Chapter 6 Connecting to the World-and Then What? In this chapter we show how to establish connections to remote networks: Wide Area Networks (or WANs) and the Internet. We also explain how to set up services that use these connections. There are two communications protocol standards known in the UNIX world, UUCP and TCP/IP (via modem or ISDN). While UUCP (Unix to Unix Copy) is mainly designed for transporting mail and news, TCP/IP provides a real network connection which supplies all services to a LAN. If TCP/IP is used with a modem connection, nowadays PPP (Point to Point Protocol) is generally used. 1 For ISDN connections, rawip and snycPPP are normally used (see Section 6.2.5 page 157). In the next section we outline how to make a basic modem connection and use a terminal program to access a WAN. After that we go into some detail about configuring PPP, inlcuding a PPP server. Then the basics of e-mail, setting up a news system and fax capabilities are discussed. 6.1 PPP PPP (Point-to-Point protocol) enables you to establish a TCP/IP connection via a serial line. Client and server may communicate while establishing their connection and set up their needed parameters accordingly. The server may configure an IP address as well as a name to the client. Furthermore, PPP is a standard protocol (which SLIP isn't) and is normally the only protocol offered by ISP's. The PPP daemon, pppd, which is used for communicating with various de- vices, plays a vital and central role in PPP connections. This daemon may serve either as server or client. To actually establish the connection, the pro- gram wvdial or chat is needed. 6.1.1 Requirements for Using PPP The following items are needed to use PPP in SuSE Linux: 1 SLIP (Serial Line Internet Protocol) is going more and more out of fashion. 149 6. Connecting to the World-and Then What? * The kernel needs to have support for TCP/IP and PPP included. This is the case with the standard kernel and the modules belonging to it - you don not need to compile a new kernel. * The networking packages need to be installed. The packages that are required are package nkita and package nkitb, series a. * The PPP base package, package ppp, series n, which includes pppd and chat script. * The package wvdial, series n to establish and close down the connec- tion. * If ISDN is to be configured, refer also to Section 6.2.3 page 153. * You need to know your login and password for the PPP server. 6.1.2 Further Information on PPP PPP offers far more options and capabilities than we could list here. It would be beyond the scope of this book to even mention them all. If you need more capabilities or options, refer to the corresponding manuals and manpages: NET-3-HOWTO.gz and PPP-HOWTO.gz in /usr/doc/howto as well as the documentation in /usr/doc/packages/ppp. More detailed information on PPP and its protocols may be found in the corresponding RFC's: * RFC1144: Jacobson, V. "Compressing TCP/IP headers for low-speed serial links." 1990 February; * RFC1321: Rivest, R. "The MD5 Message-Digest Algorithm." 1992 April; * RFC1332: McGregor, G. "PPP Internet Protocol Control Protocol (IPCP)." 1992 May; * RFC1334: Lloyd, B. Simpson, W.A. PPP authentication protocols."' 1992 October; * RFC1548: Simpson, W.A. "The Point-to-Point Protocol (PPP)." 1993 December; * RFC1549: Simpson, W.A. "PPP in HDLC Framing." 1993 December. 6.2 ISDN Configuration In addition to its "normal" network capabilities, Linux can connect to your ISP via ISDN. Most of this may be set up in YaST, making ISDN configura- tion with SuSE Linux straightforward and easy. This section refers mainly to a standard connection to your ISP via ISDN. Of course, there is lots more that can be done by isdn4linux. Keep in mind that some of the procedures mentioned below may be "illegal". Every active card and its firmware are certified. Passive ISDN controllers are certified if run with the software of the manufacturer. For those who need a certification, please use either an active ISDN card or connect the controller to your PBX. ISDN has one great difference to a modem connection-once the network has been set up and configured, no additional commands are required. This 150 6.2. ISDN Configuration is called "on demand". As soon as you launch a telnet session, for example, the connection will be established. This normally takes about three seconds. Thus, it is possible to let "normal" users establish a connection. You may set the idle time. This is the period of time after which the connection will be cancelled automatically, if all the processes that use the connection are idle. While configuring your ISDN system, it is recommended that you keep an eye on messages in /var/log/messages. Just start another xterm or login on another console and enter: earth: # less +F /var/log/messages The option +F causes the screen to display each new line "online", as it is written; you can leave this mode with Ctrl + c . Another option is to view the ISDN traffic graphically, with the program xisdnload. Now, you will see each line as it is added to /var/log/ messages. 6.2.1 Setting up ISDN - Step by Step The following section provides a step by step guide to connecting to the Internet. Try this first. If it doesn't work, or if you need more detailed information, then read through the subsequent sections of this chapter. 1. As user `root', start the program YaST ­ if you are in KDE: press Alt + F2 , then enter xterm. Start YaST in the new window. 2. Go to `System administration', `Integrate hardware into system' and then to `Configure ISDN hardware'. 3. Complete the mask. If you are not sure what to enter, documentation can be found in /usr/doc/packages/i4l and in the following sections of the handbook. 4. Then select `Start' in the window. 5. If this was successful (a positive message appears on the screen), then choose ISDN-Parameter. 6. Complete this mask as well. 7. Then select `Start' in the window. 8. If this works (another positive message appears), then select Save. 9. Go to the `Network configuration' menu, `Network base configuration'. 10. Create a new device (with F5 ) - ISDN SyncPPP. Press `RETURN', to reach the menu `Enter network addresses'. 11. Leave these settings as they are ­ the IP address of your local ma- chine 192.168.0.99, the address of the Point-To-Point partner is 192.168.0.1 ­ and only change the Default-Gateway to the same address as Address of the Point-To-Point partner (192.168.0.1). 12. Finish this by selecting `Continue'. 13. In the mask `Selection of network' you must activate the card with F4 . 14. Save with F10 . 151 6. Connecting to the World-and Then What? 15. Go to `Nameserver configuration', answer the question with `Yes'. 16. Enter the IP address of the nameserver (DNS) of your provider. If you do not know this, ask your provider. Usually this can be found on the web page of the provider. 17. End YaST. Enter init 1 in the terminal window. If KDE (and X) are running, they will be stopped. 18. Re-start the network with init 2 if you normally start X with startx. If you login using X Windows, however, then start with init 3. 19. If you start Netscape, for example, you can now surf on the Internet. If you also start xisdnload, you can monitor your connection status. 20. Some providers require you to specify the proxy server for your provider in Netscape: In Netscape, go to `Edit', `Preferences', `Advanced', `Proxies', `Manual Proxy Configuration' and then `View'. Now your ISDN access should be running and your connection to the In- ternet should be running automatically as soon as you enter an Internet ad- dress in Netscape, for example, and the connection will be closed if no data traffic occurs for more than 60 seconds. You can monitor this traffic with xisdnload! If it doesn't work, please continue reading below! 6.2.2 Overview SuSE Linux includes the package isdn4linux, which includes hardware drivers and network interfaces as well as modem emulation (digital modems only). It even includes software which provides the function of an answering machine. The ISDN hardware driver is launched by /sbin/init.d/i4l_hardware (see Chapter 17 page 395). Configuration of the ISDN part is done via isdnctrl (see manpage for isdnctrl (man isdnctrl)). The net- work interfaces are configured just like standard Ethernet interfaces by means of ifconfig (manpage for ifconfig (man ifconfig)) and route (manpage for route (man route)). On SuSE Linux, /sbin/init.d/i4l performs this task (see Chapter 17 page 395). All actions taken are based upon entries in /etc/rc.config. These entry names resemble, where possible, the options of isdnctrl. /sbin/init.d/route sets up the routing of the devices given in /etc/ route.conf. Establishing a connection is done by isdnctrl followed by /sbin/init. d/i4l, using settings from /etc/rc.config. You can see a list of these parameters by entering: earth: # isdnctrl list all As soon as somebody requests an ISDN service (this may be either a user or an application), the connection is established. 152 6.2. ISDN Configuration 6.2.3 Configuring ISDN Hardware Requirements To make a successful connection from SuSE Linux, you will need: 1. an ISDN connection 2. a supported ISDN controller 3. SuSE Linux installed 4. one of the SuSE Linux standard kernels (on CD) You don't need to compile a kernel! If you want to compile a kernel anyway, make sure you use the sources from package lx suse, series d! 5. the package kernmod, series a 6. the package i4l, series n 7. the documentation found in package i4ldoc, series doc (recom- mended) What you need to know: * the type of your ISDN controller * the controller settings-IRQ, port address, etc. (depends on the type) * the ISDN protocol you use: ­ 1TR6: (old) national ISDN ­ DSS1: Euro-ISDN Some of the PBX's (contrary to the documentation) still use 1TR6 instead of DSS1. What is an MSN/EAZ? With Euro-ISDN, you get a MSN (Multiple Subscriber Number), which nor- mally is your telephone number without the prefix. If you just subscribed to ISDN, you will receive three different numbers. Any of them may be used for your ISDN connection, even if you use the same number as a telephone number, as they can be distinguished by their service indicator. Normally, the ISDN controller is directly attached to an NTBA, but it is a good idea to connect another S0 bus to the PBX. If you use Euro-ISDN on your PBX, the MSN is normally the extension (direct call number). For 1TR6, you have an EAZ (German: "Endgeraete Auswahl Ziffer" = end user selection number). Otherwise, they are treated the same. The EAZ is a single number. Just select one in the range of 1 to 7. Don't forget the 0! 153 6. Connecting to the World-and Then What? 6.2.4 Configuring ISDN Hardware with YaST The driver itself is provided by a loadable kernel module. You don't need to reboot your system. Standard ISDN controllers are supported by the HiSax driver. Some controllers, such as ICN and AVM-B1, as well as P'n'P cards, may not yet be configurable with YaST. They require special treatment. Please look at the settings for ISDN controllers later in this section. Here are the individual steps: 1. Log in as user `root'. 