[pptp-server] RE: [SLUG] PPPD and C source -Tracking that Ext ernal IP....

George Vieira GeorgeV at citadelcomputer.com.au
Tue Jan 15 22:50:33 CST 2002


As much as this works for you it won't for me as I have more than one client
connecting.. your code can stuff up if you get 2 clients connecting almost
at the same time.. may never happen but it can happen..

The code I'm currently using and have posted (archives) before works well
which uses the PID of the PPPD running and then searches the parent who
called it which with a ps -ef it'll come up with the client IP there... this
works no matter how many people connect at the same time..

I was hoping to patch PPTPD to make it handle it alot better than bash
scripts.... that's all.. it's been 10 years since  coded C++ and I'm not
game enough to try it..


> -----Original Message-----
> From:	Jerry Vonau [SMTP:jvonau at home.com]
> Sent:	Wednesday, January 16, 2002 3:25 PM
> To:	George Vieira; pptp-server at lists.schulte.org
> Subject:	Re: [pptp-server] RE: [SLUG] PPPD and C source -Tracking
> that External  IP....
> 
> George:
> 
> I found this little hack to work for me.
> 
> Try in /etc/ppp/ip-up.local:
> 
> sleep 1
> EXTIP= tail /var/log/messages | grep Client | awk '{ print
> $8}' 
> echo $EXTIP > /var/run/$1.idip
> 
> In /ip-down.local:
> 
> rm /var/run/pptpd/$1.idip  
> 
> Should give you the ipaddress in a file /var/run/ppp?.idip 
> The $8 controls which part of the string to view,
> might need to be adjusted. The EXTIP can then be used 
> elsewhere in the script.
> 
> 
> if [ $EXTIP='xxx.xxx.xxx.xxx' ]; then
> /sbin/route add -net 10.4.0.0 netmask 255.255.255.0 dev $1
> 
> fi                                                          
> 
> or maybe: 
> 
> case $EXTIP in
> xxx.xxx.xxx.xxx)
> /sbin/route add -net 10.4.0.0 netmask 255.255.255.0 dev $1
>  ...
> ;;
> 
> yyy.yyy.yyy.yyy)
> /sbin/route add -net 10.5.0.0 netmask 255.255.255.0 dev $1
>  ...
> ;;
> 
> esac
> 
> 
> should setup the routes... 
> 
> Hope it helps....
> 
> Jerry Vonau
> 
> 
> 
> 
> George Vieira wrote:
> > 
> > I've done a little more research and found that there is no link between
> > PPTP and PPPD which is traceable.. The only thing I can now think of is
> to
> > make PPTP to pass the ipparam parameter to PPPD then it can be tracked
> > back..eg.
> > 
> > 1) VPN client connects from address 141.x.x.x
> > 2) PPTPD accepts the connection
> > 3) PPTPD creates a /var/run/pptpd-link0 and stores the external IP into
> it
> >      (more client connections become -link1, -link2, etc)
> > 4) PPTPD forks PPPD using: pppd blah blah blah ipparam ${ipparam}-link0
> >      (Note: Incase the user already uses ipparam it is passed and
> "-link0"
> > is added to it.ie. mypptp-link0)
> > 5) PPPD starts up and uses the ipparam passed by PPTP and possibly
> anything
> > else the user sent ( ${ipparam} ).
> > 
> > PPPD ip-up.local can then determine from the ipparam parameter what the
> IP
> > address is from the file containing the true IP address of the client
> > (/var/run/pptp-link0) ...
> > 
> > #  ip-up.local  (example)
> > 
> > #!/bin/sh
> > LINK=`echo "$6" | cut -f 2 -d "-"`
> > REALIP=`cat /var/run/pptpd-$LINK`
> > 
> > This sounds like it'll work without modifying the PPPD source code but
> has
> > created alot more tweaking on the PPTPD source side... Worst thing is I
> have
> > not coded C in 10 years and it's changed alot to me..
> > 
> > Now for the hard part......
> > 
> > thanks,
> > George Vieira
> > Systems Manager
> > Citadel Computer Systems P/L
> > http://www.citadelcomputer.com.au
> > _______________________________________________
> > pptp-server maillist  -  pptp-server at lists.schulte.org
> > http://lists.schulte.org/mailman/listinfo/pptp-server
> > --- To unsubscribe, go to the url just above this line. --



More information about the pptp-server mailing list