home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Chip 2000 May
/
Chip_2000-05_cd2.bin
/
docu
/
ascii
/
suselxen
/
slxen-06.txt
< prev
next >
Wrap
Text File
|
2000-03-11
|
119KB
|
2,790 lines
Chapter 6
Connecting to the World-and
Then What?
In this chapter we show how to establish connections to remote networks:
Wide Area Networks (or WANs) and the Internet. We also explain how to set
up services that use these connections.
There are two communications protocol standards known in the UNIX world,
UUCP and TCP/IP (via modem or ISDN). While UUCP (Unix to Unix Copy)
is mainly designed for transporting mail and news, TCP/IP provides a real
network connection which supplies all services to a LAN.
If TCP/IP is used with a modem connection, nowadays PPP (Point to Point
Protocol) is generally used. 1 For ISDN connections, rawip and snycPPP
are normally used (see Section 6.2.5 page 157).
In the next section we outline how to make a basic modem connection and use
a terminal program to access a WAN. After that we go into some detail about
configuring PPP, inlcuding a PPP server. Then the basics of e-mail, setting up
a news system and fax capabilities are discussed.
6.1 PPP
PPP (Point-to-Point protocol) enables you to establish a TCP/IP connection
via a serial line. Client and server may communicate while establishing their
connection and set up their needed parameters accordingly. The server may
configure an IP address as well as a name to the client.
Furthermore, PPP is a standard protocol (which SLIP isn't) and is normally
the only protocol offered by ISP's.
The PPP daemon, pppd, which is used for communicating with various de-
vices, plays a vital and central role in PPP connections. This daemon may
serve either as server or client. To actually establish the connection, the pro-
gram wvdial or chat is needed.
6.1.1 Requirements for Using PPP
The following items are needed to use PPP in SuSE Linux:
1 SLIP (Serial Line Internet Protocol) is going more and more out of fashion.
149
6. Connecting to the World-and Then What?
* The kernel needs to have support for TCP/IP and PPP included. This is
the case with the standard kernel and the modules belonging to it - you
don not need to compile a new kernel.
* The networking packages need to be installed. The packages that are
required are package nkita and package nkitb, series a.
* The PPP base package, package ppp, series n, which includes pppd and
chat script.
* The package wvdial, series n to establish and close down the connec-
tion.
* If ISDN is to be configured, refer also to Section 6.2.3 page 153.
* You need to know your login and password for the PPP server.
6.1.2 Further Information on PPP
PPP offers far more options and capabilities than we could list here. It would
be beyond the scope of this book to even mention them all. If you need more
capabilities or options, refer to the corresponding manuals and manpages:
NET-3-HOWTO.gz and PPP-HOWTO.gz in /usr/doc/howto as well
as the documentation in /usr/doc/packages/ppp.
More detailed information on PPP and its protocols may be found in the
corresponding RFC's:
* RFC1144: Jacobson, V. "Compressing TCP/IP headers for low-speed
serial links." 1990 February;
* RFC1321: Rivest, R. "The MD5 Message-Digest Algorithm." 1992
April;
* RFC1332: McGregor, G. "PPP Internet Protocol Control Protocol
(IPCP)." 1992 May;
* RFC1334: Lloyd, B. Simpson, W.A. PPP authentication protocols."' 1992
October;
* RFC1548: Simpson, W.A. "The Point-to-Point Protocol (PPP)." 1993
December;
* RFC1549: Simpson, W.A. "PPP in HDLC Framing." 1993 December.
6.2 ISDN Configuration
In addition to its "normal" network capabilities, Linux can connect to your
ISP via ISDN. Most of this may be set up in YaST, making ISDN configura-
tion with SuSE Linux straightforward and easy.
This section refers mainly to a standard connection to your ISP via ISDN. Of
course, there is lots more that can be done by isdn4linux.
Keep in mind that some of the procedures mentioned below may be "illegal".
Every active card and its firmware are certified. Passive ISDN controllers are
certified if run with the software of the manufacturer. For those who need a
certification, please use either an active ISDN card or connect the controller
to your PBX.
ISDN has one great difference to a modem connection-once the network
has been set up and configured, no additional commands are required. This
150
6.2. ISDN Configuration
is called "on demand". As soon as you launch a telnet session, for example,
the connection will be established. This normally takes about three seconds.
Thus, it is possible to let "normal" users establish a connection. You may set
the idle time. This is the period of time after which the connection will be
cancelled automatically, if all the processes that use the connection are idle.
While configuring your ISDN system, it is recommended that you keep an eye
on messages in /var/log/messages. Just start another xterm or login on
another console and enter:
earth: # less +F /var/log/messages
The option +F causes the screen to display each new line "online", as it is
written; you can leave this mode with Ctrl + c
.
Another option is to view the ISDN traffic graphically, with the program
xisdnload. Now, you will see each line as it is added to /var/log/
messages.
6.2.1 Setting up ISDN - Step by Step
The following section provides a step by step guide to connecting to the
Internet. Try this first. If it doesn't work, or if you need more detailed
information, then read through the subsequent sections of this chapter.
1. As user `root', start the program YaST ¡ if you are in KDE: press Alt
+ F2
, then enter xterm. Start YaST in the new window.
2. Go to `System administration', `Integrate hardware
into system' and then to `Configure ISDN hardware'.
3. Complete the mask. If you are not sure what to enter, documentation can
be found in /usr/doc/packages/i4l and in the following sections
of the handbook.
4. Then select `Start' in the window.
5. If this was successful (a positive message appears on the screen), then
choose ISDN-Parameter.
6. Complete this mask as well.
7. Then select `Start' in the window.
8. If this works (another positive message appears), then select Save.
9. Go to the `Network configuration' menu, `Network base
configuration'.
10. Create a new device (with F5
) - ISDN SyncPPP. Press `RETURN',
to reach the menu `Enter network addresses'.
11. Leave these settings as they are ¡ the IP address of your local ma-
chine 192.168.0.99, the address of the Point-To-Point partner is
192.168.0.1 ¡ and only change the Default-Gateway to the same
address as Address of the Point-To-Point partner (192.168.0.1).
12. Finish this by selecting `Continue'.
13. In the mask `Selection of network' you must activate the card
with F4
.
14. Save with F10
.
151
6. Connecting to the World-and Then What?
15. Go to `Nameserver configuration', answer the question with
`Yes'.
16. Enter the IP address of the nameserver (DNS) of your provider. If you do
not know this, ask your provider. Usually this can be found on the web
page of the provider.
17. End YaST. Enter init 1 in the terminal window. If KDE (and X) are
running, they will be stopped.
18. Re-start the network with init 2 if you normally start X with startx.
If you login using X Windows, however, then start with init 3.
19. If you start Netscape, for example, you can now surf on the Internet. If
you also start xisdnload, you can monitor your connection status.
20. Some providers require you to specify the proxy server for your provider
in Netscape:
In Netscape, go to `Edit', `Preferences', `Advanced',
`Proxies', `Manual Proxy Configuration' and then `View'.
Now your ISDN access should be running and your connection to the In-
ternet should be running automatically as soon as you enter an Internet ad-
dress in Netscape, for example, and the connection will be closed if no data
traffic occurs for more than 60 seconds. You can monitor this traffic with
xisdnload!
If it doesn't work, please continue reading below!
6.2.2 Overview
SuSE Linux includes the package isdn4linux, which includes hardware
drivers and network interfaces as well as modem emulation (digital modems
only). It even includes software which provides the function of an answering
machine.
The ISDN hardware driver is launched by /sbin/init.d/i4l_hardware
(see Chapter 17 page 395). Configuration of the ISDN part is done via
isdnctrl (see manpage for isdnctrl (man isdnctrl)). The net-
work interfaces are configured just like standard Ethernet interfaces by
means of ifconfig (manpage for ifconfig (man ifconfig))
and route (manpage for route (man route)). On SuSE Linux,
/sbin/init.d/i4l performs this task (see Chapter 17 page 395).
All actions taken are based upon entries in /etc/rc.config. These entry
names resemble, where possible, the options of isdnctrl.
/sbin/init.d/route sets up the routing of the devices given in /etc/
route.conf.
Establishing a connection is done by isdnctrl followed by /sbin/init.
d/i4l, using settings from /etc/rc.config. You can see a list of these
parameters by entering:
earth: # isdnctrl list all
As soon as somebody requests an ISDN service (this may be either a user or
an application), the connection is established.
152
6.2. ISDN Configuration
6.2.3 Configuring ISDN Hardware
Requirements
To make a successful connection from SuSE Linux, you will need:
1. an ISDN connection
2. a supported ISDN controller
3. SuSE Linux installed
4. one of the SuSE Linux standard kernels (on CD)
You don't need to compile a kernel! If you want to compile a kernel
anyway, make sure you use the sources from package lx suse, series
d!
5. the package kernmod, series a
6. the package i4l, series n
7. the documentation found in package i4ldoc, series doc (recom-
mended)
What you need to know:
* the type of your ISDN controller
* the controller settings-IRQ, port address, etc. (depends on the type)
* the ISDN protocol you use:
¡ 1TR6: (old) national ISDN
¡ DSS1: Euro-ISDN
Some of the PBX's (contrary to the documentation) still use 1TR6 instead
of DSS1.
What is an MSN/EAZ?
With Euro-ISDN, you get a MSN (Multiple Subscriber Number), which nor-
mally is your telephone number without the prefix. If you just subscribed to
ISDN, you will receive three different numbers. Any of them may be used
for your ISDN connection, even if you use the same number as a telephone
number, as they can be distinguished by their service indicator.
Normally, the ISDN controller is directly attached to an NTBA, but it is a
good idea to connect another S0 bus to the PBX. If you use Euro-ISDN on
your PBX, the MSN is normally the extension (direct call number).
For 1TR6, you have an EAZ (German: "Endgeraete Auswahl Ziffer" = end
user selection number). Otherwise, they are treated the same. The EAZ is a
single number. Just select one in the range of 1 to 7. Don't forget the 0!
153
6. Connecting to the World-and Then What?
6.2.4 Configuring ISDN Hardware with YaST
The driver itself is provided by a loadable kernel module. You don't need to
reboot your system. Standard ISDN controllers are supported by the HiSax
driver.
Some controllers, such as ICN and AVM-B1, as well as P'n'P cards, may not
yet be configurable with YaST. They require special treatment. Please look
at the settings for ISDN controllers later in this section.
Here are the individual steps:
1. Log in as user `root'.
2. Launch YaST.
3. Now select `System administration', `Integrate hard-
ware into system' and `Configure ISDN hardware'. The
menu structure is shown in Figure 6.1.