2. Launch YaST. 3. Now select `System administration', `Integrate hard- ware into system' and `Configure ISDN hardware'. The menu structure is shown in Figure 6.1. Figure 6.1: Menu structure for ISDN configuration in YaST 4. Next, enter the following parameters: * Start I4L ISDN is only launched at boot if this field is active. Thus you can control with this whether an ISDN connection should automatically be started at boot up. * ISDN protocol Here, you may choose either the old (national) German ISDN (1TR6) or the default Euro-ISDN (EDSS1). Keep in mind that connections via a PBX often still use 1TR6. * ISDN controller type Select the supported ISDN controller. Please look at /usr/doc/ packages/i4l/README.SuSE concerning P'n'P controllers. 154 6.2. ISDN Configuration * Controller ID You should leave this untouched to Tel0. * Interrupt Memory base address IO port ISAC HSCX Depending on the card in use, some additional settings may be re- quired. Only the parameters available for the device are enabled. The others are disabled. * ISDN options This should be left empty! Pressing F1 will give you additional help. The configuration dialog is shown in figure 6.2. Figure 6.2: Menu for ISDN configuration with YaST 5. Now, confirm by pressing `Start'. This is a test: the module will be loaded and a message in the window will tell you whether the card has been set up correctly. If OK: Confirm by pressing `Save'. Your settings will now be written to /etc/rc.config. They will remain current until you change them. After being tested, the driver remains loaded. If it fails: Check and change the parameters. Don't forget to look at /var/log/messages. (You did remember to open it, didn't you?). Possible problems may be: 155 6. Connecting to the World-and Then What? * On some boards the IRQs 12 or 15 cannot be used. * The given address or IRQ is already in use. Remove (for testing purposes) all controllers that are not immediately needed for testing (e. g., sound and network cards). * The module has already been loaded. To remove it, change to an- other console and enter: earth: # rmmod hisax * The card you use is a P'n'P device. See /usr/doc/packages/ i4l/README.SuSE for more information. * Your card is not supported by HiSax (e. g., ICN, AVM-B1). See /usr/doc/packages/i4l/README.SuSE. 6. Exit YaST. 7. Configure isdnlog. You should configure isdnlog before launching the modules. Its task is to supervise all activities on the S0 bus system. You must now adapt the following files to your requirements: * /etc/isdn/isdn.conf: The first parameter is to set the country where you will use your isdn4linux. If this is Germany, you should set it as specified in File contents 6.2.1. # /etc/isdn/isdn.conf [GLOBAL] COUNTRYPREFIX = + COUNTRYCODE = 49 AREAPREFIX = 0 File contents 6.2.1: /etc/isdn/isdn.conf Here (in the GLOBAL section), you also need to enter your area code AREACODE (the dialing prefix) without the leading zero. So if your area code is, for example, 0911 you will need to enter: AREACODE = 911. In Germany, this is the only part that needs to be adapted. CHARGEMAX = 20.00 lets you set the maximum amount of charges (in Deutsch Marks) that you will accept per day. Please do not rely on this feature! * /etc/isdn/callerid.conf: Here, you may enter every known telephone number. You will see their names instead of their MSNs in /var/log/messages when you launch isdnrep. See our example in File contents 6.2.2 on the next page. Your number is 4711. The number of your ISP is 4712. * /etc/isdn/isdnlog.isdnctrl0.options: Here, you may enter options for isdnlog. This is normally not necessary. 156 6.2. ISDN Configuration # /etc/isdn/callerid.conf [MSN] NUMBER = 4711 SI = 1 ALIAS = myself ZONE = 1 [MSN] NUMBER = 4712 SI = 1 ALIAS = ISP ZONE = 1 File contents 6.2.2: /etc/isdn/callerid.conf 8. Now enter the commands: earth: # init 1 earth: # init 2 thus restarting all network services. You could also activate ISDN with YaST or just reboot, if you prefer. 6.2.5 Setting up an ISDN Internet Connection ISDN-Configuration for Your Internet Provider Selecting a Protocol This ISDN host offers three different modes: * terminal login using X.75 * rawip-HDLC * syncPPP Of course, you may test any of these protocols, but it is recommended that you test the protocol offered by your ISP. Requirements * The ISDN hardware configuration functions. * The ISDN driver has been loaded. * You have your MSN/EAZ at hand. * You know which protocol your ISP uses (syncPPP, rawip). * You have the phone number of the ISP. * You have your user name and password available. * You know the Domain Name Server (DNS) of your provider. These are the steps: 157 6. Connecting to the World-and Then What? Figure 6.3: Network configuration with YaST 1. Start YaST and change to `System administration', `Net- work configuration', `Network base configuration'. See Figure 6.3 for a screen shot. 2. Choose a number not already in use, e. g., 4. 3. Now select the device `ISDN SyncPPP' by pressing F5 . 4. Press F6 (`IP address') and enter: * IP address of your host: 192.168.0.99 * IP address of the Point-to-Point partner: 192.168.0.1 5. Leave this window by pressing `Continue'. 6. Pressing F4 activates the network device if you haven't done so already. 7. F8 (`ISDN') lets you enter some ISDN-specific options. This is shown in Figure 6.4 on the next page. Now enter the following: * Your own telephone number (MSN): e.g. 123456 * Number to be called: 012345678 You may need to dial a leading "0" for some PBXs. * Numbers that are allowed to call: Only needed for dial-in servers (and we are currently dialing out). * Only given numbers are allowed: Set this to make sure nobody starts an unwanted connection to your machine! * Dialling Mode: With auto connections are made automatically if you try and access addresses which are normally only available via the ISDN interface. 158 6.2. ISDN Configuration Figure 6.4: Setting ISDN network parameters with YaST If manual is set it is necessary to make the connection by hand, when required. With the off setting it is not possible to establish connections via this ISDN interface. * Idle time: After a period of no use (idle time), the connection will be closed. * Name of PPP login: Enter the user name for your provider. * Password of PPP login: Enter the password for your provider. The password cannot be seen here, but is represented by asterisks. It is stored in the file /etc/ppp/pap-secrets. Press F1 to get additional help. 8. Confirm `Start'. Now a network test is launched. You will get an error message if anything goes wrong. There should not be any problems so far. If OK: Please confirm with `Save'. Now, your settings will be written to /etc/rc.config, and they will remain active until you change them. The settings remain active during and after the test. If it fails: For some reason, the ISDN modules were not loaded. Look for clues in /var/log/messages. 9. In YaST, go to the menu `Configuration nameserver' and an- swer the question with Yes. Enter the IP number of your provider's nameserver (DNS) here. If you don't know the IP number, you must ask your provider. Or you can ask someone who is already using Linux in the Internet to enter the following command in a terminal window (T-Online is used here as an example): 159 6. Connecting to the World-and Then What? whois t-online.de You will then receive a message containing lines as shown in File con- tents 6.2.3. domain: t-online.de descr: Deutsche Telekom AG, Telekom Online-Dienste descr: Generaldirektion, GK361 descr: Postfach 2000 descr: D-53105 Bonn descr: Germany admin-c: KHS252-RIPE tech-c: JS691-RIPE zone-c: FS340-RIPE nserver: dns00.btx.dtag.de File contents 6.2.3: Output of whois t-online.de In the line nserver: you can see the nameserver of your provider. Now all you need is the IP address for the name. To obtain this, enter the following command: host dns00.btx.dtag.de An answer is given, such as dns00.btx.dtag.de has address 194.25.2.129 This, (194.25.2.129) would then be the IP address of the nameserver for T-Online. If the connection does not work: * Check /var/log/messages for "strange looking" output. * Try again using rawip access. * Is the MSN/EAZ correctly set up? * Do you need to dial a 0 first? Further tips can be found in the Support Database. This is available at: http://sdb.suse.de/sdb/en/html on our WWW server or via the SuSE help system (start by entering susehelp, or from the menu), assuming you have installed the package susehelp, series doc and the package sdb en, series doc. 10. The connection has now probably worked. Then you should go back to YaST, press the `Save' button and close YaST. Dynamic IP Numbers with syncPPP In the case of dynamic IP addresses the dummy addresses given for private use are just used as place markers until the connection is established. Additional Information Further information on how to configure your ISDN subsystem for an ISDN connection can be found from the following sources: 160 6.3. Cable Modems * File /usr/doc/packages/i4l/README.SuSE * Support-Database: http://sdb.suse.de/sdb/en/html * In the package i4ldoc (e. g. the ISDN-FAQ in the file: /usr/doc/ packages/i4ldoc/i4l-faq) * /usr/doc/packages/inetcfg (package inetcfg): e. g.: T- Online via ISDN 6.2.6 ISDN Messages A typical "error" message cause from HiSaX consists of two parts, the location and the cause code. In the case of European ISDN this con- sists of 5 characters, Exxyy, whereby xx stands for the source of the error and yy for the cause of the message. HiSaX always creates this output in hexadecimal form. Some mesages are not really errors, but represent nor- mal behavior for a telephone connection ("engaged", "conenction ended by hanging up"). There is a manpage specifically for these messages, providing a complete list of errors: see manpage for isdn cause (man isdn cause). 6.3 Cable Modems In some European countries, as well as USA and Canada, Internet access via the TV cable network is very common. Here is a step by step guide on how to get into the Internet with the Austrian Telekabel service. It ought to transferable to other cable providers. 6.3.1 The Basics The Telekabel participant receives a "modem" from the cable company which on one side is connected to the television cable, and on the other side, to a network card in the computer, by means of a 10Base-T cable (twisted-pair). This modem then represents a fixed line for the computer, usually with a fixed IP address. Procedure for Installation 1. In case you already have a network card installed, carry on at item 8. 2. As user `root', start the program YaST ­ if you are in KDE: press Alt + F2 , then enter xterm. Start YaST in the new window. 3. Go to `System administration', `Integrate hardware into system', `configure networking device'. 4. For `Network type', enter eth0. 5. For `Networking device type', select your card. 6. For `Module options', enter parameters such as IO port, etc.; on kernel parameters, see chapter 14 page 325. Attention, if you have a PCI card, you usually do not need to give any parameters. 7. Press `Continue'. Return to the YaST main menu (by pressing the Esc key twice). 161 6. Connecting to the World-and Then What? 8. Go to `System administration', `Network configura- tion', `Network base configuration'. 9. You will now be in the window `Selection of Network'. 10. Press F5 , to set up the Ethernet device (if it is not yet entered there under `device name', e. g.eth0). 11. Press F3 and choose `DHCP'. 12. Press F4 to activate this device. 13. With F10 the configuration is saved. 14. Leave YaST by pressing the Esc key a few times. 