Configure your workstation using the information provided as + result of a successful registration in order to start using + the services provided by the ISP you recently get registered + in. + + + + + diff --git a/Manuals/Tcpi-ug/Configurations/Dialup/modem.docbook b/Manuals/Tcpi-ug/Configurations/Dialup/modem.docbook new file mode 100644 index 0000000..6bb36a6 --- /dev/null +++ b/Manuals/Tcpi-ug/Configurations/Dialup/modem.docbook @@ -0,0 +1,286 @@ + + + The Modem Device + + + + Installation + + + The modem device installation consists on attacthing the modem + hardware both to the computer and the telephone line. To + connect the modem to your computer, you need to connect the + serial or USB cable that comes from the modem hardware to the + appropriate input on your computer. To connect the modem to + the telephone line system, you need to unplug the cable that + connects your phone device and plug it on the modem device, + specifically in the port reserved for data transmission. + Later, using a similar cable, you could connect your phone + device to the modem's phone port, so you be able of realizing + phone calls when no data transmition take place, as well. + + + + To be on the safe side, do all the installation with the + computer turned off. Then, when everthing has been put in + place, turn it on. Once the system is up, you can verify the + modem hardware using either the lsusb or + lspci commands. For example, if you are + using an USB modem like that one we mentioned before, run the + following command: + + + sudo /sbin/lsusb + + + and you should get an output similar to the following: + + + +Bus 003 Device 001: ID 0000:0000 +Bus 001 Device 001: ID 0000:0000 +Bus 001 Device 002: ID 058f:6366 Alcor Micro Corp. Multi Flash Reader +Bus 002 Device 001: ID 0000:0000 +Bus 005 Device 003: ID 06e0:f104 Multi-Tech Systems, Inc. +MT5634ZBA-USB MultiModemUSB (new firmware) +Bus 005 Device 001: ID 0000:0000 +Bus 005 Device 002: ID 046d:c018 Logitech, Inc. Optical Wheel Mouse +Bus 004 Device 001: ID 0000:0000 + + + + The relevant line here is that mentioning the existence of a + Multi-Tech System, Inc. MT5634ZBA-USB MultiModemUSB (new + firmware) device. + + + + At this point, your computer should be able of responding to + incoming calls but cannot realize outgoing calls, yet. To + administer the way incoming calls are attended in this + computer, read . On the other hand, to realize outgoing calls from this + computer, you need to specify the server information you want + to establish connection to, as described in . + + + + + + Configuration + + + Once the modem hardware has been installed in the computer, it + is necessary to determine what device location the operating + system assigned to it, so applications like + chat be able to know which device + to talk to. This configuration process can be realized + through the wvdialconf command, distributed + with the wvdial package. + + + + Another way to configure modems installed in your computer is + through the graphical interface provided by + system-config-network command. This + interface may result specially useful when you need to + configure your computer to establish Modem connections to + remote Internet Service Providers (ISPs). The interface + provided by system-config-network command + uses the same configuration file that + wvdialconf command does (e.g., + /etc/wvdial.conf), however, there are + some differences in the way these commands create + configuration files that we need to be aware of. + + + + This section describes how you could use the + wvdialconf and + system-config-network commands to configure + the modem installed in your computer, as well as possible + issues you might face if these two commands are arbitrarily + combined one another. + + + + The <command>wvdialconf</command> Command + + + The wvdialconf automatically detects the + location the operating system assigned to your modem, its + maximum baud rate, a good initialization string for it, and + generates/updates the wvdial configuration + file (/etc/wvdial.conf) the + wvdial command needs to work. To set the + modem configuration through wvdialconf + command, run the command as follows: + + + sudo /usr/bin/wvdialconf /etc/wvdial.conf + + + This command will produce an output like the following: + + + +Scanning your serial ports for a modem. + +ttyS0<*1>: ATQ0 V1 E1 -- failed with 2400 baud, next try: 9600 baud +ttyS0<*1>: ATQ0 V1 E1 -- failed with 9600 baud, next try: 115200 baud +ttyS0<*1>: ATQ0 V1 E1 -- and failed too at 115200, giving up. +Port