Figure 6.1: Menu structure for ISDN configuration in YaST
4. Next, enter the following parameters:
* Start I4L
ISDN is only launched at boot if this field is active. Thus you can
control with this whether an ISDN connection should automatically be
started at boot up.
* ISDN protocol
Here, you may choose either the old (national) German ISDN (1TR6)
or the default Euro-ISDN (EDSS1). Keep in mind that connections via
a PBX often still use 1TR6.
* ISDN controller type
Select the supported ISDN controller. Please look at /usr/doc/
packages/i4l/README.SuSE concerning P'n'P controllers.
154
6.2. ISDN Configuration
* Controller ID
You should leave this untouched to Tel0.
* Interrupt
Memory base address
IO port
ISAC
HSCX
Depending on the card in use, some additional settings may be re-
quired. Only the parameters available for the device are enabled. The
others are disabled.
* ISDN options
This should be left empty!
Pressing F1 will give you additional help. The configuration dialog is
shown in figure 6.2.
Figure 6.2: Menu for ISDN configuration with YaST
5. Now, confirm by pressing `Start'.
This is a test: the module will be loaded and a message in the window
will tell you whether the card has been set up correctly.
If OK: Confirm by pressing `Save'.
Your settings will now be written to /etc/rc.config. They will
remain current until you change them. After being tested, the driver
remains loaded.
If it fails: Check and change the parameters.
Don't forget to look at /var/log/messages. (You did remember
to open it, didn't you?).
Possible problems may be:
155
6. Connecting to the World-and Then What?
* On some boards the IRQs 12 or 15 cannot be used.
* The given address or IRQ is already in use. Remove (for testing
purposes) all controllers that are not immediately needed for testing
(e. g., sound and network cards).
* The module has already been loaded. To remove it, change to an-
other console and enter:
earth: # rmmod hisax
* The card you use is a P'n'P device. See /usr/doc/packages/
i4l/README.SuSE for more information.
* Your card is not supported by HiSax (e. g., ICN, AVM-B1). See
/usr/doc/packages/i4l/README.SuSE.
6. Exit YaST.
7. Configure isdnlog.
You should configure isdnlog before launching the modules. Its task is
to supervise all activities on the S0 bus system.
You must now adapt the following files to your requirements:
* /etc/isdn/isdn.conf:
The first parameter is to set the country where you will use your
isdn4linux. If this is Germany, you should set it as specified in
File contents 6.2.1.
# /etc/isdn/isdn.conf
[GLOBAL]
COUNTRYPREFIX = +
COUNTRYCODE = 49
AREAPREFIX = 0
File contents 6.2.1: /etc/isdn/isdn.conf
Here (in the GLOBAL section), you also need to enter your area
code AREACODE (the dialing prefix) without the leading zero. So
if your area code is, for example, 0911 you will need to enter:
AREACODE = 911.
In Germany, this is the only part that needs to be adapted. CHARGEMAX
= 20.00 lets you set the maximum amount of charges (in Deutsch
Marks) that you will accept per day. Please do not rely on this feature!
* /etc/isdn/callerid.conf:
Here, you may enter every known telephone number. You will see
their names instead of their MSNs in /var/log/messages when
you launch isdnrep.
See our example in File contents 6.2.2 on the next page. Your number
is 4711. The number of your ISP is 4712.
* /etc/isdn/isdnlog.isdnctrl0.options:
Here, you may enter options for isdnlog. This is normally not
necessary.
156
6.2. ISDN Configuration
# /etc/isdn/callerid.conf
[MSN]
NUMBER = 4711
SI = 1
ALIAS = myself
ZONE = 1
[MSN]
NUMBER = 4712
SI = 1
ALIAS = ISP
ZONE = 1
File contents 6.2.2: /etc/isdn/callerid.conf
8. Now enter the commands:
earth: # init 1
earth: # init 2
thus restarting all network services. You could also activate ISDN with
YaST or just reboot, if you prefer.
6.2.5 Setting up an ISDN Internet Connection
ISDN-Configuration for Your Internet Provider
Selecting a Protocol
This ISDN host offers three different modes:
* terminal login using X.75
* rawip-HDLC
* syncPPP
Of course, you may test any of these protocols, but it is recommended that
you test the protocol offered by your ISP.
Requirements
* The ISDN hardware configuration functions.
* The ISDN driver has been loaded.
* You have your MSN/EAZ at hand.
* You know which protocol your ISP uses (syncPPP, rawip).
* You have the phone number of the ISP.
* You have your user name and password available.
* You know the Domain Name Server (DNS) of your provider.
These are the steps:
157
6. Connecting to the World-and Then What?
Figure 6.3: Network configuration with YaST
1. Start YaST and change to `System administration', `Net-
work configuration', `Network base configuration'.
See Figure 6.3 for a screen shot.
2. Choose a number not already in use, e. g., 4.
3. Now select the device `ISDN SyncPPP' by pressing F5
.
4. Press F6 (`IP address') and enter:
* IP address of your host: 192.168.0.99
* IP address of the Point-to-Point partner: 192.168.0.1
5. Leave this window by pressing `Continue'.
6. Pressing F4 activates the network device if you haven't done so already.
7. F8 (`ISDN') lets you enter some ISDN-specific options. This is shown
in Figure 6.4 on the next page.
Now enter the following:
* Your own telephone number (MSN): e.g. 123456
* Number to be called: 012345678
You may need to dial a leading "0" for some PBXs.
* Numbers that are allowed to call:
Only needed for dial-in servers (and we are currently dialing out).
* Only given numbers are allowed:
Set this to make sure nobody starts an unwanted connection to your
machine!
* Dialling Mode:
With auto connections are made automatically if you try and access
addresses which are normally only available via the ISDN interface.
158
6.2. ISDN Configuration
Figure 6.4: Setting ISDN network parameters with YaST
If manual is set it is necessary to make the connection by hand,
when required. With the off setting it is not possible to establish
connections via this ISDN interface.
* Idle time:
After a period of no use (idle time), the connection will be closed.
* Name of PPP login:
Enter the user name for your provider.
* Password of PPP login: Enter the password for your provider.
The password cannot be seen here, but is represented by asterisks. It
is stored in the file /etc/ppp/pap-secrets.
Press F1 to get additional help.
8. Confirm `Start'.
Now a network test is launched. You will get an error message if anything
goes wrong. There should not be any problems so far.
If OK: Please confirm with `Save'.
Now, your settings will be written to /etc/rc.config, and they
will remain active until you change them. The settings remain active
during and after the test.
If it fails: For some reason, the ISDN modules were not loaded. Look
for clues in /var/log/messages.
9. In YaST, go to the menu `Configuration nameserver' and an-
swer the question with Yes. Enter the IP number of your provider's
nameserver (DNS) here. If you don't know the IP number, you must ask
your provider. Or you can ask someone who is already using Linux in the
Internet to enter the following command in a terminal window (T-Online
is used here as an example):
159
6. Connecting to the World-and Then What?
whois t-online.de
You will then receive a message containing lines as shown in File con-
tents 6.2.3.
domain: t-online.de
descr: Deutsche Telekom AG, Telekom Online-Dienste
descr: Generaldirektion, GK361
descr: Postfach 2000
descr: D-53105 Bonn
descr: Germany
admin-c: KHS252-RIPE
tech-c: JS691-RIPE
zone-c: FS340-RIPE
nserver: dns00.btx.dtag.de
File contents 6.2.3: Output of whois t-online.de
In the line nserver: you can see the nameserver of your provider. Now
all you need is the IP address for the name. To obtain this, enter the
following command:
host dns00.btx.dtag.de
An answer is given, such as
dns00.btx.dtag.de has address 194.25.2.129
This, (194.25.2.129) would then be the IP address of the nameserver
for T-Online.
If the connection does not work:
* Check /var/log/messages for "strange looking" output.
* Try again using rawip access.
* Is the MSN/EAZ correctly set up?
* Do you need to dial a 0 first?
Further tips can be found in the Support Database. This is available at:
http://sdb.suse.de/sdb/en/html on our WWW server or via
the SuSE help system (start by entering susehelp, or from the menu),
assuming you have installed the package susehelp, series doc and the
package sdb en, series doc.
10. The connection has now probably worked. Then you should go back to
YaST, press the `Save' button and close YaST.
Dynamic IP Numbers with syncPPP
In the case of dynamic IP addresses the dummy addresses given for private
use are just used as place markers until the connection is established.
Additional Information
Further information on how to configure your ISDN subsystem for an ISDN
connection can be found from the following sources:
160
6.3. Cable Modems
* File /usr/doc/packages/i4l/README.SuSE
* Support-Database: http://sdb.suse.de/sdb/en/html
* In the package i4ldoc (e. g. the ISDN-FAQ in the file: /usr/doc/
packages/i4ldoc/i4l-faq)
* /usr/doc/packages/inetcfg (package inetcfg): e. g.: T-
Online via ISDN
6.2.6 ISDN Messages
A typical "error" message cause from HiSaX consists of two parts, the
location and the cause code. In the case of European ISDN this con-
sists of 5 characters, Exxyy, whereby xx stands for the source of the error
and yy for the cause of the message. HiSaX always creates this output in
hexadecimal form. Some mesages are not really errors, but represent nor-
mal behavior for a telephone connection ("engaged", "conenction ended by
hanging up").
There is a manpage specifically for these messages, providing a complete list
of errors: see manpage for isdn cause (man isdn cause).
6.3 Cable Modems
In some European countries, as well as USA and Canada, Internet access
via the TV cable network is very common. Here is a step by step guide on
how to get into the Internet with the Austrian Telekabel service. It ought to
transferable to other cable providers.
6.3.1 The Basics
The Telekabel participant receives a "modem" from the cable company which
on one side is connected to the television cable, and on the other side, to a
network card in the computer, by means of a 10Base-T cable (twisted-pair).
This modem then represents a fixed line for the computer, usually with a fixed
IP address.
Procedure for Installation
1. In case you already have a network card installed, carry on at item 8.
2. As user `root', start the program YaST ¡ if you are in KDE: press Alt
+ F2
, then enter xterm. Start YaST in the new window.
3. Go to `System administration', `Integrate hardware
into system', `configure networking device'.
4. For `Network type', enter eth0.
5. For `Networking device type', select your card.
6. For `Module options', enter parameters such as IO port, etc.; on
kernel parameters, see chapter 14 page 325. Attention, if you have a PCI
card, you usually do not need to give any parameters.
7. Press `Continue'. Return to the YaST main menu (by pressing the
Esc key twice).
161
6. Connecting to the World-and Then What?
8. Go to `System administration', `Network configura-
tion', `Network base configuration'.