15. You can now activate your network access by entering rcdhclient start. Then you can test the access, for example with ping www.suse.de. This guide is for versions from SuSE 6.4, if you are still using version SuSE 6.3, however, one extra step must be performed. With YaST, set the rc.config variable to yes (see section 3.6.11 page 101 on how to do this). Then the network is made available each time you boot, without you having to enter a command specifically. An alternative to this method ­ if your IP address, network mask and gateway are known, and are static ­ is to set up a fixed network configuration (see section 5.1 page 136). Find out from your cable operator if your IP address is a permanent one. The advantage of a fixed configuration: If there is a fault with cable access when booting, the boot process will continue normally, and as soon as the net problem has been remedied, you can immediately reach the Internet. 6.4 T-DSL, T-ISDN-DSL, ADSL. . . Internet access using Digital Suscriber Line technologies (including T-ISDN- DSL, ADSL...etc.) under Linux is in development, although we can't give any direct support on these. In our Support database you'll find an article covering this issue, including information on the newest developments. Read this article under http: //sdb.suse.de/sdb/de/html/hoe_adsl_pppoe.html. 6.5 Connecting a Modem Connecting a modem to your machine is very straightforward; the modem is connected to your machine via a serial cable. In YaST, you specify which interface to use (see section 17.6Initializing Local Hardware (keyboard, mo- dem, mouse,PCMCIA, etc.)section*.261, page 402). A link from the modem device is created to /dev/modem, thus letting you access your modem, no matter to which port it is connected. There are so-called "WinModems" available commercially. These cur- rently do not run under Linux. Please also take a look at http://www.suse.de/sdb/en/html/cep_winmodem.html The usual terminal programs are minicom and seyon (but there are others as well). 162 6.6. Connecting to the Internet: PPP with wvdial minicom Minicom is a simple-to-use terminal program which resembles the DOS pro- gram Telix. This is not an introduction to minicom but a short overview of how to configure it. All users who want to use minicom have to be entered in the file /etc/ minicom.users, which contains a list of which users can access which modem, and with what kind of permissions. Minicom is configured as follows (only as user `root'): earth:/ # minicom -s The settings are self-explanatory. The key combination Ctrl + L does not work in xterm or rxvt, but does function in kvt and in the text console. 6.6 Connecting to the Internet: PPP with wvdial The program wvdial is a very powerful tool used to make analogue PPP connections to Internet Service Providers, or ISP. Since these ISP's often use different settings in their PPP protocols, it can be very tiresome to find the correct options. wvdial now sorts this out by means of intelligent algorithms. In the past, it was always necessary in Linux to specify the nameserver (DNS ­ Domain Name System) of the ISP when making the Internet connection. This is no longer necessary with wvdial; it automatically recognizes the nameserver of the provider, provided that this information is made available. 6.6.1 Configuration of wvdial You can configure wvdial comfortably from YaST. You will find the menu under `System Administration', `Network configu- ration', `Configure a PPP network'. The menu is shown in figure 6.5. Proceed as follows: * Make sure that you have already installed your modem in YaST; ei- ther this was done in the course of the initial installation, or you can do it now (as described in section 3.6.1Integrating Hardware into the Systemsubsection.3.6.1, page 89). * Select the menu item `Configure the current Profile'. * Enter the telephone number, user identification and password. * Select the automatic nameserver configuration. If this doesn't work, you must specify the nameserver in YaST in the old way (cf. section 3.6.3Net- work Configurationsubsection.3.6.3, page 95). * Select your dialling mode. This is normally tone dialling. * If you are connected to a PBX (private branch exchange), you should se- lect the item `Modem on PBX (no dialtone)'; then no dialling tone is expected. 163 6. Connecting to the World-and Then What? Figure 6.5: Wvdial Configuration * For the dialling-in mode, normally `PPP-direct-PAP/CHAP' should be chosen. * Close the sub-menu. * After configuring the provider, you should go to modem recognition. Simply select the menu item `start modem recognition'. * If this functions, then select the item `Run WvDial'. You will then see a window in which various messages appear. * When you see the message that the PPP process has been started, you can start using the Internet. * To check if the connection has really been made, you need to open a further terminal window (in KDE: Alt + F2 and then enter xterm). In the terminal window, enter: earth: # su and then the `root' password. Then you should enter: earth: # tail -f /var/log/messages Now you can view any system messages which may appear. As soon as you see lines with "Local IP:" and "Remote IP:" ­ each fol- lowed by an IP number ­ you can be quite sure that the connection to the Internet is running. * End Internet access with Ctrl + c . * If all this works, you can start Internet access from the command line by simply entering wvdial, and stopping it with Ctrl + c . If you want to be able to do this as a normal user as well, (i. e. not as `root'), then you must enter the appropriate user with YaST in the groups `uucp' and `dialout' (cf. section 3.6.8Group Administrationsubsection.3.6.8, page 100). 164 6.6. Connecting to the Internet: PPP with wvdial * You can change your configuration later on without YaST, using the pro- gram wvdial.lxdialog, or in graphical form, with wvdial.tcl. These can only be run as `root'. Documentation on wvdial can be found in the directory /usr/doc/ packages/wvdial. wvdial for Normal Users, and Security If you want normal users apart from `root' to be able make PPP connec- tions with wvdial, then you must, using YaST, enter the relevant user in the groups `uucp' and `dialout'; see Section 3.6.8 page 100. These users then also have access to the file /etc/wvdial.conf, which normally contains the login and password for Internet access. To increase security you can move the password to a protected file: 1. Change to the directory /etc/ppp and as user `root', create the file wvpw with the file permissions 600: earth: # cd /etc/ppp earth:/etc/ppp # touch wvpw earth:/etc/ppp # chmod 600 wvpw 2. Open the file wvpw with an editor and enter only the password there, then save the file. 3. Check to see if the permissions for the file wvpw are correct; earth:/etc/ppp # ls -l wvpw should give you confirmation of this; see Output 6.6.1. -rw------- 1 root root 7 Jan 18 17:20 wvpw Screen output 6.6.1: Ausgabe von ls -l wvpw 4. Repeat the configuration as described in Section 6.6.1 page 163; as your password, however, enter @/etc/ppp/wvpw (that's right, with the "at" symbol in front). This informs wvdial that the password should be taken from this file. Modem Always Beeps Loudly If your modem loudspeaker is too loud during connection, you can edit the file /etc/wvdial.conf and insert the line Init3 = ATM0 This command switches your modem loudspeaker off. 165 6. Connecting to the World-and Then What? 6.6.2 Using Different Providers with wvdial wvdial can look after any number of parameter sets. To do this, you can additional sections in the file /etc/wvdial.conf, next to the section Dialer Default. When starting wvdial with the name of such an extra section, first the parameters from the "default" are read. All parameters which are mentioned again in the additional section overwrite the previous values. Here is a small example for T-Online and the Call-by-Call-Provider, Arcor (file contents 6.6.1Using Different Providers with wvdialsubsection.6.6.2, page 166). In this the YaST configuration is created. The file is extended manually with the lines in file contents 6.6.2Using Different Providers with wvdialsubsection.6.6.2, page 166. [Dialer Defaults] Modem = /dev/ttyS0 Init1 = ATZ Init2 = ATQ0 V1 E1 S0=0 &C1 &D2 S11=55 +FCLASS=0 Init3 = ATM0 Compuserve = 0 Tonline = 1 Dial Command = ATX3DT Baud = 115200 Auto DNS = 1 Stupid Mode = 0 New PPPD = 1 Phone =0,0191011 Username = ???????? Password = ??????? File contents 6.6.1: /etc/wvdial.conf: Standard section [Dialer arcor] Phone = 010700192070 Username = arcor Password = internet File contents 6.6.2: /etc/wvdial.conf: Additional section If wvdial is called up without parameters, a connection is made to T-Online. If you enter wvdial arcor a connection is made to Arcor. You should also have a look at the manpage for wvdial (man wvdial). 6.6.3 ISDN Terminal Adapter These devices allow an ISDN connection. In contrast to normal ISDN apadters, the computer and adapter are connected via a serial cable. Although the adapters basically simulate an analog modem, these adapters have special features; e.g. * they need special commands to allow a point-to-point connection and * by default, they issue expanded CONNECT messages. 166 6.6. Connecting to the Internet: PPP with wvdial For this reason the modem configuration must be adjusted: 1. Do not use the automatic modem detection, which would otherwise be performed via YaST, in the menu item `System administra- tion' / `Network configuration' / `Configure a PPP network' / `Autodetect Modem'. 2. Specify your modem interface in YaST in the menu `System admin- istration' / `Integrate hardware into system' / `Mo- dem configuration'. 3. Log in as `root'. 4. Create the file /etc/wvdial.conf by hand; this file is normally gen- erated automatically. The file should have the same contents as displayed in file contents 6.6.3ISDN Terminal AdapterItem.166, page 167. [Dialer Defaults] Modem = /dev/modem Baud = 115200 Init1 = Init2 = ; Phone = ; Username = ; Password = File contents 6.6.3: /etc/wvdial.conf: Terminal adapter For and you must ­ according to the device ­ enter the following values: Vendor ELSA: ELSA MicroLink ISDN/TLpro and ISDN/TLV.34: Init1 = AT&F\ N10%P1 Init2 = AT\ V0 Vendor ELSA: ELSA TanGo 1000 and ELSA TanGo 2000: Init1 = AT&F$IBP=HDLCP Init2 does not apply Vendor Zyxel: all models: Init1 = AT&FB40 Init2 = ATXO Vendor Hagenuk: Speed/Viper Dragon: Init1 = ATZ Init2 = AT&FB8X0 Other Vendors: You can look up the "initstring" specified by the vendor in the adapter documentation. Sometimes scripts for Unix or Linux are also included, from which this string can be taken. Or you can take a look at which initstring the adapter uses when it dials from a different system, for example in MS-Windows. 167 6. Connecting to the World-and Then What? All other configuration steps should be carried out as described in the hand- book. Note: an ISDN-TA (phone adapter) should not be confused with a PBX device with an inbuilt ISDN card. Although these are connected via a serial cable, they use a proprietary protocol via the serial port, which is why they cannot be used in Linux. A CAPI driver which is included, must be installed on the PC which is currently not available from the vendors for Linux. This concerns the following devices: * Eumex 404 PC * Eumex 322 PCi * AVM Fritz!XPCDr. * Neuhaus Triccy Data LCR 6.6.4 Configuring PCI Modems The IRQ and IO addresses of the serial ports are set by default in Linux to the values which are used by ISA cards. Thes values are a semi-standard and in many PCs, they ensure that no resource conflicts arise. Resources for PCI cards, however, are assigned by the BIOS at boot time, and do not necesarily match the traditional values, if the BIOS alone is left to decide. You should therefore proceed as follows when configuring wvdial: 1. Ascertain the actual values which the BIOS has assigned to the serial port, using the command scanpci -v. You need the interrupt (IRQ) and IO addresses (IO port). 