[T106][ZXW-22]7520V3SCV2.01.01.02P42U09_VEC_V0.8_AP_VEC origin source commit
Change-Id: Ic6e05d89ecd62fc34f82b23dcf306c93764aec4b
diff --git a/ap/app/pppd/scripts/README b/ap/app/pppd/scripts/README
new file mode 100644
index 0000000..00e032c
--- /dev/null
+++ b/ap/app/pppd/scripts/README
@@ -0,0 +1,143 @@
+This directory contains a set of scripts which have been used on Linux
+as well as Solaris 2.x systems to initiate or maintain a connection
+with PPP. The files in this directory were contributed by Al Longyear
+(longyear@netcom.com) and Adi Masputra (adi.masputra@sun.com)
+
+------------------------------------------------------------------------
+
+1. README
+
+This file. You are reading it. It is just documentation.
+
+------------------------------------------------------------------------
+
+2. ppp-on
+
+This script will initiate a connection to the PPP system. It will run
+the chat program with the connection script as a parameter. This is a
+possible security hole. However, it is simple. It is meant to replace
+the previous version of ppp-on which was not very functional.
+
+The ppp-on script has entries for the account name, password, IP
+addresses, and telephone numbers. The parameters are passed to the
+pppd process and, then in turn, to the second part of the connect
+script, as a set of environment variables.
+
+Please make sure that you put the full path name to the ppp-on-dialer
+script in the reference to it in ppp-on.
+
+------------------------------------------------------------------------
+
+3. ppp-on-dialer
+
+This is the second part to the simple calling script, ppp-on. It
+executes the chat program to connect the user with a standard UNIX
+style getty/login connection sequence.
+
+------------------------------------------------------------------------
+
+4. callback
+
+This script may be used in lieu of the ppp-on-dialer to permit the
+common modem callback sequence. You may need to make changes to the
+expected prompt string for the modem.
+
+The script works by disabling the system's detection of the DCD
+condition and working on the modem status message "NO CARRIER" which
+is generated when the modem disconnects.
+
+It is crude. It does work for my modem connection. Use as you see fit.
+
+------------------------------------------------------------------------
+
+5. redialer
+
+The redialer script is a replacement for the ppp-on-dialer script. It
+will do 'attack dialing' or 'demon dialing' of one or more telephone
+numbers. The first number which responds will be used for a
+connection.
+
+There is a limit of ten attempts and a 15 second delay between dialing
+attempts. Both values are set in the script.
+
+------------------------------------------------------------------------
+
+6. ppp-off
+
+This is a script which will terminate the active ppp connection. Use
+as either "ppp-off" to terminate ppp0, or "ppp-off <device>" to
+terminate the connection on <device>. For example, "ppp-off ppp2" will
+terminate the ppp2 connection.
+
+------------------------------------------------------------------------
+
+7. secure-card
+
+This script was written by Jim Isaacson <jcisaac@crl.com>. It is a script
+for the 'expect' programming language used with Tcl. You need to have
+expect and Tcl installed before this script may be used.
+
+This script will operate with a device marketed under the name "SecureCARD".
+This little device is mated with its controller. On the credit card size
+device, there is a sequence number which changes on a random basis. In order
+for you to connect you need to enter a fixed portion of your account name
+and the number which is displayed on this card device. The number must match
+the value at the controller in order for the account name to be used.
+
+The problem is that chat uses fixed response strings. In addition, the
+timing for running the script may prevent the use of a script that reads the
+value before it starts the dial sequence. What was needed was a script which
+asked the user at the user's console at the time that it is needed.
+
+This led to the use of expect.
+
+------------------------------------------------------------------------
+
+8. ppp-on-rsh
+
+This script will initiate a PPP connection to a remote machine using rsh.
+This is implemented by creating a master/slave pseudo-tty with the slave
+pointing to rsh, specifically with the 'pty' and 'notty' options of pppd.
+It is assumed that the remote machine contains some sort of trust
+mechanisms (such as ~/.rhosts, et al) to allow the local machine to
+connect via rsh as root.
+
+------------------------------------------------------------------------
+
+9. ppp-on-ssh
+
+This script will initiate a PPP connection to a remote machine using the
+secure shell, or ssh. I've only tested this on ssh 1.x, so those of you
+who are running ssh 2.x mahy need to modify the ssh options slightly.
+This is implemented by creating a master/slave pseudo-ttyt with the slave
+pointing to ssh, specifically with the 'pty' and 'notty' options of pppd.
+It is assumed that the remote machine can accept the ssh connection from
+the local host, in the sense that all ssh authentication mechanisms have
+been properly configured, so that a remote root user can open a ssh
+connection.
+
+------------------------------------------------------------------------
+
+10. options-rsh-loc & options-rsh-rem
+
+These options files accompany the ppp-on-rsh script mentioned above. In
+theory, you'd want to copy the options-rsh-rem to the remote machine where
+in.rshd is running. The only extra option required on the remote machine
+options file is the 'notty' option. In addition, all ASCII control characters
+[0x00 to 0x1f], plus 0xff, are escaped. This may need to be modified
+depending on the rsh (or pseudo-tty) implementation which may differ across
+platforms, for further optimizations.
+
+------------------------------------------------------------------------
+
+11. options-ssh-loc & options-ssh-rem
+
+These options files accompany the ppp-on-ssh script mentioned above. I've
+only tested this on ssh 1.x, so those of you who are running ssh 2.x need
+to modify the ssh options slightly. In theory, you'd want to copy the
+options-ssh-rem to the remote machine where sshd daemon is running. The only
+extra options required on the remote machine options file is the 'notty'
+option. In addition, all ASCII control characters [0x00 to 0x1f], plus 0xff,
+are escaped. This may need to be modified depending on the ssh (or
+pseudo-tty) implementation which may differ across platforms, for further
+optimizations.
diff --git a/ap/app/pppd/scripts/autopppd b/ap/app/pppd/scripts/autopppd
new file mode 100644
index 0000000..0730ef6
--- /dev/null
+++ b/ap/app/pppd/scripts/autopppd
@@ -0,0 +1,160 @@
+#!/usr/bin/perl -w
+
+# Auto dial script by Brian May <bam@snoopy.apana.org.au>
+
+use Proc::Daemon;
+use strict;
+use Sys::Syslog qw(:DEFAULT setlogsock); # default set, plus setlogsock
+use Proc::WaitStat qw(:DEFAULT waitstat);
+
+
+Proc::Daemon::Init;
+open(PIDFILE,">/var/run/autopppd.pid");
+print(PIDFILE "$$");
+close(PIDFILE);
+
+sub toseconds($) {
+ my ($hours,$minutes,$seconds) = split(/:/,shift);
+ return ($hours*60+$minutes)*60+$seconds;
+}
+
+sub dseconds($) {
+ my ($total) = @_;
+
+ my $seconds = $total % 60; $total = ($total - $seconds)/60;
+ my $minutes = $total % 60; $total = ($total - $minutes)/60;
+ my $hours = $total % 24; $total = ($total - $hours)/24;
+ my $days = $total;
+ if ($days > 0) {
+ return(sprintf("%d-%02d:%02d:%02d",$days,$hours,$minutes,$seconds));
+ } else {
+ return(sprintf("%02d:%02d:%02d",$hours,$minutes,$seconds));
+ }
+}
+
+my $program="autopppd";
+
+setlogsock('unix');
+openlog($program, 'cons,pid', 'daemon');
+
+my $pppd_start_time;
+my $pppd_end_time;
+my $pppd_run_time;
+my $pppd_fail;
+my $delay=0;
+my $idelay=0;
+
+my @delays = (
+ toseconds("00:01:00"), # 1 minute
+ toseconds("00:07:00"), # 8 minutes
+ toseconds("00:07:00"), # 15 minutes
+ toseconds("00:15:00"), # 30 minutes
+ toseconds("00:30:00"), # 1 hour
+ toseconds("01:00:00"), # 2 hours
+ toseconds("01:00:00"), # 3 hours
+ toseconds("03:00:00"), # 6 hours
+ toseconds("06:00:00"), # 12 hours
+ toseconds("12:00:00"), # 24 hours
+ toseconds("24:00:00") # 48 hours
+ );
+
+# action == 0 => immediate retry (!FIXME! needs to have some delay)
+# action == 1 => delayed retry
+# action == 2 => abort
+
+my $code = {
+ 0 => { message=>"pppd detached", action=> 2 },
+ 1 => { message=>"fatal error", action=> 2 },
+ 2 => { message=>"options error", action=> 2 },
+ 3 => { message=>"not setuid-root error", action=> 2 },
+ 4 => { message=>"no kernel support for PPP", action=> 2 },
+ 5 => { message=>"SIGINT or SIGTERM or SIGHUP", action=> 1 },
+ 6 => { message=>"Serial port locked", action=> 1 }, # should be 0
+ 7 => { message=>"Serial port open error", action=> 1 },
+ 8 => { message=>"Connect failed", action=> 1 },
+ 9 => { message=>"Could not execute pty command", action=> 1 },
+ 10 => { message=>"PPP negotiation failed", action=> 1 },
+ 11 => { message=>"Peer failed to authenticate", action=> 1 },
+ 12 => { message=>"Link was idle", action=> 1 },
+ 13 => { message=>"Time limit exceeded", action=> 1 },
+ 14 => { message=>"call back not implemented", action=> 2 },
+ 15 => { message=>"peer not responding", action=> 1 },
+ 16 => { message=>"modem hang up", action=> 1 },
+ 17 => { message=>"Serial loopback detected", action=> 1 },
+ 18 => { message=>"Init script failed", action=> 1 },
+ 19 => { message=>"We failed to authenticate", action=> 1 },
+};
+
+while (1)
+{
+ $pppd_start_time=time;
+ syslog('info', 'restarting pppd');
+
+ # logging sometimes stopped working after ppp was running for
+ # some time. lets see if closing and reopening the log file helps...