9. You will now be in the window `Selection of Network'.
10. Press F5
, to set up the Ethernet device (if it is not yet entered there
under `device name', e. g.eth0).
11. Press F3 and choose `DHCP'.
12. Press F4 to activate this device.
13. With F10 the configuration is saved.
14. Leave YaST by pressing the Esc key a few times.
15. You can now activate your network access by entering rcdhclient start.
Then you can test the access, for example with ping www.suse.de.
This guide is for versions from SuSE 6.4, if you are still using version
SuSE 6.3, however, one extra step must be performed. With YaST, set the
rc.config variable to yes (see section 3.6.11 page 101 on how to do
this). Then the network is made available each time you boot, without you
having to enter a command specifically.
An alternative to this method ¡ if your IP address, network mask and gateway
are known, and are static ¡ is to set up a fixed network configuration (see
section 5.1 page 136). Find out from your cable operator if your IP address
is a permanent one. The advantage of a fixed configuration: If there is a fault
with cable access when booting, the boot process will continue normally, and
as soon as the net problem has been remedied, you can immediately reach the
Internet.
6.4 T-DSL, T-ISDN-DSL, ADSL. . .
Internet access using Digital Suscriber Line technologies (including T-ISDN-
DSL, ADSL...etc.) under Linux is in development, although we can't give
any direct support on these.
In our Support database you'll find an article covering this issue, including
information on the newest developments. Read this article under http:
//sdb.suse.de/sdb/de/html/hoe_adsl_pppoe.html.
6.5 Connecting a Modem
Connecting a modem to your machine is very straightforward; the modem is
connected to your machine via a serial cable. In YaST, you specify which
interface to use (see section 17.6Initializing Local Hardware (keyboard, mo-
dem, mouse,PCMCIA, etc.)section*.261, page 402). A link from the modem
device is created to /dev/modem, thus letting you access your modem, no
matter to which port it is connected.
There are so-called "WinModems" available commercially. These cur-
rently do not run under Linux. Please also take a look at
http://www.suse.de/sdb/en/html/cep_winmodem.html
The usual terminal programs are minicom and seyon (but there are others as
well).
162
6.6. Connecting to the Internet: PPP with wvdial
minicom
Minicom is a simple-to-use terminal program which resembles the DOS pro-
gram Telix. This is not an introduction to minicom but a short overview of
how to configure it.
All users who want to use minicom have to be entered in the file /etc/
minicom.users, which contains a list of which users can access which
modem, and with what kind of permissions.
Minicom is configured as follows (only as user `root'):
earth:/ # minicom -s
The settings are self-explanatory.
The key combination Ctrl + L does not work in xterm or rxvt, but does
function in kvt and in the text console.
6.6 Connecting to the Internet: PPP with wvdial
The program wvdial is a very powerful tool used to make analogue PPP
connections to Internet Service Providers, or ISP. Since these ISP's often
use different settings in their PPP protocols, it can be very tiresome to find the
correct options. wvdial now sorts this out by means of intelligent algorithms.
In the past, it was always necessary in Linux to specify the nameserver (DNS
¡ Domain Name System) of the ISP when making the Internet connection.
This is no longer necessary with wvdial; it automatically recognizes the
nameserver of the provider, provided that this information is made available.
6.6.1 Configuration of wvdial
You can configure wvdial comfortably from YaST. You will find the
menu under `System Administration', `Network configu-
ration', `Configure a PPP network'. The menu is shown in
figure 6.5.
Proceed as follows:
* Make sure that you have already installed your modem in YaST; ei-
ther this was done in the course of the initial installation, or you can
do it now (as described in section 3.6.1Integrating Hardware into the
Systemsubsection.3.6.1, page 89).
* Select the menu item `Configure the current Profile'.
* Enter the telephone number, user identification and password.
* Select the automatic nameserver configuration. If this doesn't work, you
must specify the nameserver in YaST in the old way (cf. section 3.6.3Net-
work Configurationsubsection.3.6.3, page 95).
* Select your dialling mode. This is normally tone dialling.
* If you are connected to a PBX (private branch exchange), you should se-
lect the item `Modem on PBX (no dialtone)'; then no dialling
tone is expected.
163
6. Connecting to the World-and Then What?
Figure 6.5: Wvdial Configuration
* For the dialling-in mode, normally `PPP-direct-PAP/CHAP'
should be chosen.
* Close the sub-menu.
* After configuring the provider, you should go to modem recognition.
Simply select the menu item `start modem recognition'.
* If this functions, then select the item `Run WvDial'. You will then see
a window in which various messages appear.
* When you see the message that the PPP process has been started, you can
start using the Internet.
* To check if the connection has really been made, you need to open a
further terminal window (in KDE: Alt + F2 and then enter xterm). In
the terminal window, enter:
earth: # su
and then the `root' password. Then you should enter:
earth: # tail -f /var/log/messages
Now you can view any system messages which may appear. As soon
as you see lines with "Local IP:" and "Remote IP:" ¡ each fol-
lowed by an IP number ¡ you can be quite sure that the connection to the
Internet is running.
* End Internet access with Ctrl + c .
* If all this works, you can start Internet access from the command line by
simply entering wvdial, and stopping it with Ctrl + c
. If you want to
be able to do this as a normal user as well, (i. e. not as `root'), then you
must enter the appropriate user with YaST in the groups `uucp' and
`dialout' (cf. section 3.6.8Group Administrationsubsection.3.6.8,
page 100).
164
6.6. Connecting to the Internet: PPP with wvdial
* You can change your configuration later on without YaST, using the pro-
gram wvdial.lxdialog, or in graphical form, with wvdial.tcl. These can
only be run as `root'.
Documentation on wvdial can be found in the directory /usr/doc/
packages/wvdial.
wvdial for Normal Users, and Security
If you want normal users apart from `root' to be able make PPP connec-
tions with wvdial, then you must, using YaST, enter the relevant user in the
groups `uucp' and `dialout'; see Section 3.6.8 page 100.
These users then also have access to the file /etc/wvdial.conf, which
normally contains the login and password for Internet access. To increase
security you can move the password to a protected file:
1. Change to the directory /etc/ppp and as user `root', create the file
wvpw with the file permissions 600:
earth: # cd /etc/ppp
earth:/etc/ppp # touch wvpw
earth:/etc/ppp # chmod 600 wvpw
2. Open the file wvpw with an editor and enter only the password there, then
save the file.
3. Check to see if the permissions for the file wvpw are correct;
earth:/etc/ppp # ls -l wvpw
should give you confirmation of this; see Output 6.6.1.
-rw------- 1 root root 7 Jan 18 17:20 wvpw
Screen output 6.6.1: Ausgabe von ls -l wvpw
4. Repeat the configuration as described in Section 6.6.1 page 163; as your
password, however, enter @/etc/ppp/wvpw (that's right, with the "at"
symbol in front). This informs wvdial that the password should be taken
from this file.
Modem Always Beeps Loudly
If your modem loudspeaker is too loud during connection, you can edit the
file /etc/wvdial.conf and insert the line
Init3 = ATM0
This command switches your modem loudspeaker off.
165
6. Connecting to the World-and Then What?
6.6.2 Using Different Providers with wvdial
wvdial can look after any number of parameter sets. To do this, you can
additional sections in the file /etc/wvdial.conf, next to the section
Dialer Default. When starting wvdial with the name of such an extra
section, first the parameters from the "default" are read. All parameters which
are mentioned again in the additional section overwrite the previous values.
Here is a small example for T-Online and the Call-by-Call-Provider, Arcor
(file contents 6.6.1Using Different Providers with wvdialsubsection.6.6.2,
page 166). In this the YaST configuration is created. The file is extended
manually with the lines in file contents 6.6.2Using Different Providers with
wvdialsubsection.6.6.2, page 166.
[Dialer Defaults]
Modem = /dev/ttyS0
Init1 = ATZ
Init2 = ATQ0 V1 E1 S0=0 &C1 &D2 S11=55 +FCLASS=0
Init3 = ATM0
Compuserve = 0
Tonline = 1
Dial Command = ATX3DT
Baud = 115200
Auto DNS = 1
Stupid Mode = 0
New PPPD = 1
Phone =0,0191011
Username = ????????
Password = ???????
File contents 6.6.1: /etc/wvdial.conf: Standard section
[Dialer arcor]
Phone = 010700192070
Username = arcor
Password = internet
File contents 6.6.2: /etc/wvdial.conf: Additional section
If wvdial is called up without parameters, a connection is made to T-Online.
If you enter wvdial arcor a connection is made to Arcor. You should
also have a look at the manpage for wvdial (man wvdial).
6.6.3 ISDN Terminal Adapter
These devices allow an ISDN connection. In contrast to normal ISDN
apadters, the computer and adapter are connected via a serial cable. Although
the adapters basically simulate an analog modem, these adapters have special
features; e.g.
* they need special commands to allow a point-to-point connection and
* by default, they issue expanded CONNECT messages.
166
6.6. Connecting to the Internet: PPP with wvdial
For this reason the modem configuration must be adjusted:
1. Do not use the automatic modem detection, which would otherwise
be performed via YaST, in the menu item `System administra-
tion' / `Network configuration' / `Configure a PPP
network' / `Autodetect Modem'.
2. Specify your modem interface in YaST in the menu `System admin-
istration' / `Integrate hardware into system' / `Mo-
dem configuration'.
3. Log in as `root'.
4. Create the file /etc/wvdial.conf by hand; this file is normally gen-
erated automatically. The file should have the same contents as displayed
in file contents 6.6.3ISDN Terminal AdapterItem.166, page 167.
[Dialer Defaults]
Modem = /dev/modem
Baud = 115200
Init1 = <special entry1>
Init2 = <special entry2>
; Phone =
; Username =
; Password =
File contents 6.6.3: /etc/wvdial.conf: Terminal adapter
For <special entry1> and <special entry2> you must ¡ according to the
device ¡ enter the following values:
Vendor ELSA: ELSA MicroLink ISDN/TLpro and ISDN/TLV.34:
Init1 = AT&F\ N10%P1
Init2 = AT\ V0
Vendor ELSA: ELSA TanGo 1000 and ELSA TanGo 2000:
Init1 = AT&F$IBP=HDLCP
Init2 does not apply
Vendor Zyxel: all models:
Init1 = AT&FB40
Init2 = ATXO
Vendor Hagenuk: Speed/Viper Dragon:
Init1 = ATZ
Init2 = AT&FB8X0
Other Vendors: You can look up the "initstring" specified by the vendor
in the adapter documentation. Sometimes scripts for Unix or Linux are
also included, from which this string can be taken. Or you can take a
look at which initstring the adapter uses when it dials from a different
system, for example in MS-Windows.