2. Integrate the modem, using YaST via the items `System adminis- tration' / `Integrate hardware into system' / `Modem configuration'. When doing this make note of a possible serial mouse and other serial ports; in case of doubt, select /dev/ttyS2, in order to avoid any con- flicts with additionally inserted, standard interface cards. 3. The command setserial can be used to change the serial port. If the modem, for example, occupies IRQ 5 and the IO address 0x220, but the kernel expects interrupt 4 and port 0x02f8, you can remedy this with the command earth: # setserial /dev/ttyS2 irq 5 port 0x220 This command, however, now needs to be carried out every time the ciomputer is started. To do this, you could make an entry in the file /sbin/init.d/boot.local ­ or as an alternative, you can adjust the file /sbin/init.d/serial, in the start section: run setserial /dev/ttyS2 irq 5 port 0x220 You can find more information on setserial in the manpage for setserial (man setserial). 4. To test if the configuration of the port is correct, you can enter wvdialconf /dev/null. Then all ttySx ports are checked, and your modem should be detected. 168 6.6. Connecting to the Internet: PPP with wvdial Hint: As an alternative to configuring with setserial, you can change the IRQ settings in the BIOS. This is only possible if your BIOS allows this, and the IO addresses do not have to be changed. To do this, you have to know in which PCI slots your interface cards are located. In the setup program of some BIOSes there is a submenu in which the settings of the PCI ports are determined. Here you can assign a specific interrupt (IRQ) to each slot. In most cases this will be IRQ 3 or IRQ 4. The next time the computer starts the actual IRQ is adjusted to that which is set. 6.6.5 Manual PPP Configuration for Experts If your Internet connection with wvdial does not work, for whatever reason, you can configure PPP here manually. If you have the choice, however, we still recommend wvdial. Some sample configurations and scripts are located in package inetcfg, as well as in package ppp nt. Notes on T-Online The T-Online user name consists of the "Anschlusskennung" (Connection ID) followed by the telephone number of the T-Online access (DxJ number), fol- lowed by the "Mitbenutzernummer" (User Number) (4 digits). If the tele- phone number is shorter than 12 digits you need to add a # at the end. Aliases apparently don't work. An example: Name: 01234567890123456789012#0001 Password: the normal T-Online password Here is a list of the T-Online servers taken from our Support Database. You might need these servers for your browsers and other tools. Nameserver: dns00.btx.dtag.de 194.25.2.129 SMTP server: mailto.btx.dtag.de send mails POP server: pop.btx.dtag.de receive mails via "popclient" NNTP server: news.btx.dtag.de News server If necessary and/or possible you should enter the proxy sites as well: FTP proxy: ftp-proxy.btx.dtag.de FTP proxy HTTP proxy: www-proxy.btx.dtag.de WWW proxy Wais proxy: wais-proxy.btx.dtag.de Wais proxy Gopher proxy: gopher-proxy.btx.dtag.de Gopher proxy Creating a Connection There are two steps involved in creating a PPP link. * First, the connection between both modems is established. This part is performed by chat. 169 6. Connecting to the World-and Then What? * When the connection is up and running, chat takes care of the login pro- cedure with the server, and then passes control over to the PPP daemon. The daemon then initializes the PPP protocol. After installation of package inetcfg you will find the script ppp-up in /usr/doc/packages/inetcfg. Now copy this script to /etc/ppp and adapt it to your needs. The script ppp-up then establishes the PPP connection: #!/bin/sh ## /etc/ppp/ppp-up ## Establishing a PPP-connection # localip=0.0.0.0 remoteip= device=/dev/modem pppflags=``38400 modem debug defaultroute'' /usr/sbin/pppd lock connect '/usr/sbin/chat -v -f /etc/ppp/ppp.chat' $device $pppflags $localip:$remoteip File contents 6.6.4: /etc/ppp/ppp-up First, the IP-addresses of the client and server are set. If 0.0.0.0 is en- tered for the client, and the server-address is empty, pppd obtains both these addresses from the server. If the addresses are fixed, or a dynamic address- allocation is not what you want, you have to enter the appropriate number here instead. Then the device to which the modem is connected is specified. The flags tell pppd to operate the modem at a speed of 38400 bps and to write the PPP connection into the kernel's routing table as the default route. pppd has many more options and flags. A detailed description can be found in the manpage for pppd (man 8 pppd) and the PPP Howto. Our example, however, should work in most cases. Then chat takes on the task of establishing the modem connection. The script /etc/ppp/ppp.chat determines how this is done: The ABORT lines determine for which answers of the modem the connec- tion failed. With the line +++ATZ the modem is initialized. The line ATDT<499113247122> dials the server. If the string CONNECT is re- ceived by the modem, then the login process can begin. First the login name and then the password is sent to the server. More information about chat can be found in the manpage for chat (man 8 chat). If both files are suitably configured and their attributes set properly, then all you need to make the connection is to run the script ppp-up. 170 6.6. Connecting to the Internet: PPP with wvdial TIMEOUT 30 ABORT ''NO CARRIER'' ABORT BUSY ABORT ``NO DIALTONE'' ABORT ERROR ``'' +++ATZ OK ATDT49911123456 CONNECT ``'' ogin:--ogin: word: File contents 6.6.5: /etc/ppp/ppp.chat The connection is closed by stopping PPP daemon. This can be done, for example, with the script /etc/ppp/ppp-down: If you have installed ppp-up in /etc/ppp/ppp-up, as described in this chapter, it will not be in your PATH; for this reason you must specify the full path name: earth:/root # /etc/ppp/ppp-up You should set the attribute `x' of this file beforehand with: earth:/root # chmod 755 /etc/ppp/ppp-up The connection is closed by stopping the PPP daemon. This can be done, for example, with the script /etc/ppp/ppp-down: #!/bin/sh ## /etc/ppp/ppp-down ## Terminating PPP-connection # kill `cat /var/run/ppp0.pid` File contents 6.6.6: /etc/ppp/ppp-down Make sure you don't forget the ` character. This is known as a command substitution, by means of which the output of cat /var/run/ppp0.pid is passed to the kill program. Customizing the chat Script The script /etc/ppp/ppp.chat needs to be adjusted to your personal details, of course. Besides login name and password the whole login sequence might be different. In some rare cases it might be necessary to start the ppp protocol on the other side (e. g. with ppp default). All this cannot be described in general terms. 171 6. Connecting to the World-and Then What? Unless special authentication processes, such as PAP or CHAP, are used, the login sequence is similar to a normal terminal login, except that this is done automatically by the script, rather than by hand. For this reason you can proceed as follows: * Read carefully the information from your service provider, and ask them if there is a script already adapted to your needs. If this is the case we are very interested in feedback, so that we can collect these scripts for our distribution. The scripts we have collected so far can be viewed directly in our Support DataBase: http://sdb.suse.de/sdb/en/html * Please have pencil and paper at hand! * Take one of the terminal programs (e. g. minicom) and log in manually. Please note exactly what is sent by your provider, in what order, and what input is needed from your side. Most terminal programs (including minicom) enable you to automatically protocol all your text on screen. With minicom, this is achieved by Ctrl-A L . * Continue doing so until the remote station changes into ppp mode, which normally happens when a message such as: "ppp-protocol started" is seen. * The existing connection is now killed, i. e., hung up (minicom: Ctrl-A H ) * End the terminal program (Minicom Ctrl-A X ). * Using this protocol, you can now customize your chat script. A few more explanations concerning chat: First chat is initialized TIMEOUT 30 ABORT "NO CARRIER" ABORT BUSY ABORT "NO DIALTONE" ABORT ERROR The TIMEOUT is dependent on the time needed for the connection to be made, and in some cases has to be increased (e. g. to 60) The ABORT commands define which replies from the modem will terminate the script. The next lines almost always resemble the following syntax: The first parameter (up to the first "white-space") defines what message the modem is to wait for. If this string is sent by the modem, the rest of the line will be processed. "" +++ATZ Here no string is awaited, the modem is initialized immediately. This depends on your modem type and on the profiles stored in it. Normally ATZ profile 0 (when it is switched on) is loaded. You might need to make some changes 172 6.7. Masquerading and Firewalls ­ Friends and "Friends" here. It is best to compare this string with terminal programs that are already running (e. g. your existing DOS or Windows software). If your modem does not do what you want it to, this could be due to a misconfigured modem (here an ATZ command is no use). Entering AT&F (in minicom, for example) resets the modem to its factory settings. Now you can dial and start the login sequence, for example: OK ATDTtelephonenumber CONNECT "" ogin:--ogin: account word: accountpasswd Obviously, you need to replace telephonenumber, account and accountpasswd with your own values. Be aware that here only word is looked for, because the remote station could send Password, password or just word. The line ogin:--ogin: ought to be flexible enough because it sends a return if the first string (ogin) is not found, and then stands by waiting for ogin again. Further information and examples can be found in manpage for chat (man 8 chat). Here you will find the encouraging comment: " In actual practice, simple scripts are rare. " The script should not contain any blank lines, blanks (white spaces) at the beginning of a line, or comments! Now test the connection with the command /etc/ppp/ppp-up. Any error messages (from the chat script, for example) will not be shown on screen, but in /var/log/messages. It is useful to have a second terminal running, where you can enter the command tail -f /var/log/messages; then you can immediately see if any important messages are displayed. 6.7 Masquerading and Firewalls ­ Friends and "Friends" Many users of SuSE Linux use their computers to dial in to the Internet or a router for leased-line access. Often when doing this, private IP addresses are used in the local network ­ these can, therefore, not access the Internet directly. To allow such an access for the internal network there is the possi- bility of "masquerading". You should install the package firewals from series sec for this. This package contains a script for masquerading and fire- walls. Both are controlled by the configuration file /etc/rc.firewall. It is sensible to set up a firewall at the same time, so that the system is better protected against attacks from the outside. You really should read the docu- mentation on this in /usr/doc/packages/firewals. 