Scan<*1>: S1 S2 S3 +WvModem<*1>: Cannot get information for serial port. +ttyACM0<*1>: ATQ0 V1 E1 -- OK +ttyACM0<*1>: ATQ0 V1 E1 Z -- OK +ttyACM0<*1>: ATQ0 V1 E1 S0=0 -- OK +ttyACM0<*1>: ATQ0 V1 E1 S0=0 &C1 -- OK +ttyACM0<*1>: ATQ0 V1 E1 S0=0 &C1 &D2 -- OK +ttyACM0<*1>: ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0 -- OK +ttyACM0<*1>: Modem Identifier: ATI -- LT V.90 1.0 MT5634ZBA-USB +Data/Fax Modem (Dual Config) Version 5.18e +ttyACM0<*1>: Speed 4800: AT -- OK +ttyACM0<*1>: Speed 9600: AT -- OK +ttyACM0<*1>: Speed 19200: AT -- OK +ttyACM0<*1>: Speed 38400: AT -- OK +ttyACM0<*1>: Speed 57600: AT -- OK +ttyACM0<*1>: Speed 115200: AT -- OK +ttyACM0<*1>: Speed 230400: AT -- OK +ttyACM0<*1>: Speed 460800: AT -- OK +ttyACM0<*1>: Max speed is 460800; that should be safe. +ttyACM0<*1>: ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0 -- OK + +Found an USB modem on /dev/ttyACM0. +Modem configuration written to /etc/wvdial.conf. +ttyACM0<Info>: Speed 460800; init "ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0" + + + + and a wvdial configuration file like the + following: + + + +[Dialer Defaults] +Modem = /dev/ttyACM0 +Baud = 460800 +Init1 = ATZ +Init2 = ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0 +ISDN = 0 +Modem Type = USB Modem +; Phone = <Target Phone Number> +; Username = <Your Login Name> +; Password = <Your Password> + + + + + It is possible to configure the same computer to act both as + server (i.e., to receive incoming calls from clients) and + client (i.e., to realize outgoing calls to servers). However, + be aware that only one of these connections can be established + at a time. + + + + + + + The <command>system-config-network</command> Command + + + The interface provided by + system-config-network command doesn't + detect the configuration intially created by + wvdialconf command. In fact, if you set a + new (modem) hardware configuration through it, any + configuration previously created by + wvdailconf command will be lost. On the + other hand, if you firstly generate the configuration file + using the interface provided by + system-config-network command and later run + the wvdialconf command over it, you will + end up having two similar configuration settings under + different definitions stored in the same configuration file. + + + + + The wvdial command doesn't understand the + configuration file produced by + system-config-network command, even both + wvdialconf and + system-config-network commands use the same + configuration syntax to create the configuration file. + + + + + Inside the /etc/wvdial.conf configuration + file, the interface provided by + system-config-network identifies default + modem configurations through the [Modem0] line, + while the wvdialconf command does the same + through the [Dialer Defaults] line. Something + interesting about the configuration file created by + system-config-network is that it is + possible to create several ISP configurations that reuse + default settings in the [Modem0] section. For + example, consider the following example: + + + +[Modem0] +Modem = /dev/ttyACM0 +Baud = 460800 +SetVolume = 2 +Dial Command = ATDT +Init1 = ATZ +Init3 = ATM1L2 +FlowControl = CRTSCTS +[Dialer Vispa_Internet] +Username = signup +Password = rebel +Phone = 08453080125 +Stupid Mode = 1 +Init1 = ATZ +Init2 = ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0 +Inherits = Modem0 + + + + + The interface provided by + system-config-network command doesn't + provide modem detection (as wvdialconf + command would do) and uses the /dev/modem + as default location. This location doesn't exists by default, + so whatever configuration you set from it will not work. To + solve this issue, chose one of the following workarounds: + + + + + Replace the /dev/modem location by that + one wvdialconf found when the interface + provided by system-config-network ask you + to enter the modem device. + + + + + Create /dev/modem location as a symbolic + link to that location found by wvdialconf + command. For example: + sudo /bin/ln -s /dev/ttyACM0 /dev/modem + + + + + + + + + + diff --git a/Manuals/Tcpi-ug/Configurations/Dialup/server.docbook b/Manuals/Tcpi-ug/Configurations/Dialup/server.docbook new file mode 100644 index 0000000..b54b202 --- /dev/null +++ b/Manuals/Tcpi-ug/Configurations/Dialup/server.docbook @@ -0,0 +1,179 @@ + + + The Server Computer + + + Installation + + + Start with a minimal installation of &TCD;, bootup the + operating system, and login as root user. Later, install the + Dialup Networking Support group