167
6. Connecting to the World-and Then What?
All other configuration steps should be carried out as described in the hand-
book.
Note: an ISDN-TA (phone adapter) should not be confused with a PBX
device with an inbuilt ISDN card. Although these are connected via a serial
cable, they use a proprietary protocol via the serial port, which is why they
cannot be used in Linux. A CAPI driver which is included, must be installed
on the PC which is currently not available from the vendors for Linux. This
concerns the following devices:
* Eumex 404 PC
* Eumex 322 PCi
* AVM Fritz!XPCDr.
* Neuhaus Triccy Data LCR
6.6.4 Configuring PCI Modems
The IRQ and IO addresses of the serial ports are set by default in Linux to
the values which are used by ISA cards. Thes values are a semi-standard and
in many PCs, they ensure that no resource conflicts arise. Resources for PCI
cards, however, are assigned by the BIOS at boot time, and do not necesarily
match the traditional values, if the BIOS alone is left to decide.
You should therefore proceed as follows when configuring wvdial:
1. Ascertain the actual values which the BIOS has assigned to the serial port,
using the command scanpci -v. You need the interrupt (IRQ) and IO
addresses (IO port).
2. Integrate the modem, using YaST via the items `System adminis-
tration' / `Integrate hardware into system' / `Modem
configuration'.
When doing this make note of a possible serial mouse and other serial
ports; in case of doubt, select /dev/ttyS2, in order to avoid any con-
flicts with additionally inserted, standard interface cards.
3. The command setserial can be used to change the serial port. If the
modem, for example, occupies IRQ 5 and the IO address 0x220, but the
kernel expects interrupt 4 and port 0x02f8, you can remedy this with the
command
earth: # setserial /dev/ttyS2 irq 5 port 0x220
This command, however, now needs to be carried out every time the
ciomputer is started. To do this, you could make an entry in the file
/sbin/init.d/boot.local ¡ or as an alternative, you can adjust
the file /sbin/init.d/serial, in the start section:
run setserial /dev/ttyS2 irq 5 port 0x220
You can find more information on setserial in the manpage for setserial
(man setserial).
4. To test if the configuration of the port is correct, you can enter
wvdialconf /dev/null. Then all ttySx ports are checked, and
your modem should be detected.
168
6.6. Connecting to the Internet: PPP with wvdial
Hint: As an alternative to configuring with setserial, you can change the
IRQ settings in the BIOS. This is only possible if your BIOS allows this,
and the IO addresses do not have to be changed.
To do this, you have to know in which PCI slots your interface cards are
located. In the setup program of some BIOSes there is a submenu in
which the settings of the PCI ports are determined. Here you can assign
a specific interrupt (IRQ) to each slot. In most cases this will be IRQ 3
or IRQ 4. The next time the computer starts the actual IRQ is adjusted to
that which is set.
6.6.5 Manual PPP Configuration for Experts
If your Internet connection with wvdial does not work, for whatever reason,
you can configure PPP here manually. If you have the choice, however, we
still recommend wvdial.
Some sample configurations and scripts are located in package inetcfg,
as well as in package ppp nt.
Notes on T-Online
The T-Online user name consists of the "Anschlusskennung" (Connection ID)
followed by the telephone number of the T-Online access (DxJ number), fol-
lowed by the "Mitbenutzernummer" (User Number) (4 digits). If the tele-
phone number is shorter than 12 digits you need to add a # at the end. Aliases
apparently don't work. An example:
Name: 01234567890123456789012#0001
Password: the normal T-Online password
Here is a list of the T-Online servers taken from our Support Database. You
might need these servers for your browsers and other tools.
Nameserver: dns00.btx.dtag.de 194.25.2.129
SMTP server: mailto.btx.dtag.de send mails
POP server: pop.btx.dtag.de receive mails via "popclient"
NNTP server: news.btx.dtag.de News server
If necessary and/or possible you should enter the proxy sites as well:
FTP proxy: ftp-proxy.btx.dtag.de FTP proxy
HTTP proxy: www-proxy.btx.dtag.de WWW proxy
Wais proxy: wais-proxy.btx.dtag.de Wais proxy
Gopher proxy: gopher-proxy.btx.dtag.de Gopher proxy
Creating a Connection
There are two steps involved in creating a PPP link.
* First, the connection between both modems is established. This part is
performed by chat.
169
6. Connecting to the World-and Then What?
* When the connection is up and running, chat takes care of the login pro-
cedure with the server, and then passes control over to the PPP daemon.
The daemon then initializes the PPP protocol.
After installation of package inetcfg you will find the script ppp-up in
/usr/doc/packages/inetcfg. Now copy this script to /etc/ppp
and adapt it to your needs.
The script ppp-up then establishes the PPP connection:
#!/bin/sh
## /etc/ppp/ppp-up
## Establishing a PPP-connection
#
localip=0.0.0.0
remoteip=
device=/dev/modem
pppflags=``38400 modem debug defaultroute''
/usr/sbin/pppd lock connect
'/usr/sbin/chat -v -f /etc/ppp/ppp.chat'
$device $pppflags $localip:$remoteip
File contents 6.6.4: /etc/ppp/ppp-up
First, the IP-addresses of the client and server are set. If 0.0.0.0 is en-
tered for the client, and the server-address is empty, pppd obtains both these
addresses from the server. If the addresses are fixed, or a dynamic address-
allocation is not what you want, you have to enter the appropriate number
here instead.
Then the device to which the modem is connected is specified. The flags
tell pppd to operate the modem at a speed of 38400 bps and to write the
PPP connection into the kernel's routing table as the default route. pppd
has many more options and flags. A detailed description can be found in
the manpage for pppd (man 8 pppd) and the PPP Howto. Our example,
however, should work in most cases.
Then chat takes on the task of establishing the modem connection.
The script /etc/ppp/ppp.chat determines how this is done:
The ABORT lines determine for which answers of the modem the connec-
tion failed. With the line +++ATZ the modem is initialized. The line
ATDT<499113247122> dials the server. If the string CONNECT is re-
ceived by the modem, then the login process can begin. First the login name
and then the password is sent to the server. More information about chat can
be found in the manpage for chat (man 8 chat).
If both files are suitably configured and their attributes set properly, then all
you need to make the connection is to run the script ppp-up.
170
6.6. Connecting to the Internet: PPP with wvdial
TIMEOUT 30
ABORT ''NO CARRIER''
ABORT BUSY
ABORT ``NO DIALTONE''
ABORT ERROR
``'' +++ATZ
OK ATDT49911123456
CONNECT ``''
ogin:--ogin: <ppplogin>
word: <ppppassword>
File contents 6.6.5: /etc/ppp/ppp.chat
The connection is closed by stopping PPP daemon. This can be done, for
example, with the script /etc/ppp/ppp-down:
If you have installed ppp-up in /etc/ppp/ppp-up, as described in this
chapter, it will not be in your PATH; for this reason you must specify the
full path name:
earth:/root # /etc/ppp/ppp-up
You should set the attribute `x' of this file beforehand with:
earth:/root # chmod 755 /etc/ppp/ppp-up
The connection is closed by stopping the PPP daemon. This can be done, for
example, with the script /etc/ppp/ppp-down:
#!/bin/sh
## /etc/ppp/ppp-down
## Terminating PPP-connection
#
kill `cat /var/run/ppp0.pid`
File contents 6.6.6: /etc/ppp/ppp-down
Make sure you don't forget the ` character. This is known as a command
substitution, by means of which the output of cat /var/run/ppp0.pid
is passed to the kill program.
Customizing the chat Script
The script /etc/ppp/ppp.chat needs to be adjusted to your personal
details, of course. Besides login name and password the whole login sequence
might be different. In some rare cases it might be necessary to start the ppp
protocol on the other side (e. g. with ppp default). All this cannot be described
in general terms.
171
6. Connecting to the World-and Then What?
Unless special authentication processes, such as PAP or CHAP, are used, the
login sequence is similar to a normal terminal login, except that this is done
automatically by the script, rather than by hand.
For this reason you can proceed as follows:
* Read carefully the information from your service provider, and ask them
if there is a script already adapted to your needs. If this is the case we are
very interested in feedback, so that we can collect these scripts for our
distribution. The scripts we have collected so far can be viewed directly
in our Support DataBase:
http://sdb.suse.de/sdb/en/html
* Please have pencil and paper at hand!
* Take one of the terminal programs (e. g. minicom) and log in manually.
Please note exactly what is sent by your provider, in what order, and
what input is needed from your side. Most terminal programs (including
minicom) enable you to automatically protocol all your text on screen.
With minicom, this is achieved by Ctrl-A L
.
* Continue doing so until the remote station changes into ppp mode,
which normally happens when a message such as: "ppp-protocol
started" is seen.
* The existing connection is now killed, i. e., hung up (minicom: Ctrl-A
H
)
* End the terminal program (Minicom Ctrl-A X
).
* Using this protocol, you can now customize your chat script.
A few more explanations concerning chat:
First chat is initialized
TIMEOUT 30
ABORT "NO CARRIER"
ABORT BUSY
ABORT "NO DIALTONE"
ABORT ERROR
The TIMEOUT is dependent on the time needed for the connection to be
made, and in some cases has to be increased (e. g. to 60)
The ABORT commands define which replies from the modem will terminate
the script.
The next lines almost always resemble the following syntax:
The first parameter (up to the first "white-space") defines what message the
modem is to wait for. If this string is sent by the modem, the rest of the line
will be processed.
"" +++ATZ
Here no string is awaited, the modem is initialized immediately. This depends
on your modem type and on the profiles stored in it. Normally ATZ profile
0 (when it is switched on) is loaded. You might need to make some changes
172
6.7. Masquerading and Firewalls ¡ Friends and "Friends"
here. It is best to compare this string with terminal programs that are already
running (e. g. your existing DOS or Windows software).
If your modem does not do what you want it to, this could be due to a
misconfigured modem (here an ATZ command is no use). Entering AT&F
(in minicom, for example) resets the modem to its factory settings.
Now you can dial and start the login sequence, for example:
OK ATDTtelephonenumber
CONNECT ""
ogin:--ogin: account
word: accountpasswd
Obviously, you need to replace telephonenumber, account and
accountpasswd with your own values.
Be aware that here only word is looked for, because the remote station could
send Password, password or just word.
The line
ogin:--ogin:
ought to be flexible enough because it sends a return if the first string (ogin)
is not found, and then stands by waiting for ogin again.
Further information and examples can be found in manpage for chat
(man 8 chat).