173 6. Connecting to the World-and Then What? There is no guarantee that the procedures given here work and do no harm. So if a hacker gets into your system, even though you did follow the rules, do not blame the authors. We would highly appreciate it, instead, if you would tell us the details of your experiences at feedback@suse.de! 6.7.1 The Basics of Masquerading You need to have two different network devices for masquerading. At least one of them is an Ethernet card, to which the inner (internal) network card is connected. As a network address, this network should use a private address reserved for this purpose, e.g. e. g.192.168.0.0 to 192.168.255.255. In the configuration example we are assuming that the router (which we are going to configure here) is set to the address 192.168.0.1 for the network card pointing to the internal network. The computers of the internal network then have IP addresses such as 192.168.0.2 or 192.168.0.3, etc. The external network device is, for example, the ISDN card, which is used for Internet access, or a leased-line connected to an Ethernet network card, which is what we have assumed in our example. Its configuration is explained below. 6.7.2 The Basics of the Firewall Strictly speaking this package does not contain a "firewall", but a "packet filter". A packet filter firewall protects the network from unauthorized access to IP addresses and ports which have not been explicitly enabled. If your computer is a web server, however, and you make port 80 available for this computer ­ which you must do, in order for the web server to be accessible from the outside ­ then this computer will not be protected against attacks on this port, of course. This packet filter firewall cannot, and is not intended to, replace a firewall on the application level, such a firewall should be set up by a professional. It is, however, reassuring for the security of your system to use this firewall for home use. 6.7.3 Configurating Masquerading and/or the Firewall Documentation on the SuSE firewall can be found in /usr/doc/packages/ firewall ­ theoretical considerations are presented in chapter 18.1 page 413 pp. The entire configuration is done in /etc/rc.firewall and is in English. Here is a step by step guide on how to configure the firewall. Each item specifies whether it is for masquerading or firewall. In the configuration file there is also mention of a DMZ ("Demilitarized Zone"), which we won't go into further at this point. If you really only need masquerading, then just fill out those lines marked with masquerading. * FW START (Firewall, Masquerading): Set to yes for this script to be started; this is how firewall and/or masquerading is enabled. * FW DEV WORLD (Firewall, Masquerading): For exampleeth0. This is the device which points out to the Internet. For ISDN this is, for example, ippp0. 174 6.7. Masquerading and Firewalls ­ Friends and "Friends" * FW DEV INT (Firewall, Masquerading): The device which points to the internal, "private" network. If no internal network is present ­ e.g. the firewall is protecting just this computer, leave this empty. * FW ROUTE (Firewall, Masquerading): If you need masquerading, you must enter yes here. For a firewall without masquerading, only if you want to have access to the internal network. This only works if the internal computers have officially assigned IP addresses. Normally you should not allow access from outside to the internal machines. If you enter yes here, because of masquerading, your internal computers are still not visible from outside, because these have private network addresses (e. g.192.168.x.x)and therefore cannot be routed in the Internet. * FW MASQUERADE (Masquerading): If you need masquerading you must enter yes here. Note that it is safer if the computers of the internal network access the Internet via a proxy server. * FW MASQ NETS (Masquerading): Enter the computers and/or networks for which masquerading should be carried out. Separate individual entries with a space. ­ Example: FW MASQ NETS="192.168.0.0/24 192.168.10.1" * FW PROTECT FROM INTERNAL (Firewall): Enter yes here if you want to protect the firewall computer from attacks from the internal network. Then you must explicitly release the services which are to be made avail- able to the internal network. See also FW SERVICES INTERNAL TCP and FW SERVICES INTERNAL UDP. * FW AUTOPROTECT GLOBAL SERVICES (Firewall): Normally you can leave this set to yes. * FW SERVICES EXTERNAL TCP (Firewall): Enter the services here which are to be accessed; e. g."www smtp ftp domain 443" ­ for the computer at home, which should not offer any services, you will normally leave this empty. * FW SERVICES EXTERNAL UDP (Firewall): If you are not operating a name server which needs to be accessed from outside, leave this blank. Otherwise you should add the necessary ports here. * FW SERVICES INTERNAL TCP (Firewall): See details on the variables FW SERVICES EXTERNAL TCP, but access is controlled from the in- ternal network. * FW SERVICES INTERNAL UDP (Firewall): See above. * FW TRUSTED NETS (Firewall): Here you should enter the computers which you can really trust ("Trusted Hosts"). Note that these computers also need to be protected from intruders. Example: "172.20.0.0/16 172.20.1.1" means that all computers whose IP addresses start with 172.20.x.x and the computer with the IP address 172.20.1.1 are allowed through the firewall. * FW SERVICES TRUSTED TCP (Firewall): Here you can specify the TCP port addresses which may be used by the "Trusted Hosts". Enter, for example, 1:65535 if the trusted computers are allowed to access all services. Normally it is sufficient if you enter ssh as the service. 175 6. Connecting to the World-and Then What? * FW SERVICES TRUSTED UDP (Firewall): As above, but refers to UDP. * FW ALLOW INCOMING HIGHPORTS TCP (Firewall): If you want to have normal (active) FTP, then you should enter ftp-data here. * FW ALLOW INCOMING HIGHPORTS UDP (Firewall): Enter dns in or- der to be able to use the name servers specified in /etc/resolv. conf. With yes you enable all high port numbers. * FW SERVICE DNS (Firewall): If a name server is running which is to be accessed from outside, enter yes here; at the same time port 3 must be enabled in FW TCP SERVICES *. * FW SERVICE DHCLIENT (Firewall): If you use dhclient to obtain your IP address, then you must enter yes here. * FW LOG *: Here you can determine what you want to protocol. For normal operation, setting yes in FW LOG DENY CRIT is sufficient. * FW STOP KEEP ROUTING STATE (Firewall): If you acess the Internet automatically with diald or via ISDN (dial on demand), then emter yes here. That's it. Don't forget to test the firewall (e. g.with telnet from outside); you should then see something like the following entries in /var/log/ messages: Feb 7 01:54:14 www kernel: Packet log: input DENY eth0 PROTO=6 129.27.43.9:1427 195.58.178.210:23 L=60 S=0x00 I=36981 F=0x4000 T=59 SYN (#119) 6.8 Let's Write-Configuration of e-mail If a connection to the outer world has been established, be it via PPP, UUCP, or ISDN, it should be used to do something. A rather typical application is electronic mail , or e-mail. This section describes the configuration of sendmail.2 sendmail has to decide how to deliver incoming and outgoing electronic mail. This might be either via a TCP/IP network using the SMTP protocol, or by using another transport agent, such as UUCP. sendmail's main configuration file is called /etc/sendmail.cf. If you have a normal and simple configuration, you may set up the necessary param- eters using YaST. YaST then creates a valid /etc/sendmail.cf for you. All settings are written to /etc/rc.config and YaST will create the file /etc/sendmail.cf for you, using the parameters given there. As sendmail configuration is rather complex, SuSE provides two preconfig- ured settings that should be sufficient in most cases. If you plan to use sendmail within a TCP/IP network, make sure you have a valid DNS server. Here, you need to set up one ("MX record" mail exchange record) entry per name. The current settings may be checked with the host command (in package bind): 2 There are alternatives to sendmail, two being smail and qmail. These are not covered in this book. 176 6.8. Let's Write-Configuration of e-mail earth: # host helios.cosmos.com helios.cosmos.com address 192.168.0.1 helios.cosmos.com mail is handled (pri=10) by helios.cosmos.com helios.cosmos.com mail is handled (pri=100) by mail-relay.cosmos.com If there is no entry for mail, you should ask your system administrator for help. The following electronic mail variables may be set by YaST in /etc/rc. config (see Section 17.6 page 400): * SENDMAIL TYPE="yes" This variable has to be set to yes if the sendmail configuration file is to be created using the values in /etc/rc.config. If you want to create a /etc/sendmail.cf yourself, answer no here. * SENDMAIL LOCALHOST="localhost www.cosmos.com" sendmail needs to know which electronic mail should be stored locally and which needs to be delivered to another host. Only electronic mail to the local host itself is saved locally by default. By entering a list in SENDMAIL LOCALHOST, you can configure other names that should be considered a local host. Example: the name of the machine is helios.cosmos.com. It serves as a WWW site for www.cosmos.com. To accept electronic mail that is sent to www.cosmos.com, you need to enter the following line: SENDMAIL LOCALHOST="localhost www.cosmos.com". * FROM HEADER=cosmos.com Normally, the local machine's name is used as the from header. This may be set to a different name: Example: The machine's name is earth.cosmos.com. You want to send electronic mail as newbie@cosmos.com. This may be achieved with the parameter: FROM HEADER=cosmos.com. * SENDMAIL SMARTHOST=mail-server.provider.de sendmail asks for the DNS names of every mail that is not delivered locally and tries to send the electronic mail via the SMTP protocol. This host might be anywhere on the Internet and could have a rather slow connection to the local host. Setting this parameter allows you to set up an intermediate host that gets all your outgoing mail. Then this host becomes responsible for delivering your electronic mail. First example: This is for a dialup connection. Thus, you deliver all of your electronic mail directly to your ISP: SENDMAIL SMARTHOST=smtp:mail-server.provider.de. Second example: If you are connected via UUCP, you may send all electronic mail that is not local to your UUCP server: SENDMAIL SMARTHOST=uucp-dom:uucp.cosmos.com. 177 6. Connecting to the World-and Then What? * SENDMAIL NOCANONIFY=no sendmail tries to resolve each and every e-mail address from the mail header and replaces each name with its "Fully Qualified Domain Name" (FQDN). If there is no DNS server available (due to a dialup connection perhaps) and you enter the name correctly, you may switch this off by setting it to yes. * SENDMAIL ARGS="-bd -q30m -om" This is how sendmail will be invoked at bootup. -q30m tells sendmail to check /var/spool/mqueue every 30 minutes if there is electronic mail waiting. -bd starts sendmail in "daemon mode" this enables you to accept electronic mail via the TCP/IP network. If you only have a dialup connection, you may omit the -q30m and invoke sendmail