+ closelog();
+
+ # run ppp
+ my $rc=system("pppd","-detach",@ARGV);
+
+ # reopon log file
+ openlog($program, 'cons,pid', 'daemon');
+
+ # calculate run time
+ $pppd_end_time=time;
+ $pppd_run_time=$pppd_end_time-$pppd_start_time;
+
+ my $pppd_code = ($? >> 8);
+ my $pppd_signal = $? & 127;
+ my $pppd_coredump = $? & 128;
+
+ $pppd_fail = 1;
+ if ($pppd_signal != 0) {
+ if ($pppd_coredump)
+ { syslog('err',"pppd died with signal $pppd_signal, coredump"); }
+ else
+ { syslog('err',"pppd died with signal $pppd_signal"); }
+ }
+ elsif ($pppd_coredump) {
+ syslog('err',"pppd died with coredump");
+ }
+ elsif (defined($code->{$pppd_code}) && $code->{$pppd_code}{"action"} == 0) {
+ syslog('err', "pppd returned: ".$code->{$pppd_code}{"message"}." ($pppd_code), immediate retry");
+ $pppd_fail = 0;
+ }
+ elsif (defined($code->{$pppd_code}) && $code->{$pppd_code}{"action"} == 1) {
+ syslog('err', "pppd returned: ".$code->{$pppd_code}{"message"}." ($pppd_code), delayed retry");
+ $pppd_fail = 1;
+ }
+ elsif (defined($code->{$pppd_code}) && $code->{$pppd_code}{"action"} >= 2) {
+ syslog('err', "pppd returned: ".$code->{$pppd_code}{"message"}." ($pppd_code), aborting");
+ exit(255);
+ }
+ elsif (defined($code->{$pppd_code}) && $code->{$pppd_code}{"action"} >= 2) {
+ syslog('err', "pppd returned: unknown error ($pppd_code), delayed retry");
+ $pppd_fail = 1;
+ }
+ # if it hasn't ran for at least an hour, then somthing went wrong
+ elsif ($pppd_run_time < toseconds("01:00:00")) {
+ syslog('err',"pppd session didn't last 1 hour, delayed retry");
+ $pppd_fail = 1;
+ }
+ else { $pppd_fail = 0; }
+
+ # if not failed, then reset delay.
+ if (!$pppd_fail) { $idelay = 0; }
+
+ # get next delay.
+ $delay = $delays[$idelay];
+
+ # log statistics.
+ syslog('info',"rc=".waitstat($rc)." runtime=".dseconds($pppd_run_time)." delay[$idelay]=".dseconds($delay)."");
+
+ # delay for desired time.
+ sleep($delay);
+
+ # increment delay for next time.
+ if (defined($delays[$idelay+1])) { $idelay++; }
+}
+
+closelog();
diff --git a/ap/app/pppd/scripts/callback b/ap/app/pppd/scripts/callback
new file mode 100644
index 0000000..1c3d3aa
--- /dev/null
+++ b/ap/app/pppd/scripts/callback
@@ -0,0 +1,77 @@
+#!/bin/sh
+###################################################################
+#
+# Script to dial the remote system, negotiate the connection, and send
+# it the id. Then wait for the modem to disconnect. Reset the modem
+# to answer mode and wait for the system to call back.
+#
+# The telephone number and modempass are used when establishing the
+# connection to the modem.
+#
+PHONE=555-1212
+MODEMPASS=modem_identifier
+#
+# Once the modem calls back, the account name and password are used for
+# a UNIX style login operation.
+#
+ACCOUNT=my_account_name
+PASSWORD=my_password
+
+###################################################################
+#
+# Step 1. Dial the modem and negotiate the initial dialog.
+# note: the modem is configured to ignore loss of DCD at this point.
+# it is important that this be performed because the loss of DCD
+# will normally prevent system from working since 'modem' is used
+# for pppd.
+#
+# The script is terminated normally when the carrier is lost.
+#
+chat -v \
+ TIMEOUT 3 \
+ ABORT '\nBUSY\r' \
+ ABORT '\nNO ANSWER\r' \
+ ABORT '\nRINGING\r\n\r\nRINGING\r' \
+ '' AT \
+ 'OK-+++\c-OK' 'AT&C0&D2S0=0H0' \
+ TIMEOUT 30 \
+ OK ATDT$TELEPHONE \
+ CONNECT '' \
+ assword: $MODEMPASS \
+ "\nNO CARRIER\r"
+
+if [ "$?" = "0" ]; then
+
+###################################################################
+#
+# Step 2. Wait for the call back from the remote. This will wait for at most
+# 30 seconds for the call back should the first attempt fail or
+# something happen with the callback logic at the remote.
+#
+# note: when the callback occurs, the DCD setting is re-enabled.
+#
+# If some voice call should happen during this period, the system will
+# answer the telephone and then hang up on them. I realize that this is
+# rude, but there is little that this script can do.
+#
+ chat -v \
+ TIMEOUT 30 \
+ ABORT '\nVOICE\r' \
+ '\nRING\r' 'AT&C1A' \
+ CONNECT '' \
+ TIMEOUT 10 \
+ ogin:--ogin: $ACCOUNT \
+ TIMEOUT 45 \
+ assword: $PASSWORD
+
+ if [ "$?" = "0" ]; then
+ exit 0
+ fi
+fi
+
+###################################################################
+#
+# The script has failed. Terminate the connection mode.
+#
+chat -v TIMEOUT 3 "" AT 'OK-+++\c-OK' 'AT&C1&D2S0=0H0' OK
+exit 1
diff --git a/ap/app/pppd/scripts/chat-callback b/ap/app/pppd/scripts/chat-callback
new file mode 100644
index 0000000..d014d6a
--- /dev/null
+++ b/ap/app/pppd/scripts/chat-callback
@@ -0,0 +1,98 @@
+# =====================================================================================
+# Chat script to dial our Company PPP account.
+# They uses a call-back system to identify us and to reverse
+# charge the call cost.
+# =====================================================================================
+#
+ECHO OFF
+# All the usual abort strings
+ABORT "NO CARRIER"
+ABORT "VOICE"
+ABORT "BUSY"
+ABORT "NO DIALTONE"
+ABORT "NO ANSWER"
+#
+# If calling outside allowed time we get this:
+#
+ABORT "Access denied"
+#
+# Modem initialisation stuff
+#
+TIMEOUT 5
+SAY "Initialising modem ...\n"
+'' ATE1
+'OK\r\n' ATS0=1S11=60X4&K4S42.1=1
+#
+# Now dial our ISP and wait for connection
+#
+SAY "Dialling our ISP ...\n"
+'OK\r\n' ATDT09834657
+TIMEOUT 60
+CONNECT \c
+SAY "Connected ...\n"
+#
+# This is the first stage login, we identify ourself so that the remote
+# system will agree to call us back.
+#
+TIMEOUT 30
+SAY "Sending Callback login ID ...\n"
+name:-BREAK-name: callme
+#
+# From now on, we must assume no carrier is normal as well
+# as receiving a HANGUP signal because it will be the
+# case if our ISP clears the call to call us back.
+#
+CLR_ABORT "NO CARRIER"
+HANGUP OFF
+#
+ABORT "Invalid"
+#
+# Now send password and wait to see what happens
+#
+SAY "Sending Callback password ...\n"
+word:--word: xvsgsgs
+"You will be" \c
+#
+# What can happen now is:
+# either: we get "You will be called back..." which is the successful case
+# or: we get "Invalid login" and we abort (bad login ID or password)
+# or: we get "NO CARRIER" because of an error, this will not abort
+# and we will time out after 30 seconds
+# or: we get nothing and we will time out after 30 seconds
+#
+#
+# We reach here if we got "You will be called back..."
+#
+CLR_ABORT "Invalid"
+SAY "Now waiting for Call back ...\n"
+#
+# The remote system will now hangup and we will get both "NO CARRIER"
+# and a hangup signal which are ignored. We now wait for a connection
+# for up to 120 seconds. What happens here if somebody else calls before
+# the remote system is a bit dangerous:
+#
+# If a malicious user connects and says 'name:', he will see 'PPPuser'
+# If he then says 'word:' he will see the passowrd 'blipblop'. I may not
+# know to which systems these belong to, though. It is up to you to consider
+# that case and decide wether the risk is too big or not ....
+#
+TIMEOUT 120
+"CONNECT" \c
+#
+# We have been called, re-arm ABORT on NO CARRIER and normal hangup signal
+# behaviour
+#
+HANGUP ON
+ABORT "NO CARRIER"
+#
+# Second stage login in order to start PPP
+#
+SAY "Remote system called back, logging in ...\n"
+SAY "Sending login ID ...\n"
+name:-BREAK-name: PPPuser
+SAY "Sending password ...\n"
+word:--word: blipblop
+SAY "Asking to start PPP ...\n"
+'CnetSrv' "ppp default"
+"Entering PPP mode" \c
+SAY "ISP PPP started ...\n"
diff --git a/ap/app/pppd/scripts/chatchat/README b/ap/app/pppd/scripts/chatchat/README
new file mode 100644
index 0000000..88a4c69
--- /dev/null
+++ b/ap/app/pppd/scripts/chatchat/README
@@ -0,0 +1,134 @@
+v 0.1 gpk@onramp.net 3/27/99
+
+I Intro
+
+ This document covers the use of the modified "chat" program and its
+adjunct "chatchat" to login using the Security Dynamics SecurID card
+on a linux system.
+
+ This set of files comprises a modified version of the chat program
+(the one distributed with ppp-2.3.5) and a new program called chatchat
+that allows you to supply data from the keyboard to the chat program.
+
+ The SecurID card generates passwords that have a lifetime of one
+minute and are used as a first layer in dial up security. The only
+software I know of for this card is for windows, so I wrote my own.
+This software allows you to type in the time-sensitive password right
+when your chat script is asked to supply the passcode by the remote
+system.