Here you will find the encouraging comment:
" In actual practice, simple scripts are rare. "
The script should not contain any blank lines, blanks (white spaces) at the
beginning of a line, or comments!
Now test the connection with the command /etc/ppp/ppp-up. Any error
messages (from the chat script, for example) will not be shown on screen, but
in /var/log/messages. It is useful to have a second terminal running,
where you can enter the command tail -f /var/log/messages;
then you can immediately see if any important messages are displayed.
6.7 Masquerading and Firewalls ¡ Friends and "Friends"
Many users of SuSE Linux use their computers to dial in to the Internet or
a router for leased-line access. Often when doing this, private IP addresses
are used in the local network ¡ these can, therefore, not access the Internet
directly. To allow such an access for the internal network there is the possi-
bility of "masquerading". You should install the package firewals from
series sec for this. This package contains a script for masquerading and fire-
walls. Both are controlled by the configuration file /etc/rc.firewall.
It is sensible to set up a firewall at the same time, so that the system is better
protected against attacks from the outside. You really should read the docu-
mentation on this in /usr/doc/packages/firewals.
173
6. Connecting to the World-and Then What?
There is no guarantee that the procedures given here work and do no harm.
So if a hacker gets into your system, even though you did follow the rules,
do not blame the authors. We would highly appreciate it, instead, if you
would tell us the details of your experiences at feedback@suse.de!
6.7.1 The Basics of Masquerading
You need to have two different network devices for masquerading. At least
one of them is an Ethernet card, to which the inner (internal) network card is
connected. As a network address, this network should use a private address
reserved for this purpose, e.g. e. g.192.168.0.0 to 192.168.255.255.
In the configuration example we are assuming that the router (which we are
going to configure here) is set to the address 192.168.0.1 for the network
card pointing to the internal network. The computers of the internal network
then have IP addresses such as 192.168.0.2 or 192.168.0.3, etc.
The external network device is, for example, the ISDN card, which is used for
Internet access, or a leased-line connected to an Ethernet network card, which
is what we have assumed in our example. Its configuration is explained below.
6.7.2 The Basics of the Firewall
Strictly speaking this package does not contain a "firewall", but a "packet
filter". A packet filter firewall protects the network from unauthorized access
to IP addresses and ports which have not been explicitly enabled. If your
computer is a web server, however, and you make port 80 available for this
computer ¡ which you must do, in order for the web server to be accessible
from the outside ¡ then this computer will not be protected against attacks on
this port, of course. This packet filter firewall cannot, and is not intended to,
replace a firewall on the application level, such a firewall should be set up by
a professional. It is, however, reassuring for the security of your system to
use this firewall for home use.
6.7.3 Configurating Masquerading and/or the Firewall
Documentation on the SuSE firewall can be found in /usr/doc/packages/
firewall ¡ theoretical considerations are presented in chapter 18.1
page 413 pp.
The entire configuration is done in /etc/rc.firewall and is in English.
Here is a step by step guide on how to configure the firewall. Each item
specifies whether it is for masquerading or firewall. In the configuration file
there is also mention of a DMZ ("Demilitarized Zone"), which we won't go
into further at this point.
If you really only need masquerading, then just fill out those lines marked
with masquerading.
* FW START (Firewall, Masquerading): Set to yes for this script to be
started; this is how firewall and/or masquerading is enabled.
* FW DEV WORLD (Firewall, Masquerading): For exampleeth0. This is
the device which points out to the Internet. For ISDN this is, for example,
ippp0.
174
6.7. Masquerading and Firewalls ¡ Friends and "Friends"
* FW DEV INT (Firewall, Masquerading): The device which points to the
internal, "private" network. If no internal network is present ¡ e.g. the
firewall is protecting just this computer, leave this empty.
* FW ROUTE (Firewall, Masquerading): If you need masquerading, you
must enter yes here. For a firewall without masquerading, only if you
want to have access to the internal network. This only works if the internal
computers have officially assigned IP addresses. Normally you should
not allow access from outside to the internal machines. If you enter
yes here, because of masquerading, your internal computers are still
not visible from outside, because these have private network addresses
(e. g.192.168.x.x)and therefore cannot be routed in the Internet.
* FW MASQUERADE (Masquerading): If you need masquerading you must
enter yes here. Note that it is safer if the computers of the internal
network access the Internet via a proxy server.
* FW MASQ NETS (Masquerading): Enter the computers and/or networks
for which masquerading should be carried out. Separate individual entries
with a space. ¡ Example:
FW MASQ NETS="192.168.0.0/24 192.168.10.1"
* FW PROTECT FROM INTERNAL (Firewall): Enter yes here if you want
to protect the firewall computer from attacks from the internal network.
Then you must explicitly release the services which are to be made avail-
able to the internal network. See also FW SERVICES INTERNAL TCP
and FW SERVICES INTERNAL UDP.
* FW AUTOPROTECT GLOBAL SERVICES (Firewall): Normally you can
leave this set to yes.
* FW SERVICES EXTERNAL TCP (Firewall): Enter the services here
which are to be accessed; e. g."www smtp ftp domain 443" ¡
for the computer at home, which should not offer any services, you will
normally leave this empty.
* FW SERVICES EXTERNAL UDP (Firewall): If you are not operating a
name server which needs to be accessed from outside, leave this blank.
Otherwise you should add the necessary ports here.
* FW SERVICES INTERNAL TCP (Firewall): See details on the variables
FW SERVICES EXTERNAL TCP, but access is controlled from the in-
ternal network.
* FW SERVICES INTERNAL UDP (Firewall): See above.
* FW TRUSTED NETS (Firewall): Here you should enter the computers
which you can really trust ("Trusted Hosts"). Note that these computers
also need to be protected from intruders. Example: "172.20.0.0/16 172.20.1.1"
means that all computers whose IP addresses start with 172.20.x.x
and the computer with the IP address 172.20.1.1 are allowed through
the firewall.
* FW SERVICES TRUSTED TCP (Firewall): Here you can specify the
TCP port addresses which may be used by the "Trusted Hosts". Enter,
for example, 1:65535 if the trusted computers are allowed to access all
services. Normally it is sufficient if you enter ssh as the service.
175
6. Connecting to the World-and Then What?
* FW SERVICES TRUSTED UDP (Firewall): As above, but refers to UDP.
* FW ALLOW INCOMING HIGHPORTS TCP (Firewall): If you want to
have normal (active) FTP, then you should enter ftp-data here.
* FW ALLOW INCOMING HIGHPORTS UDP (Firewall): Enter dns in or-
der to be able to use the name servers specified in /etc/resolv.
conf. With yes you enable all high port numbers.
* FW SERVICE DNS (Firewall): If a name server is running which is to be
accessed from outside, enter yes here; at the same time port 3 must be
enabled in FW TCP SERVICES *.
* FW SERVICE DHCLIENT (Firewall): If you use dhclient to obtain your
IP address, then you must enter yes here.
* FW LOG *: Here you can determine what you want to protocol. For
normal operation, setting yes in FW LOG DENY CRIT is sufficient.
* FW STOP KEEP ROUTING STATE (Firewall): If you acess the Internet
automatically with diald or via ISDN (dial on demand), then emter yes
here.
That's it. Don't forget to test the firewall (e. g.with telnet from outside);
you should then see something like the following entries in /var/log/
messages:
Feb 7 01:54:14 www kernel: Packet log: input DENY eth0
PROTO=6 129.27.43.9:1427 195.58.178.210:23 L=60 S=0x00
I=36981 F=0x4000 T=59 SYN (#119)
6.8 Let's Write-Configuration of e-mail
If a connection to the outer world has been established, be it via PPP, UUCP,
or ISDN, it should be used to do something. A rather typical application
is electronic mail , or e-mail. This section describes the configuration of
sendmail.2
sendmail has to decide how to deliver incoming and outgoing electronic mail.
This might be either via a TCP/IP network using the SMTP protocol, or by
using another transport agent, such as UUCP.
sendmail's main configuration file is called /etc/sendmail.cf. If you
have a normal and simple configuration, you may set up the necessary param-
eters using YaST. YaST then creates a valid /etc/sendmail.cf for you.
All settings are written to /etc/rc.config and YaST will create the file
/etc/sendmail.cf for you, using the parameters given there.
As sendmail configuration is rather complex, SuSE provides two preconfig-
ured settings that should be sufficient in most cases.
If you plan to use sendmail within a TCP/IP network, make sure you have a
valid DNS server. Here, you need to set up one ("MX record" mail exchange
record) entry per name. The current settings may be checked with the host
command (in package bind):
2 There are alternatives to sendmail, two being smail and qmail. These are not covered in this
book.
176
6.8. Let's Write-Configuration of e-mail
earth: # host helios.cosmos.com
helios.cosmos.com address 192.168.0.1
helios.cosmos.com mail is handled (pri=10)
by helios.cosmos.com
helios.cosmos.com mail is handled (pri=100)
by mail-relay.cosmos.com
If there is no entry for mail, you should ask your system administrator for
help.
The following electronic mail variables may be set by YaST in /etc/rc.
config (see Section 17.6 page 400):
* SENDMAIL TYPE="yes"
This variable has to be set to yes if the sendmail configuration file is to
be created using the values in /etc/rc.config. If you want to create
a /etc/sendmail.cf yourself, answer no here.
* SENDMAIL LOCALHOST="localhost www.cosmos.com"
sendmail needs to know which electronic mail should be stored locally
and which needs to be delivered to another host. Only electronic mail
to the local host itself is saved locally by default. By entering a list in
SENDMAIL LOCALHOST, you can configure other names that should be
considered a local host.
Example: the name of the machine is helios.cosmos.com. It serves
as a WWW site for www.cosmos.com. To accept electronic mail that
is sent to www.cosmos.com, you need to enter the following line:
SENDMAIL LOCALHOST="localhost www.cosmos.com".
* FROM HEADER=cosmos.com
Normally, the local machine's name is used as the from header. This
may be set to a different name:
Example: The machine's name is earth.cosmos.com. You want to
send electronic mail as newbie@cosmos.com. This may be achieved
with the parameter:
FROM HEADER=cosmos.com.
* SENDMAIL SMARTHOST=mail-server.provider.de
sendmail asks for the DNS names of every mail that is not delivered
locally and tries to send the electronic mail via the SMTP protocol. This
host might be anywhere on the Internet and could have a rather slow
connection to the local host. Setting this parameter allows you to set
up an intermediate host that gets all your outgoing mail. Then this host
becomes responsible for delivering your electronic mail.
First example: This is for a dialup connection. Thus, you deliver all of
your electronic mail directly to your ISP:
SENDMAIL SMARTHOST=smtp:mail-server.provider.de.