of packages + available in the [base] repository of &TCD;. The + installation of this group of packages is required both in + server and client computers. If you don't have this group of + packages installed in your computer, then you can do it as the + following command describes: + + + yum groupinstall "Dialup Networking Support" + + + Other packages might be required based on whether you are + configuring the computer to be a server or a client. The + implementation described in this chapter considers both a + server and client configuration so you can pick up the one + fitting your case. + + + + Name Server + + The name server provides the software required to translate + domain names into IP address and IP addresses into domain + names. With this software you can rembember addresses like + instead of addresses like + . There are other + feautres (e.g., mail exchanger resolution, zone delegation, + etc.) provided by this software that aren't used in the + point-to-point configuration we describe in this chapter. + + + To install this software, run the following command: + + yum install bind + + + There is a bind-chroot packages, however, + we aren't using it because SELinux is already enforced on the + &TCD; filesystem and it provides far more security than the + idea of bind-chroot package itself does. + + + + + + Mail Server + + The mail server provides the software required to let you + send/receive e-mail messages to/from others. The mail server + is splitted in three basic components: The Mail Transfer Agent + (postfix), The Mail Delivery Agent + (Cyrus-Imapd) and an intermediary daemon + named saslauthd to + handle users' authentication. The mail transfer agent is the + program your e-mail client sends e-mail messages to. The mail + delivery agent, on the other hand, is the program your e-mail + client reads e-mail message from (i.e., this is the place + where your mailbox is stored in). The authentication daemon + is used by the mail delivery agent to authenticate user's + credentials (e.g., the information that let you access an + specific mailbox). + + + + To install this software, run the following command: + + + yum install postfix cyrus-imapd cyrus-sasl + + + By default, the sendmail + program is used as mail transfer agent, not postfix. For the + sake of that point-to-point configuration we are implementing, + I decided to use postfix instead as default mail transfer + agent, not sendmail. To effectively achieve this decition, it + is required to use the alternatives + command, as it shown below: + + + alternatives --config mta + + + This command will present you a menu to chose between + available mail transfer agents, so it is there where you + choose to use posfix as default option. Now that you've + changed postfix the default mail transfer agent, you can + saftly remove the sendmail package to avoid unused software + to remain inside the computer. To do this, you can run the + following command: + + + yum remove sendmail + + + In addition to mail server specific packages, we also provide + mailing list support. Mailing lists provide e-mail addresses + that users registered inside the ISP can write to. When you + sed an e-mail to a mailing list, your message is distributed to + all members of that list. In order for this to happen, people + registered inside ISP need to subscribe themselves into that + mailing list they want to receive messages from. The + subscription of mailinglist will be available through a secured + web application in the following url: + + + + + + + + + + + + To install the mailing list software, run the following + command: + + + yum install mailman + + + + Web Server + + The web server provides the software required to support web + interfaces like those one previously mention to register new + users inside the ISP and subscribe mailing lists. The web + server provided in this configuration will accept requests + both unencrypted and encrypted. + + + yum install httpd mod_ssl crypto-utils + + + In addition to mailing lists support, the web server will + provide access to Subversion. Subvesion provides a way to + manage files through version control. The main purpose of + providing Subversion support here is sharing the version of + &TCAR; I've been working on. To install Subversion software, + run the following command: + + yum install subversion mod_dav_svn + + + + + Directory Server + + The directory server provides the software required to unify + user information. This server is access by other server + whenever user information is