+
+
+II How It Works
+
+ This version of chat his an additional command that can be put into
+its options that says "Don't reply with this string. Open this pipe,
+read the contents, and reply with that instead." Chatchat creates a
+pipe and lets you type your passcode into it, then chat picks that up
+and sends it out just as though the passcode was hardcoded into the
+options.
+
+
+III Installation
+
+ I've provided intel binaries and source code the the modified chat
+program and the chatchat program. I'll recommend that you copy the
+chat.c program into your ppp-2.3.5/chat directory (save your original
+chat.c program first!) and re-make it using the Makefile that comes
+with chat. Copy the new chat somewhere into your path. (On my system
+chat lives in /usr/sbin/chat, so I've copied the modified one into
+/usr/sbin/chat.new and changed my dial in script to call chat.new
+instead of chat.
+
+ Second, compile chatchat.c and install it somewhere in your path:
+
+ gcc -g -o chatchat chatchat.c
+ cp chatchat /usr/sbin
+
+ Third, modify your chat script to use the chatchat program. Mine
+looks something like this:
+
+
+ --------------------
+
+#!/bin/sh
+#
+# This is part 2 of the ppp-on script. It will perform the connection
+# protocol for the desired connection.
+# use atm0 to turn down the speaker volume on my sportster x2 voice modem
+# gpk 11/2/97
+
+exec /usr/sbin/chat.new -V -v \
+ ABORT "BUSY" \
+ ABORT "NO DIAL TONE" \
+ ABORT "NO ANSWER" \
+ TIMEOUT 50 \
+ "" "atm0" \
+ OK ATDT$TELEPHONE \
+ CONNECT '' \
+ name: \\da0xxxxxx \
+ word: @/var/tmp/p \
+ compress. ''
+
+
+ -----------------------
+
+ This is a standard chat script:
+
+* abort if the modem is busy, you don't get a dial tone, no one
+ answers, or 50 seconds elapses.
+
+* use atm0 to mute the modem
+
+* dial the modem, when it connects, wait to be asked for account name
+
+* when we see "name:" prompt, delay briefly then respond with your
+ account name (fill in your account name)
+
+Now we get to the new stuff:
+
+* when we see "word:" in the password prompt, instead of responding
+ with "@/var/tmp/p", the modified chat program will open the pipe
+ /var/tmp/p, read the passcode out of there, and send it
+
+* when we see "compress." (the last word before ppp starts), reply
+ with nothing. The script ends and we start ppp.
+
+Note:
+
+* Make sure there is some whitespace between the filename and the \.
+
+
+IV Usage
+
+ To use this install the modified chat and chatchat programs, and
+modify your chat script similar to the above. Before you dial in,
+start that chatchat program giving it the same pipe as in your config
+file. In the above case:
+
+chatchat /var/tmp/p
+
+ Wait until you have one or two tick marks left on your card's
+current number, then start your dial up process that eventually calls
+chat. When chat goes to open and read the pipe, chatchat will prompt:
+
+
+type PIN into SecurID card and
+ enter resulting passcode:
+
+ At that point, type your PIN number into your Securid card, press
+the diamond, and type the resulting numbers in as your passcode. If
+you've left the -V -v options on your chat command you'll see
+everything so out, otherwise it works silently.
+
+ If you type the number wrong or run out of time, the server will
+respond with an authentication failure. In that case you will have to
+hang up and start again. I don't know how to build a conditional script
+that says either expect "compress" next, but if you see "name:" again,
+do this instead.
+
+
+V Additional Information
+
+ You can obtain additional information about chat and ppp from the
+man pages for chat and pppd, as well as the PPP-HOWTO.
+
diff --git a/ap/app/pppd/scripts/chatchat/chatchat.c b/ap/app/pppd/scripts/chatchat/chatchat.c
new file mode 100644
index 0000000..4534fb9
--- /dev/null
+++ b/ap/app/pppd/scripts/chatchat/chatchat.c
@@ -0,0 +1,409 @@
+/* *************************************************************************
+* NAME: chatchat.c
+*
+* DESCRIPTION:
+*
+* This program creates a pipe for the chat process to read. The user
+* can supply information (like a password) that will be picked up
+* by chat and sent just like the regular contents of a chat script.
+*
+* Usage is:
+*
+* chatchat <filename>
+*
+* where <filename> matches the option given in the chat script.
+*
+* for instance the chat script fragment:
+*
+* ...
+* name: \\dmyname \
+* word: @/var/tmp/p \
+* ...
+* ^
+* (note: leave some whitespace after the filename)
+*
+* expect "name:", reply with a delay followed by "myname"
+* expect "word:", reply with the data read from the pipe /var/tmp/p
+*
+* the matching usage of chatchat would be:
+*
+* chatchat /var/tmp/p
+*
+* eg:
+*
+* $chatchat /var/tmp/p
+* ...
+* some other process eventually starts:
+* chat ...
+* chat parses the "@/var/tmp/p" option and opens
+* /var/tmp/p
+* (chatchat prompts:)
+*
+* type PIN into SecurID card
+* enter resulting passcode: [user inputs something]
+*
+* chat reads /var/tmp/p & gets what the
+* user typed at chatchat's "enter string" prompt
+* chat removes the pipe file
+* chat sends the user's input as a response in
+* place of "@/var/tmp/p"
+*
+* PROCESS:
+*
+* gcc -g -o chatchat chatchat.c
+*
+*
+* GLOBALS: none
+*
+* REFERENCES:
+*
+* see the man pages and documentation that come with the 'chat' program
+* (part of the ppp package). you will need to use the modified chat
+* program that accepts the '@' operator.
+*
+* LIMITATIONS:
+*
+* REVISION HISTORY:
+*
+* STR Description Author
+*
+* 23-Mar-99 initial coding gpk
+* 12-May-99 unlink the pipe after closing paulus
+*
+* TARGET: ANSI C
+* This program is in the public domain.
+*
+*
+* ************************************************************************* */
+
+
+
+
+#include <sys/time.h>
+#include <stdio.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <fcntl.h>
+#include <unistd.h>
+#include <string.h>
+
+/* MAXINPUT - the data typed into chatchat must be fewer */
+/* characters than this. */
+
+#define MAXINPUT 80
+
+
+
+
+
+
+/* *************************************************************************
+
+
+ NAME: main
+
+
+ USAGE:
+
+ int argc;
+ char * argv[];
+
+ main(argc, argv[]);
+
+ returns: int
+
+ DESCRIPTION:
+ if the pipe file name is given on the command line,
+ create the pipe, prompt the user and put whatever
+ is typed into the pipe.
+
+ returns -1 on error
+ else # characters entered
+ REFERENCES:
+
+ LIMITATIONS:
+
+ GLOBAL VARIABLES:
+
+ accessed: none
+
+ modified: none
+
+ FUNCTIONS CALLED:
+
+ REVISION HISTORY:
+
+ STR Description of Revision Author
+
+ 25-Mar-99 initial coding gpk
+
+ ************************************************************************* */
+
+int main(int argc, char * argv[])
+{
+ int retval;
+
+ int create_and_write_pipe(char * pipename);
+
+ if (argc != 2)
+ {
+ fprintf(stderr, "usage: %s pipename\n", argv[0]);
+ retval = -1;
+ }
+ else
+ {
+ retval = create_and_write_pipe(argv[1]);
+ }
+ return (retval);
+}
+
+
+
+
+/* *************************************************************************
+
+
+ NAME: create_and_write_pipe
+
+
+ USAGE:
+
+ int some_int;
+ char * pipename;
+
+ some_int = create_and_write_pipe(pipename);
+
+ returns: int
+
+ DESCRIPTION:
+ given the pipename, create the pipe, open it,
+ prompt the user for a string to put into the
+ pipe, write the string, and close the pipe
+
+ on error, print out an error message and return -1
+
+ returns -1 on error
+ else #bytes written into the pipe
+ REFERENCES:
+
+ LIMITATIONS:
+
+ GLOBAL VARIABLES:
+
+ accessed: none
+
+ modified: none
+
+ FUNCTIONS CALLED:
+
+ REVISION HISTORY:
+
+ STR Description of Revision Author
+
+ 25-Mar-99 initial coding gpk
+ 12-May-99 remove pipe after closing paulus
+
+ ************************************************************************* */
+
+int create_and_write_pipe(char * pipename)
+{
+ int retval, created, pipefd, nread, nwritten;
+ char input[MAXINPUT];
+ char errstring[180];
+
+ int create_pipe(char * pipename);
+ int write_to_pipe(int pipefd, char * input, int nchar);
+
+ created = create_pipe(pipename);
+
+ if (-1 == created)
+ {
+ sprintf(errstring, "unable to create pipe '%s'", pipename);
+ perror(errstring);
+ retval = -1;
+ }
+ else
+ {
+
+ /* note: this open won't succeed until chat has the pipe */
+ /* open and ready to read. this makes for nice timing. */
+
+ pipefd = open(pipename, O_WRONLY);
+
+ if (-1 == pipefd)
+ {
+ sprintf(errstring, "unable to open pipe '%s'", pipename);