Second example:
If you are connected via UUCP, you may send all electronic mail that is
not local to your UUCP server:
SENDMAIL SMARTHOST=uucp-dom:uucp.cosmos.com.
177
6. Connecting to the World-and Then What?
* SENDMAIL NOCANONIFY=no
sendmail tries to resolve each and every e-mail address from the mail
header and replaces each name with its "Fully Qualified Domain Name"
(FQDN). If there is no DNS server available (due to a dialup connection
perhaps) and you enter the name correctly, you may switch this off by
setting it to yes.
* SENDMAIL ARGS="-bd -q30m -om"
This is how sendmail will be invoked at bootup. -q30m tells sendmail
to check /var/spool/mqueue every 30 minutes if there is electronic
mail waiting. -bd starts sendmail in "daemon mode" this enables you to
accept electronic mail via the TCP/IP network. If you only have a dialup
connection, you may omit the -q30m and invoke sendmail directly with
sendmail -q. This might be done via a crontab entry once or twice a
day. In addition, you may enter sendmail -q into your scripts that establish
the connection to your ISP. This lets you exchange electronic mail every
time you connect to the net.
* SENDMAIL EXPENSIVE=no
Normally, sendmail tries to deliver the electronic mail immediately via
SMTP. If you are only temporarily connected, this might not be what you
need, as a connection will be established each time you write an electronic
mail. If you set this to yes the mail will be queued in /var/mqueue
and delivered as soon as you launch sendmail -q.
All locally delivered electronic mail is handled and saved to the local elec-
tronic mail folder /var/spool/mail/<name> by procmail. Please
have a look at the manpage for procmailrc (man procmailrc), the
manpage for procmail (man procmail) as well as the manpage for
procmailex (man procmailex) for a description of this extremely ver-
satile tool.
If you do not deliver remote electronic mail immediately, it is saved to the
queue directory /var/mqueue and delivered at the next run of sendmail.
You could also launch sendmail directly by entering sendmail -q.
There are further settings that can be made, for example in /etc/aliases
and some other files in /etc/mail/. There are commented examples in-
cluded in these files. Some files need to be translated to databases using the
makemap tool. This is invoked automatically if you start SuSEconfig or when
you leave YaST.
If you need a more complex configuration of sendmail, you should disable the
automatic setup of /etc/sendmail.cf by setting SENDMAIL TYPE=no.
Then you may use /etc/mail/linux.mc as a template for your config-
uration. linux.mc is written using m4 commands.
earth: # m4 /etc/mail/linux.mc > /etc/sendmail.cf
creates a valid sendmail configuration by using the macros in /usr/
share/sendmail .
Further documentation my be found in /etc/mail, /usr/share/
sendmail as well as /usr/doc/packages/sendmail. There is a
web site at http://www.sendmail.org/. If you need to set up even
178
6.9. News: Brand-New Messages from USENET
more complex configurations, you will also need the sendmail book from
O'Reilly.3 This describes sendmail in all its gory detail.
6.9 News: Brand-New Messages from USENET
One of the most important services provided by the Internet is the transport
and delivery of news sorted into different groups. This part of the Internet is
often referred to as the Usenet. Only through the existence this medium was
the development of Linux at all possible. And only by means of this highly
efficient form of communication, was and is it possible to rapidly develop and
remove program bugs4. Moreover USENET is an important support medium
for Linux users world wide.
A complete description of the news system with all its thousands of possibil-
ities (such as forwarding news to other machines) is far beyond the scope of
this book. Only a basic local system is described here.
Large systems should consider using the package inn, series n. Docu-
mentation on INN may be found in /usr/doc/packages/inn. You
should prefer INN to other news readers if you are working with UUCP.
There is no installation support for the INN configuration (see Sec-
tion H.1.2 page 493) But we are very willing to help you within the frame-
work of our pay service, Professional Services (see Section H.3 page 497).
6.9.1 The Leafnode News System
The package leafnode is a perfect news system for smaller networks
or standalone machines. It consists of several parts: the NNTP server
leafnode, the program leafnode (previously, fetch), to retrieve news
articles and the program texpire for deleting old articles. As add-ons
there are tools to maintain the huge amount of data which can gather in
/var/spool/news. Documentation on all the components can be found
in /usr/doc/packages/leafnode, as well as in the manpage for
leafnode (man 8 leafnode) and manpages.
Please follow the update instructions in Section 15.2.8 page 367.
Requirements for Leafnode
* You need to be capable of connecting to an external NNTP server, either
via modem (PPP), ISDN or another network connection (e. g. Ethernet).
This server feeds you with news. If in doubt, contact your ISP to get more
information on the NNTP server.
* The package leafnode, series n needs to be installed.
* Plenty of free space in /var/spool/news . . .
* Next you will need to follow the steps listed for configuring leafnode.
3 See [CAR93].
4 although much of this functionality has meanwhile been overtaken by "mailing lists"
179
6. Connecting to the World-and Then What?
Local NNTP Server
First, make sure that leafnode runs as a local NNTP server.
1. In the file /etc/rc.config set the variable <NNTPSERVER> to
the value localhost. You could enter your real hostname here (e. g.
earth), of course. This is absolutely essential in a network environ-
ment. Setting the variable <NNTPSERVER> is best done with YaST
(see Section 3.6.11 page 101), as YaST automatically launches SuSecon-
fig.
2. Next you will need to adapt /etc/leafnode/config with an
editor. Here you need to enter the name of your ISP's NNTP server (at
server =).
3. Make sure that leafnode is launched by inetd. Uncomment the nntp
entry in /etc/inetd.conf (see File contents 6.9.1).
4. Restart the inetd. You may use rcinetd restart.
nntp stream tcp nowait news /usr/sbin/tcpd
/usr/sbin/leafnode
File contents 6.9.1: inetd entry for leafnode
Now everything is set up so that you can contact your news server for the very
first time.
telnet localhost 119 lets you check whether leafnode reacts. If
so, typing quit will bring you back to the command line.
Initialize and Maintain the News System
Now you can initialize the system. Start a connection to your ISP (via mo-
dem or ISDN). At the first connect fetchnews will get a list of the available
news groups from the news server. They are saved to /var/spool/news/
interesting.groups. If you want more extensive information, launch
fetchnews with the -vvv option:
earth: # fetchnews -vvv
Articles are not yet available at this point. Anyway you will need to launch
an NNTP news reader and view the (still empty) groups (see Section 6.9.1 on
the facing page). leafnode recognizes this and, with the next invocation of
fetchnews, the group should be filled with articles.
If you don't want to enter fetchnews manually every time you go online,
you could add it to your /etc/ppp/ip-up script.
Maintaining the News System
leafnode has been designed to more or less maintain itself. This means that
groups that have not been read for a certain time are no longer collected by
fetchnews.
180
6.10. Faxing with Linux
0 22 * * * root test -x /usr/sbin/texpire && /usr/sbin/texpire
File contents 6.9.2: Expire entry for leafnode in /etc/crontab
The only thing one really has to do is make sure that old articles are deleted.
This is done with texpire. A suitable entry in /etc/crontab has already
been entered; just remove the leading `#', as shown in File contents 6.9.2.
Explanations on configuration possibilities of /etc/leafnode/config
may be found in the manpage for leafnode (man leafnode).
Reading the News
There are several tools for reading news, such as nn, tin or pine. Even
Netscape or Emacs may be used. It is basically a personal decision as to
which news reader you prefer. Most of the news readers may be set up so they
can access a news server as well as the local spool directory. Preconfigured
packages may be found in the series n of SuSE Linux.
If you want to use tin to connect to the leafnode NNTP server (see Sec-
tion 6.9.1 page 179), you should invoke rtin.
6.10 Faxing with Linux
There are two choices if you plan to use your Linux machine for faxing:
* Use mgetty with sendfax.
* Install the HylaFAX fax server. Here you have the SuSEFax frontend,
designed in Java.
Since SuSE Linux version 5.0, the package mgetty has been separated
into two packages: package mgetty and package sendfax, as some
commands of package hylafax and package sendfax are identical.
The next two sections describe how to set up and configure hylafax and
SuSEFax on SuSE Linux.
6.10.1 SuSEFax-a HylaFAX Fax Client
As already mentioned, SuSEFax has been designed in Java. This, in particu-
lar, means that you need to install the Java Developers Kit along with package
susefax. If you want to use SuSEFax on another platform, you should in-
stall package susefax and copy everything from /usr/lib/SuSEFax
to the destination directory on the other platform.
The Startup Wrapper
SuSEFAX is launched via a small script called a "wrapper". It, in turn, sets all
the necessary parameters, checks for settings and invokes the Java interpreter.
This script is located in /usr/X11/bin/susefax. It is possible to set up
the SuSEFAX system independently of the wrapper.
181
6. Connecting to the World-and Then What?
System Properties
In Table 6.1 all the SuSEFAX system properties needed to be set up are
listed: their meanings and default values. If you launch the interpreter with-
out any additional options, these settings are used. There is normally only
one parameter that needs to be set. This is susefax.images. If you
run the program on an operating system with multiuser capabilities, (e. g.,
Linux), this is not needed. In particular, this means that each user will be
assigned a home directory on UNIX systems and Windows NT (but not on
OS/2). If this is not possible on your system, you should set the values for
susefax.setup.path, susefax.setup.file, as well as suse-
fax.phonebook.file as SuSEFAX might not work otherwise.
Property Default value Meaning
susefax.setup.path $HOME Directory where the config-
uration files and the tele-
phone database should re-
side
susefax.setup.file .susefaxrc Name of the configuration
file
susefax.phonebook.file .susephone Name of the telephone num-
ber database
susefax.images ./images Directory where all neces-
sary images are stored
Table 6.1: The System Properties of SuSEFax
If you want to change some of these parameters, just remove the comments
in front of the variable names (see File contents 6.10.1).
# if you want to store the settings other than
# $HOME/.susefaxrc, then you may place another path and/or
# filename here
SETUPDIR= # -Dsusefax.setup.path=/where/ever/you/want
SETUPFILE= # -Dsusefax.setup.file=/what/ever/you/want
# even the phone book can be renamed to whatever
PHONEBOOK= # -Dsusefax.phonebook.file=asyoulikeit
File contents 6.10.1: Section of the wrapper script:
/usr/X11/bin/susefax
Handling-Instructions for Use
This is the main application window after the `Send queue' has been acti-
vated and `Fetch state' has been invoked. `Fetch state' tells you
about jobs that are still queued, that is, faxes that were sent within the last few
182
6.10. Faxing with Linux
Figure 6.6: Send queue
minutes. If you activate the `Receive queue' button, all faxes that were
received within the last few days will be listed. You may set up the automatic
display by clicking on `Update information', then enter an interval
in the box below and confirm by pressing
. There is a jobs list that tells
you what actions are performed on a double click. This depends on which
button (`Receive queue' or `Send queue') has been activated. In
`Send queue', you may define what should happen if you double-click
on the mouse-either you get information on the job, or it is deleted. In
`Extras', you may select the language (English or German).