directly with sendmail -q. This might be done via a crontab entry once or twice a day. In addition, you may enter sendmail -q into your scripts that establish the connection to your ISP. This lets you exchange electronic mail every time you connect to the net. * SENDMAIL EXPENSIVE=no Normally, sendmail tries to deliver the electronic mail immediately via SMTP. If you are only temporarily connected, this might not be what you need, as a connection will be established each time you write an electronic mail. If you set this to yes the mail will be queued in /var/mqueue and delivered as soon as you launch sendmail -q. All locally delivered electronic mail is handled and saved to the local elec- tronic mail folder /var/spool/mail/ by procmail. Please have a look at the manpage for procmailrc (man procmailrc), the manpage for procmail (man procmail) as well as the manpage for procmailex (man procmailex) for a description of this extremely ver- satile tool. If you do not deliver remote electronic mail immediately, it is saved to the queue directory /var/mqueue and delivered at the next run of sendmail. You could also launch sendmail directly by entering sendmail -q. There are further settings that can be made, for example in /etc/aliases and some other files in /etc/mail/. There are commented examples in- cluded in these files. Some files need to be translated to databases using the makemap tool. This is invoked automatically if you start SuSEconfig or when you leave YaST. If you need a more complex configuration of sendmail, you should disable the automatic setup of /etc/sendmail.cf by setting SENDMAIL TYPE=no. Then you may use /etc/mail/linux.mc as a template for your config- uration. linux.mc is written using m4 commands. earth: # m4 /etc/mail/linux.mc > /etc/sendmail.cf creates a valid sendmail configuration by using the macros in /usr/ share/sendmail . Further documentation my be found in /etc/mail, /usr/share/ sendmail as well as /usr/doc/packages/sendmail. There is a web site at http://www.sendmail.org/. If you need to set up even 178 6.9. News: Brand-New Messages from USENET more complex configurations, you will also need the sendmail book from O'Reilly.3 This describes sendmail in all its gory detail. 6.9 News: Brand-New Messages from USENET One of the most important services provided by the Internet is the transport and delivery of news sorted into different groups. This part of the Internet is often referred to as the Usenet. Only through the existence this medium was the development of Linux at all possible. And only by means of this highly efficient form of communication, was and is it possible to rapidly develop and remove program bugs4. Moreover USENET is an important support medium for Linux users world wide. A complete description of the news system with all its thousands of possibil- ities (such as forwarding news to other machines) is far beyond the scope of this book. Only a basic local system is described here. Large systems should consider using the package inn, series n. Docu- mentation on INN may be found in /usr/doc/packages/inn. You should prefer INN to other news readers if you are working with UUCP. There is no installation support for the INN configuration (see Sec- tion H.1.2 page 493) But we are very willing to help you within the frame- work of our pay service, Professional Services (see Section H.3 page 497). 6.9.1 The Leafnode News System The package leafnode is a perfect news system for smaller networks or standalone machines. It consists of several parts: the NNTP server leafnode, the program leafnode (previously, fetch), to retrieve news articles and the program texpire for deleting old articles. As add-ons there are tools to maintain the huge amount of data which can gather in /var/spool/news. Documentation on all the components can be found in /usr/doc/packages/leafnode, as well as in the manpage for leafnode (man 8 leafnode) and manpages. Please follow the update instructions in Section 15.2.8 page 367. Requirements for Leafnode * You need to be capable of connecting to an external NNTP server, either via modem (PPP), ISDN or another network connection (e. g. Ethernet). This server feeds you with news. If in doubt, contact your ISP to get more information on the NNTP server. * The package leafnode, series n needs to be installed. * Plenty of free space in /var/spool/news . . . * Next you will need to follow the steps listed for configuring leafnode. 3 See [CAR93]. 4 although much of this functionality has meanwhile been overtaken by "mailing lists" 179 6. Connecting to the World-and Then What? Local NNTP Server First, make sure that leafnode runs as a local NNTP server. 1. In the file /etc/rc.config set the variable to the value localhost. You could enter your real hostname here (e. g. earth), of course. This is absolutely essential in a network environ- ment. Setting the variable is best done with YaST (see Section 3.6.11 page 101), as YaST automatically launches SuSecon- fig. 2. Next you will need to adapt /etc/leafnode/config with an editor. Here you need to enter the name of your ISP's NNTP server (at server =). 3. Make sure that leafnode is launched by inetd. Uncomment the nntp entry in /etc/inetd.conf (see File contents 6.9.1). 4. Restart the inetd. You may use rcinetd restart. nntp stream tcp nowait news /usr/sbin/tcpd /usr/sbin/leafnode File contents 6.9.1: inetd entry for leafnode Now everything is set up so that you can contact your news server for the very first time. telnet localhost 119 lets you check whether leafnode reacts. If so, typing quit will bring you back to the command line. Initialize and Maintain the News System Now you can initialize the system. Start a connection to your ISP (via mo- dem or ISDN). At the first connect fetchnews will get a list of the available news groups from the news server. They are saved to /var/spool/news/ interesting.groups. If you want more extensive information, launch fetchnews with the -vvv option: earth: # fetchnews -vvv Articles are not yet available at this point. Anyway you will need to launch an NNTP news reader and view the (still empty) groups (see Section 6.9.1 on the facing page). leafnode recognizes this and, with the next invocation of fetchnews, the group should be filled with articles. If you don't want to enter fetchnews manually every time you go online, you could add it to your /etc/ppp/ip-up script. Maintaining the News System leafnode has been designed to more or less maintain itself. This means that groups that have not been read for a certain time are no longer collected by fetchnews. 180 6.10. Faxing with Linux 0 22 * * * root test -x /usr/sbin/texpire && /usr/sbin/texpire File contents 6.9.2: Expire entry for leafnode in /etc/crontab The only thing one really has to do is make sure that old articles are deleted. This is done with texpire. A suitable entry in /etc/crontab has already been entered; just remove the leading `#', as shown in File contents 6.9.2. Explanations on configuration possibilities of /etc/leafnode/config may be found in the manpage for leafnode (man leafnode). Reading the News There are several tools for reading news, such as nn, tin or pine. Even Netscape or Emacs may be used. It is basically a personal decision as to which news reader you prefer. Most of the news readers may be set up so they can access a news server as well as the local spool directory. Preconfigured packages may be found in the series n of SuSE Linux. If you want to use tin to connect to the leafnode NNTP server (see Sec- tion 6.9.1 page 179), you should invoke rtin. 6.10 Faxing with Linux There are two choices if you plan to use your Linux machine for faxing: * Use mgetty with sendfax. * Install the HylaFAX fax server. Here you have the SuSEFax frontend, designed in Java. Since SuSE Linux version 5.0, the package mgetty has been separated into two packages: package mgetty and package sendfax, as some commands of package hylafax and package sendfax are identical. The next two sections describe how to set up and configure hylafax and SuSEFax on SuSE Linux. 6.10.1 SuSEFax-a HylaFAX Fax Client As already mentioned, SuSEFax has been designed in Java. This, in particu- lar, means that you need to install the Java Developers Kit along with package susefax. If you want to use SuSEFax on another platform, you should in- stall package susefax and copy everything from /usr/lib/SuSEFax to the destination directory on the other platform. The Startup Wrapper SuSEFAX is launched via a small script called a "wrapper". It, in turn, sets all the necessary parameters, checks for settings and invokes the Java interpreter. This script is located in /usr/X11/bin/susefax. It is possible to set up the SuSEFAX system independently of the wrapper. 181 6. Connecting to the World-and Then What? System Properties In Table 6.1 all the SuSEFAX system properties needed to be set up are listed: their meanings and default values. If you launch the interpreter with- out any additional options, these settings are used. There is normally only one parameter that needs to be set. This is susefax.images. If you run the program on an operating system with multiuser capabilities, (e. g., Linux), this is not needed. In particular, this means that each user will be assigned a home directory on UNIX systems and Windows NT (but not on OS/2). If this is not possible on your system, you should set the values for susefax.setup.path, susefax.setup.file, as well as suse- fax.phonebook.file as SuSEFAX might not work otherwise. Property Default value Meaning susefax.setup.path $HOME Directory where the config- uration files and the tele- phone database should re- side susefax.setup.file .susefaxrc Name of the configuration file susefax.phonebook.file .susephone Name of the telephone num- ber database susefax.images ./images Directory where all neces- sary images are stored Table 6.1: The System Properties of SuSEFax If you want to change some of these parameters, just remove the comments in front of the variable names (see File contents 6.10.1). # if you want to store the settings other than # $HOME/.susefaxrc, then you may place another path and/or # filename here SETUPDIR= # -Dsusefax.setup.path=/where/ever/you/want SETUPFILE= # -Dsusefax.setup.file=/what/ever/you/want # even the phone book can be renamed to whatever PHONEBOOK= # -Dsusefax.phonebook.file=asyoulikeit File contents 6.10.1: Section of the wrapper script: /usr/X11/bin/susefax Handling-Instructions for Use This is the main application window after the `Send queue' has been acti- vated and `Fetch state' has been invoked. `Fetch state' tells you about jobs that are still queued, that is, faxes that were sent within the last few 182 6.10. Faxing with Linux Figure 6.6: Send queue minutes. If you activate the `Receive queue' button, all faxes that were received within the last few days will be listed. You may set up the automatic display by clicking on `Update information', then enter an interval in the box below and confirm by pressing . There is a jobs list that tells you what actions are performed on a double click. This depends on which button (`Receive queue' or `Send queue') has been activated. In `Send queue', you may define what should happen if you double-click on the mouse-either you get information on the job, or it is deleted. In `Extras', you may select the language (English or German). Setting Up Before you can get any feedback from the server or launch any processes, you must configure