+ perror(errstring);
+ retval = -1;
+ }
+ else
+ {
+ fprintf(stderr, "%s \n %s",
+ "type PIN into SecurID card and",
+ "enter resulting passcode:");
+ nread = read(STDIN_FILENO, (void *)input, MAXINPUT);
+
+
+ if (0 >= nread)
+ {
+ perror("unable to read from stdin");
+ retval = -1;
+ }
+ else
+ {
+ /* munch off the newline character, chat supplies */
+ /* a return when it sends the string out. */
+ input[nread -1] = 0;
+ nread--;
+ nwritten = write_to_pipe(pipefd, input, nread);
+ /* printf("wrote [%d]: '%s'\n", nwritten, input); */
+ retval = nwritten;
+ }
+ close(pipefd);
+
+ /* Now make the pipe go away. It won't actually go away
+ completely until chat closes it. */
+ if (unlink(pipename) < 0)
+ perror("Warning: couldn't remove pipe");
+ }
+ }
+ return(retval);
+}
+
+
+
+
+
+
+
+/* *************************************************************************
+
+
+ NAME: create_pipe
+
+
+ USAGE:
+
+ int some_int;
+ char * pipename;
+
+ some_int = create_pipe(pipename);
+
+ returns: int
+
+ DESCRIPTION:
+ create a pipe of the given name
+
+ if there is an error (like the pipe already exists)
+ print an error message and return
+
+ return -1 on failure else success
+
+ REFERENCES:
+
+ LIMITATIONS:
+
+ GLOBAL VARIABLES:
+
+ accessed: none
+
+ modified: none
+
+ FUNCTIONS CALLED:
+
+ REVISION HISTORY:
+
+ STR Description of Revision Author
+
+ 25-Mar-99 initial coding gpk
+
+ ************************************************************************* */
+
+int create_pipe(char * pipename)
+{
+ mode_t old_umask;
+ int created;
+
+ /* hijack the umask temporarily to get the mode I want */
+ /* on the pipe. */
+
+ old_umask = umask(000);
+
+ created = mknod(pipename, S_IFIFO | S_IRWXU | S_IWGRP | S_IWOTH,
+ (dev_t)NULL);
+
+ /* now restore umask. */
+
+ (void)umask(old_umask);
+
+ if (-1 == created)
+ {
+ perror("unable to create pipe");
+ }
+
+ return(created);
+}
+
+
+
+
+
+
+/* *************************************************************************
+
+
+ NAME: write_to_pipe
+
+
+ USAGE:
+
+ int some_int;
+ int pipefd;
+ char * input;
+ int nchar;
+
+ some_int = write_to_pipe(pipefd, input, nchar);
+
+ returns: int
+
+ DESCRIPTION:
+ write nchars of data from input to pipefd
+
+ on error print a message to stderr
+
+ return -1 on error, else # bytes written
+ REFERENCES:
+
+ LIMITATIONS:
+
+ GLOBAL VARIABLES:
+
+ accessed: none
+
+ modified: none
+
+ FUNCTIONS CALLED:
+
+ REVISION HISTORY:
+
+ STR Description of Revision Author
+
+ 25-Mar-99 initial coding gpk
+ 12-May-99 don't write count word first paulus
+
+ ************************************************************************* */
+
+int write_to_pipe(int pipefd, char * input, int nchar)
+{
+ int nwritten;
+
+ /* nwritten = write(pipefd, (void *)&nchar, sizeof(nchar)); */
+ nwritten = write(pipefd, (void *)input, nchar);
+
+ if (-1 == nwritten)
+ {
+ perror("unable to write to pipe");
+ }
+
+ return(nwritten);
+}
diff --git a/ap/app/pppd/scripts/ip-down.local.add b/ap/app/pppd/scripts/ip-down.local.add
new file mode 100644
index 0000000..b93590e
--- /dev/null
+++ b/ap/app/pppd/scripts/ip-down.local.add
@@ -0,0 +1,20 @@
+
+#
+# This sample code shows you one way to modify your setup to allow automatic
+# configuration of your resolv.conf for peer supplied DNS addresses when using
+# the `usepeerdns' option.
+#
+# In my case I just added this to my /etc/ppp/ip-down.local script. You may need to
+# create an executable script if one does not exist.
+#
+# Nick Walker (nickwalker@email.com)
+#
+
+if [ -n "$USEPEERDNS" -a -f /etc/ppp/resolv.conf ]; then
+ if [ -f /etc/ppp/resolv.prev ]; then
+ cp -f /etc/ppp/resolv.prev /etc/resolv.conf
+ else
+ rm -f /etc/resolv.conf
+ fi
+fi
+
diff --git a/ap/app/pppd/scripts/ip-up.local.add b/ap/app/pppd/scripts/ip-up.local.add
new file mode 100644
index 0000000..8017209
--- /dev/null
+++ b/ap/app/pppd/scripts/ip-up.local.add
@@ -0,0 +1,24 @@
+
+#
+# This sample code shows you one way to modify your setup to allow automatic
+# configuration of your resolv.conf for peer supplied DNS addresses when using
+# the `usepeerdns' option.
+#
+# In my case I just added this to my /etc/ppp/ip-up.local script. You may need to
+# create an executable script if one does not exist.
+#
+# Nick Walker (nickwalker@email.com)
+#
+
+if [ -n "$USEPEERDNS" -a -f /etc/ppp/resolv.conf ]; then
+ rm -f /etc/ppp/resolv.prev
+ if [ -f /etc/resolv.conf ]; then
+ cp /etc/resolv.conf /etc/ppp/resolv.prev
+ grep domain /etc/ppp/resolv.prev > /etc/resolv.conf
+ grep search /etc/ppp/resolv.prev >> /etc/resolv.conf
+ cat /etc/ppp/resolv.conf >> /etc/resolv.conf
+ else
+ cp /etc/ppp/resolv.conf /etc
+ fi
+fi
+
diff --git a/ap/app/pppd/scripts/ipv6-down.sample b/ap/app/pppd/scripts/ipv6-down.sample
new file mode 100644
index 0000000..bf31574
--- /dev/null
+++ b/ap/app/pppd/scripts/ipv6-down.sample
@@ -0,0 +1,31 @@
+#!/bin/sh
+#
+# This script is called with the following parameters:
+# interface tty speed local-address remote-address ipparam
+#
+
+
+# Kill the router advertisement daemon on this interface.
+# The killing procedure is copied from RedHat 6.0 initscripts.
+
+DEVICE="$1"
+
+PIDFILE="/var/run/radvd-$DEVICE.pid"
+
+[ -f "$PIDFILE" ] || exit 0
+
+PID="$(cat "$PIDFILE")"
+if [ "$PID" != "" ]; then
+ if ps h "$PID" >/dev/null 2>&1; then
+ kill -TERM "$PID"
+ usleep 10000
+ if ps h "$PID" >/dev/null 2>&1; then
+ sleep 1
+ if ps h "$PID" >/dev/null 2>&1; then
+ kill -KILL "$PID"
+ fi
+ fi
+ fi
+fi
+
+rm -f "$PIDFILE"
diff --git a/ap/app/pppd/scripts/ipv6-up.sample b/ap/app/pppd/scripts/ipv6-up.sample
new file mode 100644
index 0000000..0974da9
--- /dev/null
+++ b/ap/app/pppd/scripts/ipv6-up.sample
@@ -0,0 +1,34 @@
+#!/bin/sh
+#
+# This script is called with the following parameters:
+# interface tty speed local-address remote-address ipparam
+#
+
+
+# Start router advertisements on this link.
+# Based on radvd 0.5.0 behaviour
+
+DEVICE="$1"
+
+CFGFILE="/etc/radvd.conf-$DEVICE"
+PIDFILE="/var/run/radvd-$DEVICE.pid"
+EXEFILE="/usr/sbin/radvd"
+
+if [ -x "$EXEFILE" -a -f "$CFGFILE" ]; then
+ touch "$PIDFILE"
+ if [ ! -f "$PIDFILE" ]; then
+ echo "error: $PIDFILE is not a regular file. Aborting"
+ exit 0
+ fi
+
+ PID="$(cat "$PIDFILE")"
+ if [ -n "$PID" ]; then
+ ps h "$PID" >/dev/null 2>&1 && exit 0
+ fi
+
+ # radvd 0.5.0 doesn't write a pid-file so we do it here
+ # enabling debugging keeps radvd in foreground, putting it
+ # on background gives us the PID.
+ "$EXEFILE" -d 1 -C "$CFGFILE" &
+ echo $! >"$PIDFILE"
+fi
diff --git a/ap/app/pppd/scripts/options-rsh-loc b/ap/app/pppd/scripts/options-rsh-loc
new file mode 100644
index 0000000..b015b87
--- /dev/null
+++ b/ap/app/pppd/scripts/options-rsh-loc
@@ -0,0 +1 @@
+debug asyncmap FFFFFFFF escape FF kdebug 0 noipdefault nodefaultroute noauth mtu 1460
diff --git a/ap/app/pppd/scripts/options-rsh-rem b/ap/app/pppd/scripts/options-rsh-rem
new file mode 100644
index 0000000..4b10bb9
--- /dev/null
+++ b/ap/app/pppd/scripts/options-rsh-rem
@@ -0,0 +1 @@
+notty debug asyncmap FFFFFFFF escape FF kdebug 0 noipdefault nodefaultroute noauth mtu 1460
diff --git a/ap/app/pppd/scripts/options-ssh-loc b/ap/app/pppd/scripts/options-ssh-loc
new file mode 100644
index 0000000..add03d6
--- /dev/null
+++ b/ap/app/pppd/scripts/options-ssh-loc
@@ -0,0 +1 @@
+debug asyncmap FFFFFFFF escape FF kdebug 0 noipdefault nodefaultroute noauth mtu 1400
diff --git a/ap/app/pppd/scripts/options-ssh-rem b/ap/app/pppd/scripts/options-ssh-rem
new file mode 100644
index 0000000..d690722
--- /dev/null
+++ b/ap/app/pppd/scripts/options-ssh-rem
@@ -0,0 +1 @@
+notty debug asyncmap FFFFFFFF escape FF kdebug 0 noipdefault nodefaultroute noauth mtu 1400
diff --git a/ap/app/pppd/scripts/plog b/ap/app/pppd/scripts/plog
new file mode 100644
index 0000000..84d2c73
--- /dev/null
+++ b/ap/app/pppd/scripts/plog
@@ -0,0 +1,7 @@
+#!/bin/sh
+
+if [ -s /var/log/ppp.log ]; then
+ exec tail "$@" /var/log/ppp.log
+else
+ exec tail "$@" /var/log/syslog | grep ' \(pppd\|chat\)\['
+fi
diff --git a/ap/app/pppd/scripts/poff b/ap/app/pppd/scripts/poff
new file mode 100644
index 0000000..659bfa7
--- /dev/null
+++ b/ap/app/pppd/scripts/poff
@@ -0,0 +1,104 @@
+#!/bin/sh
+
+# $Id: poff,v 1.1 2002/11/24 23:30:44 etbe Exp $
+# Written by John Hasler <john@dhh.gt.org> and based on work
+# by Phil Hands <phil@hands.com>. Distributed under the GNU GPL
+
+if [ -x /usr/bin/kill ]; then
+ KILL="/usr/bin/kill"
+else
+ KILL="/bin/kill"
+fi
+SIG=TERM
+DONE="stopped"
+MODE=""
+
+usage ()
+{
+ cat <<!EOF!