Setting Up
Before you can get any feedback from the server or launch any processes, you
must configure the application. This is done via `Main Settings' in the
`Program' menu. All settings will be saved. If you exit the program, all
settings will be saved as well.
183
6. Connecting to the World-and Then What?
Figure 6.7: Dialog for global settings
Global Settings
The settings and their meanings:
Username: For the name of the user. This is needed when creating fax
covers.
E-mail: All messages from the fax server are sent to this electronic mail
address, for example, if a fax has been removed without having been sent.
User account: The fax server can distinguish between different users. You
may allow or deny access. This is why you need to enter the account name
known to the server. You may even assign a password to specific users.
Hostname of the fax server: This is the name of the host where your fax
server runs.
Automatic faxing: If this button is activated, the fax server checks the file
named in `Spool file' every couple of seconds. If it has changed,
you will get a `Send fax' automatically. This comes in handy if you
print to a file from another application. Thus each application is capable
of sending faxes, provided it is capable of converting them to Postscript
(see Section 6.10.3 page 190).
Spool file: Here, you need to set up the complete path to the spool file if you
want to make use of the "automatic fax sending" feature. Clicking on
`Search' offers a file browser where you may set up this file.
Fax cover: For automatic generation of a fax cover, a special PostScript file
is needed. You need to enter the complete path here.
Time zone: This should be the same as what you set up on the fax host.
184
6.10. Faxing with Linux
Country: Date and time settings are dependent on this entry, for example,
for your fax cover.
Job Settings
Figure 6.8: Dialog for job parameters
After the global settings have been made, you are ready to send your first fax.
A fax, or a file, is converted to a "job" which waits to be sent (perhaps along
with some other jobs). Each job has some job parameters. These may be set
prior to or after the job has been queued. Prior to sending the job, this may
be done in `Job settings', accessible via `Extras'. This is a short
overview:
Notification Scheme: Here you can set when the fax server should send a
notification to a user whose electronic mail address was previously spec-
ified. Four different schemes are available:
* Never (only errors): If an error occurs, a message is sent to the user
that the sending of a job failed.
* After sending: The user is informed after successfully sending each
fax.
185
6. Connecting to the World-and Then What?
* After a Re-queue: The user is sent a message if a fax fails, for exam-
ple, because the remote machine is busy.
* After Re-queue and Sending This is a combination of the last two
schemes.
In general, the first scheme applies, even if you select another scheme.
Resolution: Here you can enter the resolution of the fax to be sent. It is given
in lines per inch (lpi).
Priority: Priority of a job in the queue. The default value is set to 127. This
is updated if a job fails (due, for example, to a busy line).
Maximum tries to send: Here you can determine how many times the
server should try to send a fax once a connection has been established.
Maximum tries to dial: Here you can specify how many times the server
should try to connect to a remote machine (for example, if the line is
busy).
Paper format: There are currently three supported formats: A4, A3 and
Letter. This depends on the format of the PostScript document to be sent.
If you have activated `Modify job parameters' in the main window,
a dialog window will appear when you double click. Here you may set
the same parameters as above: `Notification scheme', `Maximum
tries to send' as well as `Maximum tries to dial'.
External Viewer
If the job list shows any received faxes, you may view the faxes using an
external viewer. The fax itself uses the tiffg3 format. Your viewer should
thus be capable of displaying this format. The format enables you to combine
multiple images within one file. There is a small script that comes with
SuSEFax that creates a PostScript file. It uses fax2ps from TIFFSoftware
by Sam Leffler [Lef96b] (package tiff). This is handed to a PostScript
viewer. The tool then looks for gv by Johannes Plass (package gv). If this
is not found, it uses GhostView by Timothy O. Theisen (package gs x11).
This tool is called docview and may be found in /usr/lib/SuSEFax.
These are the options for the external viewer.
Path to temporary files: Here, SuSEFax stores the tiffg3 from the server
and replaces the $F with the image's complete pathname.
If a user wants to run SuSEFax he needs to have read and write permissions
in this directory!
Invoking the viewer: Here, you need to enter the full pathname to the pro-
gram that should display the file. It has to accept the file's name as a
parameter.
Sending a Fax
After configuring SuSEFax and HylaFAX, you should make sure that you are
able to fetch the status settings of the fax server (see page 182). Otherwise
186
6.10. Faxing with Linux
you will not be able to send a fax-check the configuration of SuSEFax and
HylaFAX for errors. If everything was set up correctly, you should see a
dialog when clicking on `Fax send'. The following items can be selected:
Telephone number of the remote host: The telephone number of the re-
mote machine. You may select an item from the telephone book if you
click on `From telephone book' (you will need to enter the num-
bers first, of course).
Document to be sent: Here the full pathname to the document you'd like to
send must be given. If you select `Search', you may select a file in the
browser.
Use fax cover: This may only be activated if you have set up a fax cover file
in the global settings. A fax cover will then be generated and sent.
Do not send immediately: If this is activated, a dialog window pops up
where you can enter the time for the fax to be sent. If you leave this
dialog by clicking `Cancel', the fax will be sent immediately, just as if
you had clicked on `Send fax'.
For time and date settings:
* When you have made a selection, confirm this by pressing
. Now
the program checks whether this is a valid date. If not, it is converted
to a valid date.
Name of sender: Here, the name that has been set in global settings is used.
Name of recipient:
Regarding:
To company:
Comment:
Selecting `Poll fax' assumes that you have set up a telephone number
for the fax polling server. You will need to supply the name of the file to be
sent.
Importance of the Job List
As mentioned above, you may switch between the contents of the send queue
and the contents of the receive queue. This is a short summary of the process:
Reception Queue
Figure 6.9: Example of a reception queue
From left to right: the permissions, the size (in bytes), number of pages, the
TSI and the name of the fax received. The TSI (Transmission Subscriber
Identification) is an identification format the user has set up on his machine.
This must not be a telephone number. It could, however, be a company name.
187
6. Connecting to the World-and Then What?
Incoming faxes may only be viewed by double-clicking on them if the
fax server has been set up for all users to read them. In order for
this to work, you need to set the value 0644 in RecvFileMode:
in /var/spool/fax/etc/config.device (see Section 6.10.4
page 192).
Send Queue
Figure 6.10: Example of a send queue
From left to right: the job ID, the priority of the job, the user account, the
target telephone number, the time and/or number of tries and the maximum
number of rings. If an error occurs, you will see the corresponding error
message. The job ID is assigned automatically by the fax server. You may set
a priority as a user, but the server may adjust this setting. The user account
tells you which user has launched the job. The user is the only one who can
delete the job or change its parameters.
The Telephone Book
Figure 6.11: The telephone book
The telephone book (see Figure 6.11) is for administering and maintaining
your personal phone numbers. You may list and sort them according to name,
surname, fax number and company. Double clicking an entry will launch the
editor. You may now select another item and its entries will be presented.
`Accept entry' adds the item to your list providing you filled out the
following entries: `Surname', `Name' and `Telephone number'.
If you have activated the `View entry' mode, double clicking on `Send
fax' will invoke the `Send fax dialogue', using the entries `Sur-
188
6.10. Faxing with Linux
name', `Name', `Telephone number', `Company' and `Com-
ment' as defaults for the cover page (see page 186).
The cover will only be sent if you have activated the item `Use fax
cover'. If you have launched a process that disables the selection bar (e. g.,
by `Sort'), you may reactivate it afterwards by selecting an entry.
A new entry is added as soon as you click `Add'. `Remove' deletes the
currently selected entry. The list is only sorted if you explicitly activate the
`Sort' button. The button `Save changes' and `Save & Exit'
both make your phone book changes permanent. To cancel your changes,
press the `Cancel' button.
The telephone book may be used as a standalone application. For this the
wrapper susephone is available. Just enter susephone in a shell. No
faxes can now be sent, however.
It is not advisable to start the telephone book program twice with the same
user account. If you do it by mistake, make sure you don't save in both
programs.
The Faxed Form Letter
The form fax dialog enables you to generate a serial fax list from the tele-
phone list. To add or remove an item, it must be highlighted first. You may se-
lect either with the mouse or with one of the toggle buttons. If ` Toggle'
is activated, all selected entries will be marked as disabled, and vice-versa.
The same applies to the list. `Send faxes' causes all faxes in the list to
be sent. You cannot create a fax cover for serial faxes.
6.10.2 Automatic Generation of the Fax Cover
As mentioned above, you will need a PostScript template to automatically
generate fax covers. This, in itself, is not a PostScript file, but a template
that includes certain place-markers that are inserted automatically during the
creation of the cover. Creation of a template may be time-consuming. If you
are familiar with LATEX, you may use the package latex-cover .5 This
contains an easy-to-use TEX style for creating covers with TEX. The cover
used for this package and for the package hylafax has been created with
this versatile tool.
If you don't want to use this, you will have to create a "normal" PostScript
file and insert the entries by hand.
Which Keywords Does SuSEFax Know?
If you want to modify the TEX document, be aware that SuSEFax can only
replace the following macros:
5 It is installed in /usr/doc/packages/hylafax with package hylafax.
189
6. Connecting to the World-and Then What?
\toperson
\from
\regarding
\tocompany
\todaysdate
\comments
If you want to test the template you have made, you may use the faxcover
tool which is included in package hylafax. This will create a PostScript
file from the template. You can then print or view it. You could also use the
Java binary FaxCovergen.class. from the package susefax. Just enter the
following:
newbie@earth:/home/newbie > java -classpath
/usr/lib/java/lib/classes.zip:/usr/lib SuSE-
Fax.FaxCovergen
You should now see:
Command: FaxCovergen sourcecover.ps docname.ps targetcover.ps
The source cover is your template. docname.ps is the document that will
be sent. It will be saved in targetcover.ps. Now you may view either
of them.
6.10.3 Fax Spooling on UNIX/Linux
The spooling mechanism of SuSEFax was originally designed for use with
Windows. You may use it on Linux as well. For this to work, you will need
to install the package faxprint, series n (network support).
If you convert /etc/passwd to a PostScript file by entering the com-
mand a2ps -nP /etc/passwd | lpr -Pfax, there should be a file
in /tmp called fax accountname.ps. accountname is just your login. If
this file exists, you may enter it as a spool file, as described in Section 6.10.1
page 184, and activate the `Automatic fax' button.