required. You, as end user, can + also use this server from your workstation to retrive a list + of all users registered in the ISP. This list can be retrived + by the web interface the ISP provides, or any application your + workstation provide (e.g., most e-mail clients provide a way + to configure LDAP servers to build address book from it.). + + + + To install the directory server sofware, run the following + command: + + + yum openldap-servers python-ldap + + + + + diff --git a/Manuals/Tcpi-ug/Configurations/Ppp/client.docbook b/Manuals/Tcpi-ug/Configurations/Ppp/client.docbook deleted file mode 100644 index 866a65e..0000000 --- a/Manuals/Tcpi-ug/Configurations/Ppp/client.docbook +++ /dev/null @@ -1,35 +0,0 @@ - - - The Client Computer - - - In order for you to reach the web interface that let you get - registered into the ISP, you need to configure a - point-to-point connection in your workstation using the - following information: - - - - - ISP Name: projects.centos.org - - - - - ISP Phone: +53 043 515094 - - - - - Username: ppp-client - - - - - Password: isp4everyone - - - - - - diff --git a/Manuals/Tcpi-ug/Configurations/Ppp/intro.docbook b/Manuals/Tcpi-ug/Configurations/Ppp/intro.docbook deleted file mode 100644 index 6c3a7b8..0000000 --- a/Manuals/Tcpi-ug/Configurations/Ppp/intro.docbook +++ /dev/null @@ -1,211 +0,0 @@ - - - Introduction - - - This chapter describes two computers configuration, one acting - as server and other as client. The server computer will be - configured to provide internet services and the client to make - use of internet services provided by the server computer. The - connection medium both client and server computer use is the - telelphone line (i.e., the same medium you use to realize - phone calls). In this configuration, both client and server - computers use special devices named Modems to - transmit data in form of sound across the telephone line. The - configuration described in this chapter could be a good choise - when the only communication medium you have access to is the - telephone system. - - - - Even this configuration tries to reduce the lack of - communication, there are limitations around it that we cannot - take off, yet. The following list shows what these limitations - are: - - - - - - Only one connection (of 15 minutes) is possible at a time. - - - - - More than 3 consecutive connections from the same phone number - in a time range of 60 minutes means that that number is - attacking the ISP to provoke a Denying of - Service (DoS) attacks. In such cases, the phone number - originating the phone call will be denyed from realizing - further phone calls onto the ISP in the next 15 minutes. If - after 15 mintes, 3 new consecutive connections are detected - from the same phone number than before, the delay time will be - duplicated on each consecutive interval (e.g., 15*1 for the - first time, 15*2 for the second time, 15*3 for the third time, - and so on). - - - - - In order to achieve an acceptable degree of efficiency when - controlling consecutive connections from the same phone - number, it is required that both the client's phone number and - connection time be registered somehow in the server (e.g., Is - it on pppd's log file?). Without such information it would be - very difficult to achieve any prevention against DoS attacks - originated from incoming calls. - - - - - - - The ISP is isolated from Internet, so it is not possible to - provide Internet access through the ISP. For example, don't - ever think you will be able to send international e-mail to - Gmail or Yahoo, nor visit web sites like Google or Wikipedia. - I really would like to provide such accesses, but without a - link to Internet I don't have where to send your requests. - - - - - The information generated inside the ISP is jailed to it. This - way, it will be available to people registered inside the ISP - only (e.g., through the web interface). - - - - - The implementation of services that required persistent - connections (e.g., chats) will not - be considered as a practical offer. Instead, only - asynchronous services (e.g., - e-mail) will be supported. This - restriction is required to reduce the connection effective - times. For example, consider an environment where you connect - the ISP to send/receive e-mails only and then quickly - disconnect from ISP to release the line for others to use. - There is no need for you to be connected at the same time - someone else sends you an e-mail, this in order for you to - receive it. E-mail messages sent to you