the application. This is done via `Main Settings' in the `Program' menu. All settings will be saved. If you exit the program, all settings will be saved as well. 183 6. Connecting to the World-and Then What? Figure 6.7: Dialog for global settings Global Settings The settings and their meanings: Username: For the name of the user. This is needed when creating fax covers. E-mail: All messages from the fax server are sent to this electronic mail address, for example, if a fax has been removed without having been sent. User account: The fax server can distinguish between different users. You may allow or deny access. This is why you need to enter the account name known to the server. You may even assign a password to specific users. Hostname of the fax server: This is the name of the host where your fax server runs. Automatic faxing: If this button is activated, the fax server checks the file named in `Spool file' every couple of seconds. If it has changed, you will get a `Send fax' automatically. This comes in handy if you print to a file from another application. Thus each application is capable of sending faxes, provided it is capable of converting them to Postscript (see Section 6.10.3 page 190). Spool file: Here, you need to set up the complete path to the spool file if you want to make use of the "automatic fax sending" feature. Clicking on `Search' offers a file browser where you may set up this file. Fax cover: For automatic generation of a fax cover, a special PostScript file is needed. You need to enter the complete path here. Time zone: This should be the same as what you set up on the fax host. 184 6.10. Faxing with Linux Country: Date and time settings are dependent on this entry, for example, for your fax cover. Job Settings Figure 6.8: Dialog for job parameters After the global settings have been made, you are ready to send your first fax. A fax, or a file, is converted to a "job" which waits to be sent (perhaps along with some other jobs). Each job has some job parameters. These may be set prior to or after the job has been queued. Prior to sending the job, this may be done in `Job settings', accessible via `Extras'. This is a short overview: Notification Scheme: Here you can set when the fax server should send a notification to a user whose electronic mail address was previously spec- ified. Four different schemes are available: * Never (only errors): If an error occurs, a message is sent to the user that the sending of a job failed. * After sending: The user is informed after successfully sending each fax. 185 6. Connecting to the World-and Then What? * After a Re-queue: The user is sent a message if a fax fails, for exam- ple, because the remote machine is busy. * After Re-queue and Sending This is a combination of the last two schemes. In general, the first scheme applies, even if you select another scheme. Resolution: Here you can enter the resolution of the fax to be sent. It is given in lines per inch (lpi). Priority: Priority of a job in the queue. The default value is set to 127. This is updated if a job fails (due, for example, to a busy line). Maximum tries to send: Here you can determine how many times the server should try to send a fax once a connection has been established. Maximum tries to dial: Here you can specify how many times the server should try to connect to a remote machine (for example, if the line is busy). Paper format: There are currently three supported formats: A4, A3 and Letter. This depends on the format of the PostScript document to be sent. If you have activated `Modify job parameters' in the main window, a dialog window will appear when you double click. Here you may set the same parameters as above: `Notification scheme', `Maximum tries to send' as well as `Maximum tries to dial'. External Viewer If the job list shows any received faxes, you may view the faxes using an external viewer. The fax itself uses the tiffg3 format. Your viewer should thus be capable of displaying this format. The format enables you to combine multiple images within one file. There is a small script that comes with SuSEFax that creates a PostScript file. It uses fax2ps from TIFFSoftware by Sam Leffler [Lef96b] (package tiff). This is handed to a PostScript viewer. The tool then looks for gv by Johannes Plass (package gv). If this is not found, it uses GhostView by Timothy O. Theisen (package gs x11). This tool is called docview and may be found in /usr/lib/SuSEFax. These are the options for the external viewer. Path to temporary files: Here, SuSEFax stores the tiffg3 from the server and replaces the $F with the image's complete pathname. If a user wants to run SuSEFax he needs to have read and write permissions in this directory! Invoking the viewer: Here, you need to enter the full pathname to the pro- gram that should display the file. It has to accept the file's name as a parameter. Sending a Fax After configuring SuSEFax and HylaFAX, you should make sure that you are able to fetch the status settings of the fax server (see page 182). Otherwise 186 6.10. Faxing with Linux you will not be able to send a fax-check the configuration of SuSEFax and HylaFAX for errors. If everything was set up correctly, you should see a dialog when clicking on `Fax send'. The following items can be selected: Telephone number of the remote host: The telephone number of the re- mote machine. You may select an item from the telephone book if you click on `From telephone book' (you will need to enter the num- bers first, of course). Document to be sent: Here the full pathname to the document you'd like to send must be given. If you select `Search', you may select a file in the browser. Use fax cover: This may only be activated if you have set up a fax cover file in the global settings. A fax cover will then be generated and sent. Do not send immediately: If this is activated, a dialog window pops up where you can enter the time for the fax to be sent. If you leave this dialog by clicking `Cancel', the fax will be sent immediately, just as if you had clicked on `Send fax'. For time and date settings: * When you have made a selection, confirm this by pressing . Now the program checks whether this is a valid date. If not, it is converted to a valid date. Name of sender: Here, the name that has been set in global settings is used. Name of recipient: Regarding: To company: Comment: Selecting `Poll fax' assumes that you have set up a telephone number for the fax polling server. You will need to supply the name of the file to be sent. Importance of the Job List As mentioned above, you may switch between the contents of the send queue and the contents of the receive queue. This is a short summary of the process: Reception Queue Figure 6.9: Example of a reception queue From left to right: the permissions, the size (in bytes), number of pages, the TSI and the name of the fax received. The TSI (Transmission Subscriber Identification) is an identification format the user has set up on his machine. This must not be a telephone number. It could, however, be a company name. 187 6. Connecting to the World-and Then What? Incoming faxes may only be viewed by double-clicking on them if the fax server has been set up for all users to read them. In order for this to work, you need to set the value 0644 in RecvFileMode: in /var/spool/fax/etc/config.device (see Section 6.10.4 page 192). Send Queue Figure 6.10: Example of a send queue From left to right: the job ID, the priority of the job, the user account, the target telephone number, the time and/or number of tries and the maximum number of rings. If an error occurs, you will see the corresponding error message. The job ID is assigned automatically by the fax server. You may set a priority as a user, but the server may adjust this setting. The user account tells you which user has launched the job. The user is the only one who can delete the job or change its parameters. The Telephone Book Figure 6.11: The telephone book The telephone book (see Figure 6.11) is for administering and maintaining your personal phone numbers. You may list and sort them according to name, surname, fax number and company. Double clicking an entry will launch the editor. You may now select another item and its entries will be presented. `Accept entry' adds the item to your list providing you filled out the following entries: `Surname', `Name' and `Telephone number'. If you have activated the `View entry' mode, double clicking on `Send fax' will invoke the `Send fax dialogue', using the entries `Sur- 188 6.10. Faxing with Linux name', `Name', `Telephone number', `Company' and `Com- ment' as defaults for the cover page (see page 186). The cover will only be sent if you have activated the item `Use fax cover'. If you have launched a process that disables the selection bar (e. g., by `Sort'), you may reactivate it afterwards by selecting an entry. A new entry is added as soon as you click `Add'. `Remove' deletes the currently selected entry. The list is only sorted if you explicitly activate the `Sort' button. The button `Save changes' and `Save & Exit' both make your phone book changes permanent. To cancel your changes, press the `Cancel' button. The telephone book may be used as a standalone application. For this the wrapper susephone is available. Just enter susephone in a shell. No faxes can now be sent, however. It is not advisable to start the telephone book program twice with the same user account. If you do it by mistake, make sure you don't save in both programs. The Faxed Form Letter The form fax dialog enables you to generate a serial fax list from the tele- phone list. To add or remove an item, it must be highlighted first. You may se- lect either with the mouse or with one of the toggle buttons. If ` Toggle' is activated, all selected entries will be marked as disabled, and vice-versa. The same applies to the list. `Send faxes' causes all faxes in the list to be sent. You cannot create a fax cover for serial faxes. 6.10.2 Automatic Generation of the Fax Cover As mentioned above, you will need a PostScript template to automatically generate fax covers. This, in itself, is not a PostScript file, but a template that includes certain place-markers that are inserted automatically during the creation of the cover. Creation of a template may be time-consuming. If you are familiar with LATEX, you may use the package latex-cover .5 This contains an easy-to-use TEX style for creating covers with TEX. The cover used for this package and for the package hylafax has been created with this versatile tool. If you don't want to use this, you will have to create a "normal" PostScript file and insert the entries by hand. Which Keywords Does SuSEFax Know? If you want to modify the TEX document, be aware that SuSEFax can only replace the following macros: 5 It is installed in /usr/doc/packages/hylafax with package hylafax. 