+usage: $0 [option] [provider]
+options:
+ -r Cause pppd to drop the line and redial.
+ -d Toggle the state of pppd's debug option.
+ -c Cause pppd to renegotiate compression.
+ -a Stop all pppd's. 'provider' will be ignored.
+ -h Print this help summary and exit.
+ -v Print version and exit.
+ none Stop pppd.
+
+Options may not be combined.
+
+If 'provider' is omitted pppd will be stopped or signalled if and only if
+there is exactly one running unless the '-a' option was given. If
+'provider' is supplied the pppd controlling the connection to that
+provider will be stopped or signalled.
+!EOF!
+}
+
+# Get option. If there are none replace the "?" that getopts puts in
+# FLAG on error with "null".
+getopts rdcavh FLAG
+if [ "$?" -ne 0 ]; then
+ FLAG="null"
+fi
+
+# Check for additional options. Should be none.
+getopts :rdcavh DUMMY
+if [ "$?" -eq 0 ]; then
+ echo "$0: Illegal option -- ${OPTARG}."
+ exit 1
+fi
+
+case $FLAG in
+ "r") SIG=HUP; DONE=signalled; shift ;;
+ "d") SIG=USR1; DONE=signalled; shift ;;
+ "c") SIG=USR2; DONE=signalled; shift ;;
+ "a") MODE="all"; shift ;;
+ "v") echo "$0$Revision: 1.1 $_TrickToPrint_RCS_Revision"; exit 0 ;;
+ "h") usage; exit 0 ;;
+ "?") exit 1;
+esac
+
+# Get the PIDs of all the pppds running. Could also get these from
+# /var/run, but pppd doesn't create .pid files until ppp is up.
+PIDS=`pidof pppd`
+
+# poff is pointless if pppd isn't running.
+if test -z "$PIDS"; then
+ echo "$0: No pppd is running. None ${DONE}."
+ exit 1
+fi
+
+# Find out how many pppd's are running.
+N=`echo "$PIDS" | wc -w`
+
+# If there are no arguments we can't do anything if there is more than one
+# pppd running.
+if test "$#" -eq 0 -a "$N" -gt 1 -a $FLAG != "a" ; then
+ echo "$0: More than one pppd running and no "-a" option and
+no arguments supplied. Nothing ${DONE}."
+ exit 1
+fi
+
+# If either there are no arguments or '-a' was specified kill all the
+# pppd's.
+if test "$#" -eq 0 -o "$MODE" = "all" ; then
+ $KILL -$SIG $PIDS || {
+ echo "$0: $KILL failed. None ${DONE}."
+ exit 1
+ }
+ exit 0
+fi
+
+# There is an argument, so kill the pppd started on that provider.
+PID=`ps axw | grep "[ /]pppd call $1 *\$" | awk '{print $1}'`
+if test -n "$PID" ; then
+ $KILL -$SIG $PID || {
+ echo "$0: $KILL failed. None ${DONE}."
+ exit 1
+ }
+else
+ echo "$0: I could not find a pppd process for provider '$1'. None ${DONE}."
+ exit 1
+fi
+exit 0
diff --git a/ap/app/pppd/scripts/pon b/ap/app/pppd/scripts/pon
new file mode 100644
index 0000000..ef47518
--- /dev/null
+++ b/ap/app/pppd/scripts/pon
@@ -0,0 +1,40 @@
+#!/bin/sh
+
+PPP_ON_BOOT=/etc/ppp/ppp_on_boot
+
+case "$1" in
+ -*) echo "
+Usage: pon [provider] [arguments]
+
+If pon is invoked without arguments, $PPP_ON_BOOT file will be
+run, presuming it exists and is executable. Otherwise, a PPP connection
+will be started using settings from /etc/ppp/peers/provider.
+If you specify one argument, a PPP connection will be started using
+settings from the appropriate file in the /etc/ppp/peers/ directory, and
+any additional arguments supplied will be passed as extra arguments to
+pppd.
+"
+ exit 0
+ ;;
+esac
+
+if [ -z "$1" -a -x "$PPP_ON_BOOT" ]; then
+ exec "$PPP_ON_BOOT"
+fi
+
+if [ -z "$1" -a ! -f /etc/ppp/peers/provider ]; then
+ echo "
+Please configure /etc/ppp/peers/provider or use a command line argument to
+use another file in /etc/ppp/peers/ directory.
+"
+ exit 1
+fi
+
+if [ "$1" -a ! -f "/etc/ppp/peers/$1" ]; then
+ echo "
+The file /etc/ppp/peers/$1 does not exist.
+"
+ exit 1
+fi
+
+exec /usr/sbin/pppd call ${@:-provider}
diff --git a/ap/app/pppd/scripts/pon.1 b/ap/app/pppd/scripts/pon.1
new file mode 100644
index 0000000..8c27f83
--- /dev/null
+++ b/ap/app/pppd/scripts/pon.1
@@ -0,0 +1,120 @@
+.\" This manual is published under the GPL.
+.\" All guidelines specified in the GPL apply here.
+.\" To get an ascii file:
+.\" groff -man -Tascii pon.1 > pon.txt
+.\"
+.TH PON 1 "July 2000" "Debian Project" "Debian PPPD"
+.SH NAME
+pon, poff, plog \- starts up, shuts down or lists the log of PPP connections
+.SH SYNOPSIS
+.B pon
+[ isp\-name [ options ] ]
+.br
+.B poff
+[ \-r ] [ \-d ] [ \-c ] [ \-a ] [ \-h ] [ isp\-name ]
+.br
+.B plog
+[ arguments ]
+.SH DESCRIPTION
+This manual page describes the \fBpon\fP, \fBplog\fP and \fBpoff\fP
+scripts, which allow users to control PPP connections.
+..
+.SS pon
+\fBpon\fP, invoked without arguments, runs the \fI/etc/ppp/ppp_on_boot\fP
+file, if it exists and is executable. Otherwise, a PPP connection will be
+started using configuration from \fI/etc/ppp/peers/provider\fP.
+This is the default behaviour unless an \fBisp\-name\fP argument is given.
+.PP
+For instance, to use ISP configuration "myisp" run:
+.IP
+pon myisp
+.PP
+\fBpon\fP will then use the options file \fI/etc/ppp/peers/myisp\fP.
+You can pass additional \fBoptions\fP after the ISP name, too.
+\fBpon\fP can be used to run multiple, simultaneous PPP connections.
+..
+.SS poff
+\fBpoff\fP closes a PPP connection. If more than one PPP connection exists,
+the one named in the argument to \fBpoff\fP will be killed, e.g.
+.IP
+poff myprovider2
+.PP
+will terminate the connection to myprovider2, and leave the PPP connections
+to e.g. "myprovider1" or "myprovider3" up and running.
+.PP
+\fBpoff\fP takes the following command line options:
+.RS
+.TP
+.B "\-r"
+causes the connection to be redialed after it is dropped.
+.TP
+.B "\-d"
+toggles the state of pppd's debug option.
+.TP
+.B "\-c"
+causes
+.BR pppd (8)
+to renegotiate compression.
+.TP
+.B "\-a"
+stops all running ppp connections. If the argument \fBisp\-name\fP
+is given it will be ignored.
+.TP
+.B "\-h"
+displays help information.
+.TP
+.B "\-v"
+prints the version and exits.
+.PP
+If no argument is given, \fBpoff\fP will stop or signal pppd if and only
+if there is exactly one running. If more than one connection is active,
+it will exit with an error code of 1.
+..
+.SS plog
+\fBplog\fP shows you the last few lines of \fI/var/log/ppp.log\fP. If that
+file doesn't exist, it shows you the last few lines of your
+\fI/var/log/syslog\fP file, but excluding the lines not generated by pppd.
+This script makes use of the
+.BR tail (1)
+command, so arguments that can be passed to
+.BR tail (1)
+can also be passed to \fBplog\fP.
+.PP
+Note: the \fBplog\fP script can only be used by root or another system
+administrator in group "adm", due to security reasons. Also, to have all
+pppd-generated information in one logfile, that plog can show, you need the
+following line in your \fI/etc/syslog.conf\fP file:
+.PP
+local2.* \-/var/log/ppp.log
+.RE
+.SH FILES
+.TP
+.I /etc/ppp/options
+PPPd system options file.
+.TP
+.I /etc/ppp/pap\-secrets
+System PAP passwords file.
+.TP
+.I /etc/ppp/chap\-secrets
+System CHAP passwords file.
+.TP
+.I /etc/ppp/peers/
+Directory holding the peer options files. The default file is called
+\fIprovider\fP.
+.TP
+.I /etc/chatscripts/provider
+The chat script invoked from the default \fI/etc/ppp/peers/provider\fP.
+.TP
+.I /var/log/ppp.log
+The default PPP log file.
+.SH AUTHORS
+The p-commands were written by Christoph Lameter <clameter@debian.org>.
+Updated and revised by Philip Hands <phil@hands.com>.
+.br
+This manual was written by Othmar Pasteka <othmar@tron.at>. Modified
+by Rob Levin <lilo@openprojects.net>, with some extensions taken from
+the old p-commands manual written by John Hasler <jhasler@debian.org>.
+.SH "SEE ALSO"
+.BR pppd (8),
+.BR chat (8),
+.BR tail (1).
diff --git a/ap/app/pppd/scripts/ppp-off b/ap/app/pppd/scripts/ppp-off
new file mode 100644
index 0000000..a22b5ea
--- /dev/null
+++ b/ap/app/pppd/scripts/ppp-off
@@ -0,0 +1,34 @@
+#!/bin/sh
+######################################################################
+#
+# Determine the device to be terminated.