will be available in - your mailbox the next time you establish a point-to-point - connection with the ISP and use your mail client to send and - receive new messages. Likewise, you don't need to be connected - to the ISP in order to write your e-mail messages. You can - write your messages off-line and then establish connection to - send it whe it be ready. - - - - - Your user profile will be automatically removed from the ISP - when no effective point-to-point connection be established by - you in a period greater than 7 days since the last effective - point-to-point connection you established to the ISP. When - your user profile is removed, you will need to get registered - again (i.e., create a new user profile) using the web - interface provided by the ISP. - - - - When a user receive messages, the user's e-mail client must be - configure to move the e-mail messages from server to client. - This is forced in the ISP computer by denying user's from - accessing the IMAP service. Only POP service will be - available. This restriction is required to save disk space on - ISP computer. - - - - - - I'm very sorry about these limitations, but this is the best I - can offer with one PC, one modem, and one single telephone - line. If you think this configuration can be improved somehow, - please send me an e-mail to - al@projects.centos.org. Notice that, in order - for you to be able to send e-mails to this address you need to - do it using the Mail Transfer Agent provided in the server - computer. I don't answer phone calls personally, the phone is - very busy answering point-to-point connections ;). - - - - - The projects.centos.org mentioned in - this chapter must not be confused with the real infrastructure - provided by &TCP; on Internet. The domain name mentioned in - this chapter is not available on Internet and was created to - illustrate the real infrastructure inside an isolated - environment. - - - - - In order for you to share information with others, it is - required that both you and the person you want to share - information with, have an e-mail address registered inside - ISP. This registration process is realized through a secured - web interface accessable through an encrypted connection. The - web interface provided should permit everyone to update or - delete their personal profiles. All actions realized through - this web interface must be simple enough to be achieved in - less than 15 minutes (the time you have before the - point-to-point connection be closed by the ISP). - - - - Inside the ISP, user information is stored inside an LDAP - server. The web application manipulates LDAP records and all - related files inside the operating system that make possible a - user to establish a point-to-point connection to the ISP, as - well as registering, updating or deleting its profile inside - the ISP. Care should be taken to prevent one user to - modify/delete profiles from other users. The user's profile - administration is individual to each user using the user's - identity as reference. The user's identity is determined by a - username (e.g., the e-mail address) and a password. The LDAP - server will be available for everyone to consult from their - mail clients. Inside the web application, verifications must - be included to avoid duplicated values, invalid characters and - similar stuff. - - - - Inside the ISP, all related subsystems (e.g., Postix, - Cyrus-Imapd and Saslauthd) must retrive user information from - LDAP server. Likewise, the mailbox administration must be - automated based on the users in the LDAP server. The web - application must be able to be aware of all files related - inside the infrastructure in a way that administration tasks - can be automated and presented friendly to end users (this - will required the web application to run some program that - needs root privileges =:-|). The whole process would be as - follows: - - - - - Establish a point-to-point connection to ISP, as described in - . - - - - - Register a new user profile through the web application - provided by the ISP. - - - - - Configure your workstation using the information provided as - result of a successful registration in order to start using - the services provided by the ISP you recently get registered - in. - - - - - diff --git a/Manuals/Tcpi-ug/Configurations/Ppp/modem.docbook b/Manuals/Tcpi-ug/Configurations/Ppp/modem.docbook deleted file mode 100644 index 6bb36a6..0000000 --- a/Manuals/Tcpi-ug/Configurations/Ppp/modem.docbook +++ /dev/null @@ -1,286 +0,0 @@ - - - The