The spooling mechanism only works if SuSEFax is running. If this is the
case, it regularly checks the time stamp Lastmodified of the spool file
and opens it if it has been changed.
6.10.4 HylaFAX ¡ Distributed Faxes
Function
Installation and configuration of HylaFAX is not covered by our installation
support (see Section H.1.2 page 493).
How the fax server works:
Figure 6.12 on the facing page illustrates how the fax server interacts with the
client. As you can see, there are three different ways to communicate with
190
6.10. Faxing with Linux
the server. The protocol that is used on port 4557 is still used, for reasons of
compatibility with older versions of HylaFAX. WinFlex by Peter Bentley, for
example, runs on Windows and still uses this protocol. New clients should
use the new protocol on port 4559. This protocol is based on the File Transfer
Protocol, RFC959. The third available protocol is SNPP (Simple Network
Paging Protocol, RFC1861).
Fax Modem
HylaFAX (TM)
Fax Server
The Three Net Protocols
4557
Old Protocol
(Compatibility)
TCP/IP
4559
New Protocol
Similar to the FTP
Protocol)
Clients
SNPP
Simple Network Pager
Protocol
Figure 6.12: How HylaFAX servers function
The server itself consists of three different daemons. Each of them is respon-
sible for a specific task:
hfaxd This is the protocol server. It is responsible for the communication
between the client and the server. It may be launched standalone, e. g.,
via the init process or via inetd. It shares a "FIFO file" with the faxq
process itself.
faxq This is the so called "Queueing Agent". It is responsible for maintain-
ing incoming and outgoing faxes, as well as the job queue. This process
runs all the time. You must ensure that only one of these is running.
faxgetty This tool is responsible for communication between the server and
the modem. As an alternative to faxgetty, you may use the faxmodem
tool if you want to send, but not receive, faxes. Alternatively, you might
control it by means of a FIFO file.6
6 FIFO = First In First Out.
191
6. Connecting to the World-and Then What?
Directory Structure
The server runs in change root mode (see man chroot). By default, the Server-
Root directory is /var/spool/fax. All processes and the Server-Root
directory itself belong to `uucp'. a list of all directories that may be found
in Server-Root is given in Table 6.2, together with a short description.
archiveJobs are archived here if job archival support is activated.
bin All the scripts used by: faxq, faxsend, pagesend and
faxgetty.
client For the FIFO files that communicate with faxq.
config Configuration, permissions and user accounts.
dev Since the whole system runs in chroot, here you will find all
the character devices needed (null, socksys and tcp).
docq This, as well as tmp, is used for pre-checking jobs.
doneq Jobs that were done, but neither archived nor deleted.
etc See manpage for config (man config).
info This is for general information on hosts that are already known
to HylaFAX.
log Here, you will find the logs of both sender and receiver.
pollq This is for documents obtained by polling the server.
recvq Incoming faxes.
sendq Outgoing faxes.
status Status information on the server itself.
tmp See manpage for docq (man docq).
Table 6.2: The HylaFAX Server-Root directories and their function
In addition, there are various FIFO files: the file /var/spool/fax/FIFO
itself as well as one /var/spool/fax/FIFO.devname per modem,
which is maintained by faxgetty. devname stands for the device to which
the modem is connected.
Configuration
The configuration itself is split up between from 2 to 2+n configuration files.
Here, `n' stands for the number of modems used. In /var/spool/fax/
etc, you will find the files config and config.device. The latter
configures the modem attached to device. So if there is a modem connected
to /dev/ttyS0, the name would be config.ttyS0.
General settings are entered in config. These are needed by the sched-
uler process faxq itself. Modem-specific setup settings may be found in
config.device. Settings for the queueing service may be found in
config. The files for the protocol server are in /usr/lib/fax/hfaxd.
conf. These configuration files are created automatically if you invoke
faxsetup after installation.
192
6.10. Faxing with Linux
Example Configuration
Here, you see an example session with faxsetup. We will use the data
mentioned in Table 6.3.
Below, the bold letters are user entries.
Telephone number (0)49(0)911-123456
Modem Fax-Class 2.0
Table 6.3: HylaFAX configuration example data
Configuration of the Scheduler
* Should an entry be added to /etc/inetd.conf [no]?
* Country code [1]? 49
* Area code []? 911
* Long distance dialing prefix [1]? 0
* International dialing prefix [011]? 00
* Dial string rules file (relative to
/var/spool/fax) ["etc/dialrules"]?
* Tracing during normal server operation [1]? 527
* Default tracing during send and receive
sessions [0xffffffff]? 527
* Continuation cover page (relative to
/var/spool/fax) []? etc/cover.templ
* Timeout when converting PostScript
documents (secs) [180]?
* Maximum number of concurrent jobs to a destination [1]?
* Define a class of modems []? "any"
* Time of day restrictions for outbound jobs ["Any"]?
* Pathname of destination controls file (relative to
/var/spool/fax) []?
* Timeout before purging a stale UUCP
lock file (secs) [30]?
* Max number of pages to permit in an
outbound job [0xffffffff]? 30
* Syslog facility name for ServerTracing
messages [daemon]?
After the data has been entered, you will be presented with a summary of
what you have just entered, as shown in Output 6.10.1 on the next page.
193
6. Connecting to the World-and Then What?
The non-default scheduler parameters are:
CountryCode: 49
AreaCode: 911
LongDistancePrefix: 0
InternationalPrefix: 00
ServerTracing: 527
ContCoverPage: etc/cover.templ
MaxSendPages: 30
ModemClass: "any"
SessionTracing: 527
Screen output 6.10.1: Summary of HylaFAX scheduler configuration exam-
ple
Configuration of the Server
After the scheduler has been configured, faxsetup requests whether you
want to set up your modem using faxaddmodem. You should answer
yes to this. Now, the serial line has to be entered without entering the full
pathname-just modem if it is /dev/modem.
* Country code [49]?
* Area code [911]?
* Phone number of fax modem [+1.999.555.1212]?
+49.911.3206728
* Local identification string (for TSI/CIG)
["NothingSetup"]? "SuSE GmbH"
* Long distance dialing prefix [0]?
* International dialing prefix [00]?
* Dial string rules file (relative to
/var/spool/fax) ["etc/dialrules"]?
* Tracing during normal server operation [1]? 527
* Tracing during send and receive sessions [11]?
527
* Protection mode for received facsimile [0600]?
0644
* Protection mode for session logs [0600]?
* Protection mode for modem [0600]? 0666
* Rings to wait before answering [1]?
* Modem speaker volume [off]?
* Command line arguments to getty program ["-h %l dx_%s"]?
"-r -b -s %s %l"
* Pathname of TSI access control list file
(relative to /var/spool/fax) [""]?
* Pathname of Caller-ID access control list
file (relative to /var/spool/fax) [""]?
194
6.10. Faxing with Linux
* Tag line font file (relative to
/var/spool/fax) [etc/lutRS18.pcf]?
* Tag line format string
["From %%l|%c|Page %%p of %%t"]?
* Time before purging a stale UUCP lock
file (secs) [30]?
* Hold UUCP lockfile during inbound data
calls [Yes]?
* Hold UUCP lockfile during inbound voice calls [Yes]?
* Percent good lines to accept during copy
quality checking [95]?
* Max consecutive bad lines to accept during
copy quality checking [5]?
* Max number of pages to accept in a received
facsimile [25]?
* Syslog facility name for ServerTracing
messages [daemon]?
* Set UID to 0 to manipulate CLOCAL [""]?
The summary given in Output 6.10.2 is created according to the settings
entered above.
The non-default server configuration parameters are:
CountryCode: 49
AreaCode: 911
FAXNumber: +49.911.3206728
LongDistancePrefix: 0
InternationalPrefix: 00
DialStringRules: "etc/dialrules"
ServerTracing: 527
SessionTracing: 527
RecvFileMode: 0644
DeviceMode: 0666
RingsBeforeAnswer: 1
SpeakerVolume: off
GettyArgs: "-r -b -s %s %l"
LocalIdentifier: "SuSE GmbH"
TagLineFont: etc/lutRS18.pcf
TagLineFormat: "From %%l|%c|Page %%p of %%t"
MaxRecvPages: 25
Screen output 6.10.2: An example of HylaFAX server configuration
This completes the configuration of the scheduler and server.
Now you can choose whether you want to start faxmodem for each of the
configured modems. This is an alternative to faxgetty, which is send-only.
You may choose either solution.
195
6. Connecting to the World-and Then What?
Adaptive Answer Support
A handy feature of the fax server (faxgetty) is the so-called "Adaptive Answer
Support", which enables the server to launch any getty depending on the type
of incoming call. This could also be a data call. For this to work. make sure
the entry in File contents 6.10.2 is configured (see Section 6.10.4 page 192).
GettyArgs: "-r -b -s %s %l"
File contents 6.10.2: Entry for Adaptive Answer Support
Here, %s is a substitute for the DTE/DCE between machine and modem. This
is set to 38400 bps (bits per second) by default. Some modems manufactured
by USRobotics cannot support this rate (see [Lef96a]) and generate transceiv-
ing errors. This may be avoided by decreasing the baud rate (<ModemRate>)
to 19200 in the appropriate modem configuration file. The default getty is
mgetty (package mgetty, series n (network support)). For this to work, you
need to modify the mgetty configuration file (/etc/mgetty+sendfax/
mgetty.config) using the entries given in File contents 6.10.3.
port modem
direct y
toggle-dtr n
File contents 6.10.3: Entry in mgetty configuration file
The keyword modem7 is your modem's device name. Make sure that faxgetty
as well as mgetty use the same device.
Fax Dispatching
Fax dispatching is the redirection of incoming faxes to a given electronic
mail address. You will need to create the file etc/FaxDispatch in the
Server-Root directory. File contents 6.10.4 shows an example configuration:
case "$SENDER" in
*0815*) SENDTO=newbie;;
*) SENDTO=FaxMaster;;
esac
File contents 6.10.4: An example of etc/FaxDispatch
Incoming faxes are identified by their TSI. In our example, every fax with
0815 in its TSI will be automatically forwarded to the user `newbie' via
electronic mail (as a PostScript attachment).8 Furthermore, each incoming
fax is redirected to `FaxMaster'.
If you have any problems configuring HylaFAX, please look at our Support
DataBase, package susehilf, series doc (Documentation). Enter the
keyword "fax" and you will find lots of useful information.
7 If it is /dev/modem, then it refers to a link to /dev/ttySx.
8 You may change the file format by modifying bin/faxrcvd.
196