+#
+if [ "$1" = "" ]; then
+ DEVICE=ppp0
+else
+ DEVICE=$1
+fi
+
+######################################################################
+#
+# If the ppp0 pid file is present then the program is running. Stop it.
+if [ -r /var/run/$DEVICE.pid ]; then
+ kill -INT `cat /var/run/$DEVICE.pid`
+#
+# If the kill did not work then there is no process running for this
+# pid. It may also mean that the lock file will be left. You may wish
+# to delete the lock file at the same time.
+ if [ ! "$?" = "0" ]; then
+ rm -f /var/run/$DEVICE.pid
+ echo "ERROR: Removed stale pid file"
+ exit 1
+ fi
+#
+# Success. Let pppd clean up its own junk.
+ echo "PPP link to $DEVICE terminated."
+ exit 0
+fi
+#
+# The ppp process is not running for ppp0
+echo "ERROR: PPP link is not active on $DEVICE"
+exit 1
diff --git a/ap/app/pppd/scripts/ppp-on b/ap/app/pppd/scripts/ppp-on
new file mode 100644
index 0000000..ab79db4
--- /dev/null
+++ b/ap/app/pppd/scripts/ppp-on
@@ -0,0 +1,36 @@
+#!/bin/sh
+#
+# Script to initiate a ppp connection. This is the first part of the
+# pair of scripts. This is not a secure pair of scripts as the codes
+# are visible with the 'ps' command. However, it is simple.
+#
+# These are the parameters. Change as needed.
+TELEPHONE=555-1212 # The telephone number for the connection
+ACCOUNT=george # The account name for logon (as in 'George Burns')
+PASSWORD=gracie # The password for this account (and 'Gracie Allen')
+LOCAL_IP=0.0.0.0 # Local IP address if known. Dynamic = 0.0.0.0
+REMOTE_IP=0.0.0.0 # Remote IP address if desired. Normally 0.0.0.0
+NETMASK=255.255.255.0 # The proper netmask if needed
+#
+# Export them so that they will be available at 'ppp-on-dialer' time.
+export TELEPHONE ACCOUNT PASSWORD
+#
+# This is the location of the script which dials the phone and logs
+# in. Please use the absolute file name as the $PATH variable is not
+# used on the connect option. (To do so on a 'root' account would be
+# a security hole so don't ask.)
+#
+DIALER_SCRIPT=/etc/ppp/ppp-on-dialer
+#
+# Initiate the connection
+#
+# I put most of the common options on this command. Please, don't
+# forget the 'lock' option or some programs such as mgetty will not
+# work. The asyncmap and escape will permit the PPP link to work with
+# a telnet or rlogin connection. You are welcome to make any changes
+# as desired. Don't use the 'defaultroute' option if you currently
+# have a default route to an ethernet gateway.
+#
+exec /usr/sbin/pppd debug lock modem crtscts /dev/ttyS0 38400 \
+ asyncmap 20A0000 escape FF kdebug 0 $LOCAL_IP:$REMOTE_IP \
+ noipdefault netmask $NETMASK defaultroute connect $DIALER_SCRIPT
diff --git a/ap/app/pppd/scripts/ppp-on-dialer b/ap/app/pppd/scripts/ppp-on-dialer
new file mode 100644
index 0000000..7d66765
--- /dev/null
+++ b/ap/app/pppd/scripts/ppp-on-dialer
@@ -0,0 +1,17 @@
+#!/bin/sh
+#
+# This is part 2 of the ppp-on script. It will perform the connection
+# protocol for the desired connection.
+#
+exec chat -v \
+ TIMEOUT 3 \
+ ABORT '\nBUSY\r' \
+ ABORT '\nNO ANSWER\r' \
+ ABORT '\nRINGING\r\n\r\nRINGING\r' \
+ '' \rAT \
+ 'OK-+++\c-OK' ATH0 \
+ TIMEOUT 30 \
+ OK ATDT$TELEPHONE \
+ CONNECT '' \
+ ogin:--ogin: $ACCOUNT \
+ assword: $PASSWORD
diff --git a/ap/app/pppd/scripts/ppp-on-rsh b/ap/app/pppd/scripts/ppp-on-rsh
new file mode 100644
index 0000000..30a50db
--- /dev/null
+++ b/ap/app/pppd/scripts/ppp-on-rsh
@@ -0,0 +1,72 @@
+#!/bin/sh
+#
+# A sample script to establish PPP session(s) via rsh
+#
+# Adi Masputra <adi.masputra@sun.com>
+# Jan 24, 2000
+#
+
+#
+# You'd definitely want to change the following addresses to suit
+# your network configuration
+#
+LOC_IP=10.0.0.1
+REM_IP=10.0.0.2
+NETMASK=255.255.0.0
+
+export LOC_IP REM_IP
+
+#
+# This is the remote peer where in.rshd is running, either
+# its hostname or IP address
+#
+PPPD_RHOST=myremotehost
+
+#
+# For this example, we assume that pppd on both local and remote
+# machines reside in the same place, /usr/local/bin/pppd
+#
+PPPD_LOC=/usr/local/bin/pppd
+
+#
+# The location of local options file (where rsh client is running).
+# Note that the sample options file included in the distribution
+# may need further customizations, depending on your needs. The 'noauth'
+# option specified in the file is there to simplify the example. In
+# reality, you'd probably want to remove such option.
+#
+PPPD_LOC_OPT=/etc/ppp/options-rsh-loc
+
+#
+# The location of remote options file (where in.rshd daemon is running).
+# Note that the sample options file included in the distribution
+# may need further customizations, depending on your needs. The 'noauth'
+# option specified in the file is there to simplify the example. In
+# reality, you'd probably want to remove such option. Also note that
+# the remote options file need to include the 'notty' option for this
+# to work
+#
+PPPD_REM_OPT=/etc/ppp/options-rsh-rem
+
+#
+# The location of rsh client on the local machine
+#
+RSH_LOC=/bin/rsh
+
+export PPPD_LOC PPPD_LOC_OPT PPPD_REM_OPT PPPD_RHOST RSH_LOC
+
+#
+# Uncomment the following to enable IPv6, note that the IPv6 support
+# needs to be enabled during compilation
+#
+# PPPD_IPV6='+ipv6 ipv6cp-use-ipaddr'
+export PPPD_IPV6
+
+#
+# And execute pppd with the pty option, specifying rsh client as the
+# slave side of the pseduo-tty master/slave pair.
+#
+exec $PPPD_LOC \
+ pty '$RSH_LOC $PPPD_RHOST $PPPD_LOC $REM_IP:$LOC_IP $PPPD_IPV6 file $PPPD_REM_OPT' \
+ $LOC_IP:$REM_IP netmask $NETMASK $PPPD_IPV6 file $PPPD_LOC_OPT
+
diff --git a/ap/app/pppd/scripts/ppp-on-ssh b/ap/app/pppd/scripts/ppp-on-ssh
new file mode 100644
index 0000000..0e41aca
--- /dev/null
+++ b/ap/app/pppd/scripts/ppp-on-ssh
@@ -0,0 +1,76 @@
+#!/bin/sh
+#
+# A sample script to establish PPP session(s) via SSH 1.x
+#
+# Adi Masputra <adi.masputra@sun.com>
+# Jan 24, 2000
+#
+
+#
+# You'd definitely want to change the following addresses to suit
+# your network configuration
+#
+LOC_IP=10.0.0.1
+REM_IP=10.0.0.2
+NETMASK=255.255.0.0
+
+export LOC_IP REM_IP
+
+#
+# This is the remote peer where sshd is running, either
+# its hostname or IP address
+#
+PPPD_RHOST=myremotehost
+
+#
+# For this example, we assume that pppd on both local and remote
+# machines reside in the same place, /usr/local/bin/pppd
+#
+PPPD_LOC=/usr/local/bin/pppd
+
+#
+# The location of local options file (where ssh client is running).
+# Note that the sample options file included in the distribution
+# may need further customizations, depending on your needs. The 'noauth'
+# option specified in the file is there to simplify the example, although
+# some may choose to have it there and rely on ssh authentication
+# instead.
+#
+PPPD_LOC_OPT=/etc/ppp/options-ssh-loc
+
+#
+# The location of remote options file (where sshd daemon is running)
+# Note that the sample options file included in the distribution
+# may need further customizations, depending on your needs. The 'noauth'
+# option specified in the file is there to simplify the example, although
+# some may choose to have it there and rely on ssh authentication
+# instead. Also note that the remote options file need to include the 'notty'
+# options for this to work.
+#
+PPPD_REM_OPT=/etc/ppp/options-ssh-rem
+
+#
+# The location of ssh client on the local machine
+#
+SSH_LOC=/usr/local/bin/ssh
+
+export PPPD_LOC PPPD_LOC_OPT PPPD_REM_OPT PPPD_RHOST SSH_LOC
+
+#
+# Uncomment the following to enable IPv6, note that the IPv6 support
+# needs to be enabled during compilation
+#
+# PPPD_IPV6='+ipv6 ipv6cp-use-ipaddr'
+export PPPD_IPV6
+
+#
+# And execute pppd with the pty option, specifying ssh client as the
+# slave side of the pseudo-tty master/slave pair. Note that on this example,
+# ssh has been compiled to allow NULL encryption (thus the '-c none' option),
+# but in reality, you'd probably want to specify the encryption algorithm.
+# See the man page of ssh(1) for details.
