SYSTEM WARNING: 'date_default_timezone_get(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone.' in '/usr/share/mantis/www/core.php' line 264

0000781: make ppp chat and peer template customizeable by make template overrideable and/or produced files sticky - MantisBT
MantisBT - Endian Firewall
View Issue Details
0000781Endian FirewallOther Scriptspublic2008-05-10 20:452010-09-21 09:16
Fish 
 
normalfeaturealways
newopen 
2.2-beta4 
future 
0000781: make ppp chat and peer template customizeable by make template overrideable and/or produced files sticky
Hello, I though it worth mentioning that I have a T-Mobile GC89 GPRS modem installed in a desktop, attached via a SIIG PCI-to-PC Card Pro (PCMCIA adapter). I also have installed EFW 2.2-beta-4 in a VMware on the same machine with the T-Mobile GC89 GPRS card. I have been able to make the GPRS card dial on the EFW VMware host by sharing serial port 1 (ttyS1) and manually configuring the following configurations I got somewhere off the internet;

###############

Filename /etc/ppp/peers/tmobile;

/dev/ttyS1 # use whatever your system assigns it to
57600 # I'd love to be able to bump this up somehow

defaultroute # use this interface for the default route
usepeerdns # use their DNS
updetach # keep pppd in the foreground until attached
crtscts # hardware flow control
lock # lock the serial port
noauth # don't expect authentication from the modem
local # don't use CD or DTR
debug # blah blah blah to STDERR

persist # keep re-connecting when dropped

# this section's not necessary at all, but here it is anyway.
remotename ''
user 'tmobile'
password ''
show-password

lcp-echo-interval 0 # don't bother with echo requests, since
                    # t-mobile doesn't effing bother sending them back!

lcp-restart 1 # one-second resend

connect '/usr/sbin/chat -v -V -t3 -f /etc/ppp/chat-gc89'
disconnect '/usr/sbin/chat -v -V -t3 -f /etc/ppp/chat-gc89-disconnect'

##################

Filename /etc/ppp/chat-gc89;

SAY 'trying to connect...\n'
SAY '\n'

ABORT 'NO DIAL TONE' ABORT 'NO ANSWER' ABORT DELAYED

SAY 'Initializing modem\n'

"" AT+cfun=1
OK AT+cfun=1
OK AT+cgreg=1
OK AT

"" AT+CSQ

SAY '\n'
SAY 'Setting APN\n'

# this context string came straight from t-mobile tier 3 tech support.
# The APN (internet2.voicestream.com) may be internet3 if your account is set
# up for public IP addresses. Mine isn't, so here we are.
OK AT+CGDCONT=1,"IP","internet2.voicestream.com"

SAY '\n'
SAY 'Dialing...\n'

OK ATDT*99***1#
CONNECT " "

################

**Note, in the chat script, the pound symbol needs to be after the 1 in the expect line (second from the bottom), but will get erased when in a template (Yes I tried re-writing the templates for chat at the peers).

** Also note that the ppp peer template seems to have a chat line which gets added to the generated peer which reads "connect '/usr/sbin/chat -f /etc/ppp/chat-uplink1'" but should read "connect '/usr/sbin/chat -v -V -t3 -f /etc/ppp/chat-uplink1'"

If I do a `pppd call tmobile` these configuration files work flawlessly.

I have noticed when I add an uplink in the web interface using a standard analog modem configuration, entering 56700 baud, tmobile as the user and *99***1# as the dial string... the chat script fails. So I manually copied my working configurations over the existing "uplink1" ppp peer and chat scripts, however it appears right before the dialer is invoked the configuration files are over written, and even when I change the file permissions to remove write ability for even the root user, the files are still over written.

If there is anyway to allow the user to manually change the files after configuring an uplink... or better yet manually define your own templates for GPRS dialing that would allow me to use a GPRS card with the firewall.. and while it's a pretty low speed card, this could also apply to other networks which are 3G/UMTS which could actually supply enough bandwidth for a small office.

-Kevin
No tags attached.
Issue History
2008-05-10 20:45FishNew Issue
2008-07-01 15:39cgirdaNote Added: 0001395
2008-07-01 17:22peter-endianNote Added: 0001401
2008-07-01 18:17FishNote Added: 0001403
2008-07-01 18:43cgirdaNote Added: 0001404
2008-07-02 14:22cgirdaNote Added: 0001406
2008-07-07 18:30cgirdaNote Added: 0001419
2010-09-21 09:16peter-endianSeverityminor => feature
2010-09-21 09:16peter-endianTarget Version => future
2010-09-21 09:16peter-endianSummarypppd-analog config constantly over written (cannot make manual edits to use TMobile GC89 GPRS). => make ppp chat and peer template customizeable by make template overrideable and/or produced files sticky

Notes
(0001395)
cgirda   
2008-07-01 15:39   
Kevin,
           I was trying to use AT&T "Sony Ericsson" GSM card. I can't even
see the card. Infact I wasn't able to see a CF card in CF slot.
          To begin with, did you happen to load the modules "pcmcia, sierra, usbserial..etc" from any third party source or did I miss something during the installation ?
         btw..I am using 2.2-beta4 & 2.2-RC1 on 2 different PCs which has a CF card PCMCIA slots, its does the same on both.

Thank you
(0001401)
peter-endian   
2008-07-01 17:22   
the umts/hdspa/gprs support should work without changes in the templates. it's working in italy, austria and now also in the us.

the files will be overwritten by the template engine. endian firewall is engineered this way. you have settings and config templates and before using a service the config file will be generated (and overwritten) by the template engine using the template and the settings data.

the template is in /etc/ppp/chat.tmpl

it's slightly different to yours. if you manage it to tell me which configuration part is necessary to change for you to have it work we can include it as an option.
(0001403)
Fish   
2008-07-01 18:17   
to cgirda: I did not do anything special during the install and am able to see my T-Mobile GC89 without doing anything special on both 2.2-beta4 and now on 2.2-RC1. The only difference between our setups might be that I am running mine inside a VMware host.

to peter: The problem as far as I can tell is the chat line which gets added to the generated peer which reads "connect '/usr/sbin/chat -f /etc/ppp/chat-uplink1'" but should read "connect '/usr/sbin/chat -v -V -t3 -f /etc/ppp/chat-uplink1'". For some reason one of the options "-v -V -t3" seems to make a difference to my T-Mobile GC89 card. If I dial manually it works fine.

I'll poke around a bit more and see if I can narrow down the options a bit more.
(0001404)
cgirda   
2008-07-01 18:43   
When I insert the GSM card. In the dmesg I see the line
 pccard: PCMCIA card inserted into slot 0

I don't see any /proc entry changes like /proc/tty/driver/serial
I don't see any difference in modules loaded before and after.

Totally the OS is missing the pcmcia basic service itself.
(0001406)
cgirda   
2008-07-02 14:22   
Thank you Fish, Peter & Kevin,
          I got the card working, I think its something to do with my installation. I am not sure what it is, but re-installation with the card in worked . I am upto the point where Mr Kevin is. Which is my custom ppp/peer configuration files are working but if I do it through uplink my manual configuration is getting overwritten by the defaults.

Kevin, Did you by any chance had a solution for your issue ? if so can you share the secret please.
(0001419)
cgirda   
2008-07-07 18:30   
Fish, Did you happen to find any solution to retain your customization ?