Modem Device - - - - Installation - - - The modem device installation consists on attacthing the modem - hardware both to the computer and the telephone line. To - connect the modem to your computer, you need to connect the - serial or USB cable that comes from the modem hardware to the - appropriate input on your computer. To connect the modem to - the telephone line system, you need to unplug the cable that - connects your phone device and plug it on the modem device, - specifically in the port reserved for data transmission. - Later, using a similar cable, you could connect your phone - device to the modem's phone port, so you be able of realizing - phone calls when no data transmition take place, as well. - - - - To be on the safe side, do all the installation with the - computer turned off. Then, when everthing has been put in - place, turn it on. Once the system is up, you can verify the - modem hardware using either the lsusb or - lspci commands. For example, if you are - using an USB modem like that one we mentioned before, run the - following command: - - - sudo /sbin/lsusb - - - and you should get an output similar to the following: - - - -Bus 003 Device 001: ID 0000:0000 -Bus 001 Device 001: ID 0000:0000 -Bus 001 Device 002: ID 058f:6366 Alcor Micro Corp. Multi Flash Reader -Bus 002 Device 001: ID 0000:0000 -Bus 005 Device 003: ID 06e0:f104 Multi-Tech Systems, Inc. -MT5634ZBA-USB MultiModemUSB (new firmware) -Bus 005 Device 001: ID 0000:0000 -Bus 005 Device 002: ID 046d:c018 Logitech, Inc. Optical Wheel Mouse -Bus 004 Device 001: ID 0000:0000 - - - - The relevant line here is that mentioning the existence of a - Multi-Tech System, Inc. MT5634ZBA-USB MultiModemUSB (new - firmware) device. - - - - At this point, your computer should be able of responding to - incoming calls but cannot realize outgoing calls, yet. To - administer the way incoming calls are attended in this - computer, read . On the other hand, to realize outgoing calls from this - computer, you need to specify the server information you want - to establish connection to, as described in . - - - - - - Configuration - - - Once the modem hardware has been installed in the computer, it - is necessary to determine what device location the operating - system assigned to it, so applications like - chat be able to know which device - to talk to. This configuration process can be realized - through the wvdialconf command, distributed - with the wvdial package. - - - - Another way to configure modems installed in your computer is - through the graphical interface provided by - system-config-network command. This - interface may result specially useful when you need to - configure your computer to establish Modem connections to - remote Internet Service Providers (ISPs). The interface - provided by system-config-network command - uses the same configuration file that - wvdialconf command does (e.g., - /etc/wvdial.conf), however, there are - some differences in the way these commands create - configuration files that we need to be aware of. - - - - This section describes how you could use the - wvdialconf and - system-config-network commands to configure - the modem installed in your computer, as well as possible - issues you might face if these two commands are arbitrarily - combined one another. - - - - The <command>wvdialconf</command> Command - - - The wvdialconf automatically detects the - location the operating system assigned to your modem, its - maximum baud rate, a good initialization string for it, and - generates/updates the wvdial configuration - file (/etc/wvdial.conf) the - wvdial command needs to work. To set the - modem configuration through wvdialconf - command, run the command as follows: - - - sudo /usr/bin/wvdialconf /etc/wvdial.conf - - - This command will produce an output like the following: - - - -Scanning your serial ports for a modem. - -ttyS0<*1>: ATQ0 V1 E1 -- failed with 2400 baud, next try: 9600 baud -ttyS0<*1>: ATQ0 V1 E1 -- failed with 9600 baud, next try: 115200 baud -ttyS0<*1>: ATQ0 V1 E1 -- and failed too at 115200, giving up. -Port Scan<*1>: S1 S2 S3 -WvModem<*1>: Cannot get information for serial port. -ttyACM0<*1>: ATQ0 V1 E1 -- OK -ttyACM0<*1>: ATQ0 V1 E1 Z -- OK -ttyACM0<*1>: ATQ0 V1 E1 S0=0 -- OK -ttyACM0<*1>: ATQ0 V1 E1 S0=0 &C1 -- OK -ttyACM0<*1>: ATQ0 V1 E1 S0=0 &C1 &D2 -- OK -ttyACM0<*1>: ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0 -- OK -ttyACM0<*1>: Modem Identifier: ATI -- LT V.90 1.0 MT5634ZBA-USB -Data/Fax Modem (Dual Config) Version 5.18e -ttyACM0<*1>: Speed 