+#
+exec $PPPD_LOC \
+ pty '$SSH_LOC -c none $PPPD_RHOST $PPPD_LOC $REM_IP:$LOC_IP $PPPD_IPV6 file $PPPD_REM_OPT' \
+ $LOC_IP:$REM_IP netmask $NETMASK $PPPD_IPV6 file $PPPD_LOC_OPT
+
diff --git a/ap/app/pppd/scripts/radiusclient/dictionary b/ap/app/pppd/scripts/radiusclient/dictionary
new file mode 100644
index 0000000..8172890
--- /dev/null
+++ b/ap/app/pppd/scripts/radiusclient/dictionary
@@ -0,0 +1,242 @@
+#
+# Updated 97/06/13 to livingston-radius-2.01 miquels@cistron.nl
+#
+# This file contains dictionary translations for parsing
+# requests and generating responses. All transactions are
+# composed of Attribute/Value Pairs. The value of each attribute
+# is specified as one of 4 data types. Valid data types are:
+#
+# string - 0-253 octets
+# ipaddr - 4 octets in network byte order
+# integer - 32 bit value in big endian order (high byte first)
+# date - 32 bit value in big endian order - seconds since
+# 00:00:00 GMT, Jan. 1, 1970
+#
+# Enumerated values are stored in the user file with dictionary
+# VALUE translations for easy administration.
+#
+# Example:
+#
+# ATTRIBUTE VALUE
+# --------------- -----
+# Framed-Protocol = PPP
+# 7 = 1 (integer encoding)
+#
+
+INCLUDE /etc/radiusclient/dictionary.ms
+INCLUDE /etc/radiusclient/dictionary.sg
+#
+# Following are the proper new names. Use these.
+#
+ATTRIBUTE User-Name 1 string
+ATTRIBUTE Password 2 string
+ATTRIBUTE CHAP-Password 3 string
+ATTRIBUTE NAS-IP-Address 4 ipaddr
+ATTRIBUTE NAS-Port-Id 5 integer
+ATTRIBUTE Service-Type 6 integer
+ATTRIBUTE Framed-Protocol 7 integer
+ATTRIBUTE Framed-IP-Address 8 ipaddr
+ATTRIBUTE Framed-IP-Netmask 9 ipaddr
+ATTRIBUTE Framed-Routing 10 integer
+ATTRIBUTE Filter-Id 11 string
+ATTRIBUTE Framed-MTU 12 integer
+ATTRIBUTE Framed-Compression 13 integer
+ATTRIBUTE Login-IP-Host 14 ipaddr
+ATTRIBUTE Login-Service 15 integer
+ATTRIBUTE Login-TCP-Port 16 integer
+ATTRIBUTE Reply-Message 18 string
+ATTRIBUTE Callback-Number 19 string
+ATTRIBUTE Callback-Id 20 string
+ATTRIBUTE Framed-Route 22 string
+ATTRIBUTE Framed-IPX-Network 23 ipaddr
+ATTRIBUTE State 24 string
+ATTRIBUTE Class 25 string
+ATTRIBUTE Vendor-Specific 26 string
+ATTRIBUTE Session-Timeout 27 integer
+ATTRIBUTE Idle-Timeout 28 integer
+ATTRIBUTE Termination-Action 29 integer
+ATTRIBUTE Called-Station-Id 30 string
+ATTRIBUTE Calling-Station-Id 31 string
+ATTRIBUTE NAS-Identifier 32 string
+ATTRIBUTE Proxy-State 33 string
+ATTRIBUTE Login-LAT-Service 34 string
+ATTRIBUTE Login-LAT-Node 35 string
+ATTRIBUTE Login-LAT-Group 36 string
+ATTRIBUTE Framed-AppleTalk-Link 37 integer
+ATTRIBUTE Framed-AppleTalk-Network 38 integer
+ATTRIBUTE Framed-AppleTalk-Zone 39 string
+ATTRIBUTE Acct-Status-Type 40 integer
+ATTRIBUTE Acct-Delay-Time 41 integer
+ATTRIBUTE Acct-Input-Octets 42 integer
+ATTRIBUTE Acct-Output-Octets 43 integer
+ATTRIBUTE Acct-Session-Id 44 string
+ATTRIBUTE Acct-Authentic 45 integer
+ATTRIBUTE Acct-Session-Time 46 integer
+ATTRIBUTE Acct-Input-Packets 47 integer
+ATTRIBUTE Acct-Output-Packets 48 integer
+ATTRIBUTE Acct-Terminate-Cause 49 integer
+ATTRIBUTE Acct-Multi-Session-Id 50 string
+ATTRIBUTE Acct-Link-Count 51 integer
+ATTRIBUTE Event-Timestamp 55 integer
+ATTRIBUTE CHAP-Challenge 60 string
+ATTRIBUTE NAS-Port-Type 61 integer
+ATTRIBUTE Port-Limit 62 integer
+ATTRIBUTE Login-LAT-Port 63 integer
+ATTRIBUTE Connect-Info 77 string
+
+#
+# RFC3162 IPv6 attributes
+#
+ATTRIBUTE NAS-IPv6-Address 95 string
+ATTRIBUTE Framed-Interface-Id 96 string
+ATTRIBUTE Framed-IPv6-Prefix 97 string
+ATTRIBUTE Login-IPv6-Host 98 string
+ATTRIBUTE Framed-IPv6-Route 99 string
+ATTRIBUTE Framed-IPv6-Pool 100 string
+
+#
+# Experimental Non Protocol Attributes used by Cistron-Radiusd
+#
+ATTRIBUTE Huntgroup-Name 221 string
+ATTRIBUTE User-Category 1029 string
+ATTRIBUTE Group-Name 1030 string
+ATTRIBUTE Simultaneous-Use 1034 integer
+ATTRIBUTE Strip-User-Name 1035 integer
+ATTRIBUTE Fall-Through 1036 integer
+ATTRIBUTE Add-Port-To-IP-Address 1037 integer
+ATTRIBUTE Exec-Program 1038 string
+ATTRIBUTE Exec-Program-Wait 1039 string
+ATTRIBUTE Hint 1040 string
+
+#
+# Non-Protocol Attributes
+# These attributes are used internally by the server
+#
+ATTRIBUTE Expiration 21 date
+ATTRIBUTE Auth-Type 1000 integer
+ATTRIBUTE Menu 1001 string
+ATTRIBUTE Termination-Menu 1002 string
+ATTRIBUTE Prefix 1003 string
+ATTRIBUTE Suffix 1004 string
+ATTRIBUTE Group 1005 string
+ATTRIBUTE Crypt-Password 1006 string
+ATTRIBUTE Connect-Rate 1007 integer
+
+#
+# Integer Translations
+#
+
+# User Types
+
+VALUE Service-Type Login-User 1
+VALUE Service-Type Framed-User 2
+VALUE Service-Type Callback-Login-User 3
+VALUE Service-Type Callback-Framed-User 4
+VALUE Service-Type Outbound-User 5
+VALUE Service-Type Administrative-User 6
+VALUE Service-Type NAS-Prompt-User 7
+
+# Framed Protocols
+
+VALUE Framed-Protocol PPP 1
+VALUE Framed-Protocol SLIP 2
+
+# Framed Routing Values
+
+VALUE Framed-Routing None 0
+VALUE Framed-Routing Broadcast 1
+VALUE Framed-Routing Listen 2
+VALUE Framed-Routing Broadcast-Listen 3
+
+# Framed Compression Types
+
+VALUE Framed-Compression None 0
+VALUE Framed-Compression Van-Jacobson-TCP-IP 1
+
+# Login Services
+
+VALUE Login-Service Telnet 0
+VALUE Login-Service Rlogin 1
+VALUE Login-Service TCP-Clear 2
+VALUE Login-Service PortMaster 3
+
+# Status Types
+
+VALUE Acct-Status-Type Start 1
+VALUE Acct-Status-Type Stop 2
+VALUE Acct-Status-Type Alive 3
+VALUE Acct-Status-Type Accounting-On 7
+VALUE Acct-Status-Type Accounting-Off 8
+
+# Authentication Types
+
+VALUE Acct-Authentic RADIUS 1
+VALUE Acct-Authentic Local 2
+VALUE Acct-Authentic PowerLink128 100
+
+# Termination Options
+
+VALUE Termination-Action Default 0
+VALUE Termination-Action RADIUS-Request 1
+
+# NAS Port Types, available in 3.3.1 and later
+
+VALUE NAS-Port-Type Async 0
+VALUE NAS-Port-Type Sync 1
+VALUE NAS-Port-Type ISDN 2
+VALUE NAS-Port-Type ISDN-V120 3
+VALUE NAS-Port-Type ISDN-V110 4
+
+# Acct Terminate Causes, available in 3.3.2 and later
+
+VALUE Acct-Terminate-Cause User-Request 1
+VALUE Acct-Terminate-Cause Lost-Carrier 2
+VALUE Acct-Terminate-Cause Lost-Service 3
+VALUE Acct-Terminate-Cause Idle-Timeout 4
+VALUE Acct-Terminate-Cause Session-Timeout 5
+VALUE Acct-Terminate-Cause Admin-Reset 6
+VALUE Acct-Terminate-Cause Admin-Reboot 7
+VALUE Acct-Terminate-Cause Port-Error 8
+VALUE Acct-Terminate-Cause NAS-Error 9
+VALUE Acct-Terminate-Cause NAS-Request 10
+VALUE Acct-Terminate-Cause NAS-Reboot 11
+VALUE Acct-Terminate-Cause Port-Unneeded 12
+VALUE Acct-Terminate-Cause Port-Preempted 13
+VALUE Acct-Terminate-Cause Port-Suspended 14
+VALUE Acct-Terminate-Cause Service-Unavailable 15
+VALUE Acct-Terminate-Cause Callback 16
+VALUE Acct-Terminate-Cause User-Error 17
+VALUE Acct-Terminate-Cause Host-Request 18
+
+#
+# Non-Protocol Integer Translations
+#
+
+VALUE Auth-Type Local 0
+VALUE Auth-Type System 1
+VALUE Auth-Type SecurID 2
+VALUE Auth-Type Crypt-Local 3
+VALUE Auth-Type Reject 4
+
+#
+# Cistron extensions
+#
+VALUE Auth-Type Pam 253
+VALUE Auth-Type Accept 254
+
+#
+# Experimental Non-Protocol Integer Translations for Cistron-Radiusd
+#
+VALUE Fall-Through No 0
+VALUE Fall-Through Yes 1
+VALUE Add-Port-To-IP-Address No 0
+VALUE Add-Port-To-IP-Address Yes 1
+
+#
+# Configuration Values
+# uncomment these two lines to turn account expiration on
+#
+
+#VALUE Server-Config Password-Expiration 30
+#VALUE Server-Config Password-Warning 5
+
diff --git a/ap/app/pppd/scripts/radiusclient/dictionary.ms b/ap/app/pppd/scripts/radiusclient/dictionary.ms
new file mode 100644
index 0000000..c8b0832
--- /dev/null
+++ b/ap/app/pppd/scripts/radiusclient/dictionary.ms
@@ -0,0 +1,81 @@
+#
+# Microsoft's VSA's, from RFC 2548
+#
+# $Id: dictionary.ms,v 1.1 2008-01-29 04:10:56 kwilson Exp $
+#
+
+VENDOR Microsoft 311 Microsoft
+
+ATTRIBUTE MS-CHAP-Response 1 string Microsoft
+ATTRIBUTE MS-CHAP-Error 2 string Microsoft
+ATTRIBUTE MS-CHAP-CPW-1 3 string Microsoft
+ATTRIBUTE MS-CHAP-CPW-2 4 string Microsoft
+ATTRIBUTE MS-CHAP-LM-Enc-PW 5 string Microsoft
+ATTRIBUTE MS-CHAP-NT-Enc-PW 6 string Microsoft
+ATTRIBUTE MS-MPPE-Encryption-Policy 7 string Microsoft
+# This is referred to as both singular and plural in the RFC.