189 6. Connecting to the World-and Then What? \toperson \from \regarding \tocompany \todaysdate \comments If you want to test the template you have made, you may use the faxcover tool which is included in package hylafax. This will create a PostScript file from the template. You can then print or view it. You could also use the Java binary FaxCovergen.class. from the package susefax. Just enter the following: newbie@earth:/home/newbie > java -classpath /usr/lib/java/lib/classes.zip:/usr/lib SuSE- Fax.FaxCovergen You should now see: Command: FaxCovergen sourcecover.ps docname.ps targetcover.ps The source cover is your template. docname.ps is the document that will be sent. It will be saved in targetcover.ps. Now you may view either of them. 6.10.3 Fax Spooling on UNIX/Linux The spooling mechanism of SuSEFax was originally designed for use with Windows. You may use it on Linux as well. For this to work, you will need to install the package faxprint, series n (network support). If you convert /etc/passwd to a PostScript file by entering the com- mand a2ps -nP /etc/passwd | lpr -Pfax, there should be a file in /tmp called fax accountname.ps. accountname is just your login. If this file exists, you may enter it as a spool file, as described in Section 6.10.1 page 184, and activate the `Automatic fax' button. The spooling mechanism only works if SuSEFax is running. If this is the case, it regularly checks the time stamp Lastmodified of the spool file and opens it if it has been changed. 6.10.4 HylaFAX ­ Distributed Faxes Function Installation and configuration of HylaFAX is not covered by our installation support (see Section H.1.2 page 493). How the fax server works: Figure 6.12 on the facing page illustrates how the fax server interacts with the client. As you can see, there are three different ways to communicate with 190 6.10. Faxing with Linux the server. The protocol that is used on port 4557 is still used, for reasons of compatibility with older versions of HylaFAX. WinFlex by Peter Bentley, for example, runs on Windows and still uses this protocol. New clients should use the new protocol on port 4559. This protocol is based on the File Transfer Protocol, RFC959. The third available protocol is SNPP (Simple Network Paging Protocol, RFC1861). Fax Modem HylaFAX (TM) Fax Server The Three Net Protocols 4557 Old Protocol (Compatibility) TCP/IP 4559 New Protocol Similar to the FTP Protocol) Clients SNPP Simple Network Pager Protocol Figure 6.12: How HylaFAX servers function The server itself consists of three different daemons. Each of them is respon- sible for a specific task: hfaxd This is the protocol server. It is responsible for the communication between the client and the server. It may be launched standalone, e. g., via the init process or via inetd. It shares a "FIFO file" with the faxq process itself. faxq This is the so called "Queueing Agent". It is responsible for maintain- ing incoming and outgoing faxes, as well as the job queue. This process runs all the time. You must ensure that only one of these is running. faxgetty This tool is responsible for communication between the server and the modem. As an alternative to faxgetty, you may use the faxmodem tool if you want to send, but not receive, faxes. Alternatively, you might control it by means of a FIFO file.6 6 FIFO = First In First Out. 191 6. Connecting to the World-and Then What? Directory Structure The server runs in change root mode (see man chroot). By default, the Server- Root directory is /var/spool/fax. All processes and the Server-Root directory itself belong to `uucp'. a list of all directories that may be found in Server-Root is given in Table 6.2, together with a short description. archiveJobs are archived here if job archival support is activated. bin All the scripts used by: faxq, faxsend, pagesend and faxgetty. client For the FIFO files that communicate with faxq. config Configuration, permissions and user accounts. dev Since the whole system runs in chroot, here you will find all the character devices needed (null, socksys and tcp). docq This, as well as tmp, is used for pre-checking jobs. doneq Jobs that were done, but neither archived nor deleted. etc See manpage for config (man config). info This is for general information on hosts that are already known to HylaFAX. log Here, you will find the logs of both sender and receiver. pollq This is for documents obtained by polling the server. recvq Incoming faxes. sendq Outgoing faxes. status Status information on the server itself. tmp See manpage for docq (man docq). Table 6.2: The HylaFAX Server-Root directories and their function In addition, there are various FIFO files: the file /var/spool/fax/FIFO itself as well as one /var/spool/fax/FIFO.devname per modem, which is maintained by faxgetty. devname stands for the device to which the modem is connected. Configuration The configuration itself is split up between from 2 to 2+n configuration files. Here, `n' stands for the number of modems used. In /var/spool/fax/ etc, you will find the files config and config.device. The latter configures the modem attached to device. So if there is a modem connected to /dev/ttyS0, the name would be config.ttyS0. General settings are entered in config. These are needed by the sched- uler process faxq itself. Modem-specific setup settings may be found in config.device. Settings for the queueing service may be found in config. The files for the protocol server are in /usr/lib/fax/hfaxd. conf. These configuration files are created automatically if you invoke faxsetup after installation. 192 6.10. Faxing with Linux Example Configuration Here, you see an example session with faxsetup. We will use the data mentioned in Table 6.3. Below, the bold letters are user entries. Telephone number (0)49(0)911-123456 Modem Fax-Class 2.0 Table 6.3: HylaFAX configuration example data Configuration of the Scheduler * Should an entry be added to /etc/inetd.conf [no]? * Country code [1]? 49 * Area code []? 911 * Long distance dialing prefix [1]? 0 * International dialing prefix [011]? 00 * Dial string rules file (relative to /var/spool/fax) ["etc/dialrules"]? * Tracing during normal server operation [1]? 527 * Default tracing during send and receive sessions [0xffffffff]? 527 * Continuation cover page (relative to /var/spool/fax) []? etc/cover.templ * Timeout when converting PostScript documents (secs) [180]? * Maximum number of concurrent jobs to a destination [1]? * Define a class of modems []? "any" * Time of day restrictions for outbound jobs ["Any"]? * Pathname of destination controls file (relative to /var/spool/fax) []? * Timeout before purging a stale UUCP lock file (secs) [30]? * Max number of pages to permit in an outbound job [0xffffffff]? 30 * Syslog facility name for ServerTracing messages [daemon]? After the data has been entered, you will be presented with a summary of what you have just entered, as shown in Output 6.10.1 on the next page. 193 6. Connecting to the World-and Then What? The non-default scheduler parameters are: CountryCode: 49 AreaCode: 911 LongDistancePrefix: 0 InternationalPrefix: 00 ServerTracing: 527 ContCoverPage: etc/cover.templ MaxSendPages: 30 ModemClass: "any" SessionTracing: 527 Screen output 6.10.1: Summary of HylaFAX scheduler configuration exam- ple Configuration of the Server After the scheduler has been configured, faxsetup requests whether you want to set up your modem using faxaddmodem. You should answer yes to this. Now, the serial line has to be entered without entering the full pathname-just modem if it is /dev/modem. * Country code [49]? * Area code [911]? * Phone number of fax modem [+1.999.555.1212]? +49.911.3206728 * Local identification string (for TSI/CIG) ["NothingSetup"]? "SuSE GmbH" * Long distance dialing prefix [0]? * International dialing prefix [00]? * Dial string rules file (relative to /var/spool/fax) ["etc/dialrules"]? * Tracing during normal server operation [1]? 527 * Tracing during send and receive sessions [11]? 527 * Protection mode for received facsimile [0600]? 0644 * Protection mode for session logs [0600]? * Protection mode for modem [0600]? 0666 * Rings to wait before answering [1]? * Modem speaker volume [off]? * Command line arguments to getty program ["-h %l dx_%s"]? "-r -b -s %s %l" * Pathname of TSI access control list file (relative to /var/spool/fax) [""]? * Pathname of Caller-ID access control list file (relative to /var/spool/fax) [""]? 194 6.10. Faxing with Linux * Tag line font file (relative to /var/spool/fax) [etc/lutRS18.pcf]? * Tag line format string ["From %%l|%c|Page %%p of %%t"]? * Time before purging a stale UUCP lock file (secs) [30]? * Hold UUCP lockfile during inbound data calls [Yes]? * Hold UUCP lockfile during inbound voice calls [Yes]? * Percent good lines to accept during copy quality checking [95]? * Max consecutive bad lines to accept during copy quality checking [5]? * Max number of pages to accept in a received facsimile [25]? * Syslog facility name for ServerTracing messages [daemon]? * Set UID to 0 to manipulate CLOCAL [""]? The summary given in Output 6.10.2 is created according to the settings entered above. The non-default server configuration parameters are: CountryCode: 49 AreaCode: 911 FAXNumber: +49.911.3206728 LongDistancePrefix: 0 InternationalPrefix: 00 DialStringRules: "etc/dialrules" ServerTracing: 527 SessionTracing: 527 RecvFileMode: 0644 DeviceMode: 0666 RingsBeforeAnswer: 1 SpeakerVolume: off GettyArgs: "-r -b -s %s %l" LocalIdentifier: "SuSE GmbH" TagLineFont: etc/lutRS18.pcf TagLineFormat: "From %%l|%c|Page %%p of %%t" MaxRecvPages: 25 Screen output 6.10.2: An example of HylaFAX server configuration This completes the configuration of the scheduler and server. Now you can choose whether you want to start faxmodem for each of the configured modems. This is an alternative to faxgetty, which is send-only. You may choose either solution. 195 6. Connecting to the World-and Then What? Adaptive Answer Support A handy feature of the fax server (faxgetty) is the so-called "Adaptive Answer Support", which enables the server to launch any getty depending on the type of incoming call. This could also be a data call. For this to work. make sure the entry in File contents 6.10.2 is configured (see Section 6.10.4 page 192). GettyArgs: "-r -b -s %s %l" File contents 6.10.2: Entry for Adaptive Answer Support Here, %s is a substitute for the DTE/DCE between machine and modem. This is set to 38400 bps (bits per second) by default. Some modems manufactured by USRobotics cannot support this rate (see [Lef96a]) and generate transceiv- ing errors. This may be avoided by decreasing the baud rate () to 19200 in the appropriate modem configuration file. The default getty is mgetty (package mgetty, series n (network support)). For this to work, you need to modify the mgetty configuration file (/etc/mgetty+sendfax/ mgetty.config) using the entries given in File contents 6.10.3. port modem direct y toggle-dtr n File contents 6.10.3: Entry in mgetty configuration file The keyword modem7 is your modem's device name. Make sure that faxgetty as well as mgetty use the same device. Fax Dispatching Fax dispatching is the redirection of incoming faxes to a given electronic mail address. You will need to create the file etc/FaxDispatch in the Server-Root directory. File contents 6.10.4 shows an example configuration: case "$SENDER" in *0815*) SENDTO=newbie;; *) SENDTO=FaxMaster;; esac File contents 6.10.4: An example of etc/FaxDispatch Incoming faxes are identified by their TSI. In our example, every fax with 0815 in its TSI will be automatically forwarded to the user `newbie' via electronic mail (as a PostScript attachment).8 Furthermore, each incoming fax is redirected to `FaxMaster'. If you have any problems configuring HylaFAX, please look at our Support DataBase, package susehilf, series doc (Documentation). Enter the keyword "fax" and you will find lots of useful information. 7 If it is /dev/modem, then it refers to a link to /dev/ttySx. 8 You may change the file format by modifying bin/faxrcvd. 196