4800: AT -- OK -ttyACM0<*1>: Speed 9600: AT -- OK -ttyACM0<*1>: Speed 19200: AT -- OK -ttyACM0<*1>: Speed 38400: AT -- OK -ttyACM0<*1>: Speed 57600: AT -- OK -ttyACM0<*1>: Speed 115200: AT -- OK -ttyACM0<*1>: Speed 230400: AT -- OK -ttyACM0<*1>: Speed 460800: AT -- OK -ttyACM0<*1>: Max speed is 460800; that should be safe. -ttyACM0<*1>: ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0 -- OK - -Found an USB modem on /dev/ttyACM0. -Modem configuration written to /etc/wvdial.conf. -ttyACM0<Info>: Speed 460800; init "ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0" - - - - and a wvdial configuration file like the - following: - - - -[Dialer Defaults] -Modem = /dev/ttyACM0 -Baud = 460800 -Init1 = ATZ -Init2 = ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0 -ISDN = 0 -Modem Type = USB Modem -; Phone = <Target Phone Number> -; Username = <Your Login Name> -; Password = <Your Password> - - - - - It is possible to configure the same computer to act both as - server (i.e., to receive incoming calls from clients) and - client (i.e., to realize outgoing calls to servers). However, - be aware that only one of these connections can be established - at a time. - - - - - - - The <command>system-config-network</command> Command - - - The interface provided by - system-config-network command doesn't - detect the configuration intially created by - wvdialconf command. In fact, if you set a - new (modem) hardware configuration through it, any - configuration previously created by - wvdailconf command will be lost. On the - other hand, if you firstly generate the configuration file - using the interface provided by - system-config-network command and later run - the wvdialconf command over it, you will - end up having two similar configuration settings under - different definitions stored in the same configuration file. - - - - - The wvdial command doesn't understand the - configuration file produced by - system-config-network command, even both - wvdialconf and - system-config-network commands use the same - configuration syntax to create the configuration file. - - - - - Inside the /etc/wvdial.conf configuration - file, the interface provided by - system-config-network identifies default - modem configurations through the [Modem0] line, - while the wvdialconf command does the same - through the [Dialer Defaults] line. Something - interesting about the configuration file created by - system-config-network is that it is - possible to create several ISP configurations that reuse - default settings in the [Modem0] section. For - example, consider the following example: - - - -[Modem0] -Modem = /dev/ttyACM0 -Baud = 460800 -SetVolume = 2 -Dial Command = ATDT -Init1 = ATZ -Init3 = ATM1L2 -FlowControl = CRTSCTS -[Dialer Vispa_Internet] -Username = signup -Password = rebel -Phone = 08453080125 -Stupid Mode = 1 -Init1 = ATZ -Init2 = ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0 -Inherits = Modem0 - - - - - The interface provided by - system-config-network command doesn't - provide modem detection (as wvdialconf - command would do) and uses the /dev/modem - as default location. This location doesn't exists by default, - so whatever configuration you set from it will not work. To - solve this issue, chose one of the following workarounds: - - - - - Replace the /dev/modem location by that - one wvdialconf found when the interface - provided by system-config-network ask you - to enter the modem device. - - - - - Create /dev/modem location as a symbolic - link to that location found by wvdialconf - command. For example: - sudo /bin/ln -s /dev/ttyACM0 /dev/modem - - - - - - - - - - diff --git a/Manuals/Tcpi-ug/Configurations/Ppp/server.docbook b/Manuals/Tcpi-ug/Configurations/Ppp/server.docbook deleted file mode 100644 index b54b202..0000000 --- a/Manuals/Tcpi-ug/Configurations/Ppp/server.docbook +++ /dev/null @@ -1,179 +0,0 @@ - - - The Server Computer - - - Installation - - - Start with a minimal installation of &TCD;, bootup the - operating system, and login as root user. Later, install the - Dialup Networking Support group of packages - available in the [base] repository of &TCD;. The - installation of this group of packages is required both in - server and client computers. If you don't have this group of - packages installed in your computer, then you can do it as the - following command describes: - - - yum groupinstall "Dialup Networking Support" - - - Other packages might be required based on whether you are - configuring the computer to be a server or a client. The - implementation described in this chapter considers both a - server and client configuration so you can pick up the one - fitting your case. - - - - Name Server - - The name server provides the software required to translate - domain names into IP address and IP addresses into domain - names. With this software you can rembember addresses like - instead of addresses like - . There are other - feautres (e.g., mail exchanger resolution, zone delegation, - etc.) provided by this software that aren't used in the - point-to-point configuration we describe in this chapter. - - - To install this software, run the following command: - - yum install bind - - - There is a bind-chroot packages, however, - we aren't using it because SELinux is already enforced on the - &TCD; filesystem and it provides far more security than the - idea of bind-chroot package itself does. - - - - - - Mail Server - - The mail server provides the software required to let you - send/receive e-mail messages to/from others. The mail server - is splitted in three basic components: The Mail Transfer Agent - (postfix), The Mail Delivery Agent - (Cyrus-Imapd) and an intermediary daemon - named saslauthd to - handle users' authentication. The mail transfer agent is the - program your e-mail client sends e-mail messages to. The mail - delivery agent, on the other hand, is the program your e-mail - client reads e-mail message from (i.e., this is the place - where your mailbox is stored in). The authentication daemon - is used by the mail delivery agent to authenticate user's - credentials (e.g., the information that let you access an - specific mailbox). - - - - To install this software, run the following command: - - - yum install postfix cyrus-imapd cyrus-sasl - - - By default, the sendmail - program is used as mail transfer agent, not postfix. For the - sake of that point-to-point configuration we are implementing, - I decided to use postfix instead as default mail transfer - agent, not sendmail. To effectively achieve this decition, it - is required to use the alternatives - command, as it shown below: - - - alternatives --config mta - - - This command will present you a menu to chose between - available mail transfer agents, so it is there where you - choose to use posfix as default option. Now that you've - changed postfix the default mail transfer agent, you can - saftly remove the sendmail package to avoid unused software - to remain inside the computer. To do this, you can run the - following command: - - - yum remove sendmail - - - In addition to mail server specific packages, we also provide - mailing list support. Mailing lists provide e-mail addresses - that users registered inside the ISP can write to. When you - sed an e-mail to a mailing list, your message is distributed to - all members of that list. In order for this to happen, people - registered inside ISP need to subscribe themselves into that - mailing list they want to receive messages from. The - subscription of mailinglist will be available through a secured - web application in the following url: - - - - - - - - - - - - To install the mailing list software, run the following - command: - - - yum install mailman - - - - Web Server - - The web server provides the software required to support web - interfaces like those one previously mention to register new - users inside the ISP and subscribe mailing lists. The web - server provided in this configuration will accept requests - both unencrypted and encrypted. - - - yum install httpd mod_ssl crypto-utils - - - In addition to mailing lists support, the web server will - provide access to Subversion. Subvesion provides a way to - manage files through version control. The main purpose of - providing Subversion support here is sharing the version of - &TCAR; I've been working on. To install Subversion software, - run the following command: - - yum install subversion mod_dav_svn - - - - - Directory Server - - The directory server provides the software required to unify - user information. This server is access by other server - whenever user information is required. You, as end user, can - also use this server from your workstation to retrive a list - of all users registered in the ISP. This list can be retrived - by the web interface the ISP provides, or any application your - workstation provide (e.g., most e-mail clients provide a way - to configure LDAP servers to build address book from it.). - - - - To install the directory server sofware, run the following - command: - - - yum openldap-servers python-ldap - - - - -