+# Plural seems to make more sense.
+ATTRIBUTE MS-MPPE-Encryption-Type 8 string Microsoft
+ATTRIBUTE MS-MPPE-Encryption-Types 8 string Microsoft
+ATTRIBUTE MS-RAS-Vendor 9 integer Microsoft
+ATTRIBUTE MS-CHAP-Domain 10 string Microsoft
+ATTRIBUTE MS-CHAP-Challenge 11 string Microsoft
+ATTRIBUTE MS-CHAP-MPPE-Keys 12 string Microsoft encrypt=1
+ATTRIBUTE MS-BAP-Usage 13 integer Microsoft
+ATTRIBUTE MS-Link-Utilization-Threshold 14 integer Microsoft
+ATTRIBUTE MS-Link-Drop-Time-Limit 15 integer Microsoft
+ATTRIBUTE MS-MPPE-Send-Key 16 string Microsoft
+ATTRIBUTE MS-MPPE-Recv-Key 17 string Microsoft
+ATTRIBUTE MS-RAS-Version 18 string Microsoft
+ATTRIBUTE MS-Old-ARAP-Password 19 string Microsoft
+ATTRIBUTE MS-New-ARAP-Password 20 string Microsoft
+ATTRIBUTE MS-ARAP-PW-Change-Reason 21 integer Microsoft
+
+ATTRIBUTE MS-Filter 22 string Microsoft
+ATTRIBUTE MS-Acct-Auth-Type 23 integer Microsoft
+ATTRIBUTE MS-Acct-EAP-Type 24 integer Microsoft
+
+ATTRIBUTE MS-CHAP2-Response 25 string Microsoft
+ATTRIBUTE MS-CHAP2-Success 26 string Microsoft
+ATTRIBUTE MS-CHAP2-CPW 27 string Microsoft
+
+ATTRIBUTE MS-Primary-DNS-Server 28 ipaddr
+ATTRIBUTE MS-Secondary-DNS-Server 29 ipaddr
+ATTRIBUTE MS-Primary-NBNS-Server 30 ipaddr
+ATTRIBUTE MS-Secondary-NBNS-Server 31 ipaddr
+
+#ATTRIBUTE MS-ARAP-Challenge 33 string Microsoft
+
+#
+# Integer Translations
+#
+
+# MS-BAP-Usage Values
+
+VALUE MS-BAP-Usage Not-Allowed 0
+VALUE MS-BAP-Usage Allowed 1
+VALUE MS-BAP-Usage Required 2
+
+# MS-ARAP-Password-Change-Reason Values
+
+VALUE MS-ARAP-PW-Change-Reason Just-Change-Password 1
+VALUE MS-ARAP-PW-Change-Reason Expired-Password 2
+VALUE MS-ARAP-PW-Change-Reason Admin-Requires-Password-Change 3
+VALUE MS-ARAP-PW-Change-Reason Password-Too-Short 4
+
+# MS-Acct-Auth-Type Values
+
+VALUE MS-Acct-Auth-Type PAP 1
+VALUE MS-Acct-Auth-Type CHAP 2
+VALUE MS-Acct-Auth-Type MS-CHAP-1 3
+VALUE MS-Acct-Auth-Type MS-CHAP-2 4
+VALUE MS-Acct-Auth-Type EAP 5
+
+# MS-Acct-EAP-Type Values
+
+VALUE MS-Acct-EAP-Type MD5 4
+VALUE MS-Acct-EAP-Type OTP 5
+VALUE MS-Acct-EAP-Type Generic-Token-Card 6
+VALUE MS-Acct-EAP-Type TLS 13
+
+END-VENDOR Microsoft
diff --git a/ap/app/pppd/scripts/radiusclient/dictionary.sg b/ap/app/pppd/scripts/radiusclient/dictionary.sg
new file mode 100644
index 0000000..bdb74f6
--- /dev/null
+++ b/ap/app/pppd/scripts/radiusclient/dictionary.sg
@@ -0,0 +1,11 @@
+#
+# Secure VSAs
+#
+# $I$
+#
+
+VENDOR Secure 1573 Secure
+
+ATTRIBUTE SG-GroupName 1 string Secure
+
+END-VENDOR Secure
diff --git a/ap/app/pppd/scripts/redialer b/ap/app/pppd/scripts/redialer
new file mode 100644
index 0000000..5bbde4e
--- /dev/null
+++ b/ap/app/pppd/scripts/redialer
@@ -0,0 +1,96 @@
+#!/bin/sh
+###################################################################
+#
+# These parameters control the attack dialing sequence.
+#
+# Maximum number of attempts to reach the telephone number(s)
+MAX_ATTEMPTS=10
+
+# Delay between each of the attempts. This is a parameter to sleep
+# so use "15s" for 15 seconds, "1m" for 1 minute, etc.
+SLEEP_DELAY=15s
+
+###################################################################
+#
+# This is a list of telephone numbers. Add new numbers if you wish
+# and see the function 'callall' below for the dial process.
+PHONE1=555-1212
+PHONE2=411
+
+###################################################################
+#
+# If you use the ppp-on script, then these are passed to this routine
+# automatically. There is no need to define them here. If not, then
+# you will need to set the values.
+#
+ACCOUNT=my_account_name
+PASSWORD=my_password
+
+###################################################################
+#
+# Function to initialize the modem and ensure that it is in command
+# state. This may not be needed, but it doesn't hurt.
+#
+function initialize
+{
+ chat -v TIMEOUT 3 '' AT 'OK-+++\c-OK'
+ return
+}
+
+###################################################################
+#
+# Script to dial a telephone
+#
+function callnumber
+{
+chat -v \
+ ABORT '\nBUSY\r' \
+ ABORT '\nNO ANSWER\r' \
+ ABORT '\nRINGING\r\n\r\nRINGING\r' \
+ '' ATDT$1 \
+ CONNECT '' \
+ ogin:--ogin: $ACCOUNT \
+ assword: $PASSWORD
+#
+# If the connection was successful then end the whole script with a
+# success.
+#
+ if [ "$?" = "0" ]; then
+ exit 0
+ fi
+
+ return
+}
+
+###################################################################
+#
+# Script to dial any telephone number
+#
+function callall
+{
+# echo "dialing attempt number: $1" >/dev/console
+ callnumber $PHONE1
+# callnumber $PHONE2
+}
+
+###################################################################
+#
+# Initialize the modem to ensure that it is in the command state
+#
+initialize
+if [ ! "$?" = "0" ]; then
+ exit 1
+fi
+
+#
+# Dial telephone numbers until one answers
+#
+attempt=0
+while : ; do
+ attempt=`expr $attempt + 1`
+ callall $attempt
+ if [ "$attempt" = "$MAX_ATTEMPTS" ]; then
+ exit 1
+ fi
+ sleep "$SLEEP_DELAY"
+done
diff --git a/ap/app/pppd/scripts/secure-card b/ap/app/pppd/scripts/secure-card
new file mode 100644
index 0000000..0002365
--- /dev/null
+++ b/ap/app/pppd/scripts/secure-card
@@ -0,0 +1,111 @@
+#!/usr/local/bin/expect -f
+#
+# This script was written by Jim Isaacson <jcisaac@crl.com>. It is
+# designed to work as a script to use the SecureCARD(tm) device. This
+# little device is mated with a central controller. The number displayed
+# on this card changes every so often and you need to enter the number
+# along with your user account name in order to gain access. Since chat
+# is based upon fixed strings this procedure will not work with chat.
+#
+# It is included by permission. An excellent reference for the expect
+# program used by this script is in the book:
+#
+# "Exploring Expect"
+# by Don Libes
+# Published by O'Rielly and Associates
+#
+
+send_user "hello, starting ppp\n"
+
+system "stty 19200 -echoe -echo raw < /dev/ttyS3 > /dev/ttyS3"
+
+#
+# These are the parameters for the program.
+#
+set user Pxxxxxx
+set password xxxxxxx
+set modem /dev/ttyS3
+set dialup <put phone number here>
+set timeout 60
+
+spawn -noecho -open [open $modem "r+"]
+
+send "AT&F\r"
+expect "OK"
+
+send "ATe0v1x4&c1q0&d2&c1s2=128s0=0DT $dialup\r"
+set timeout 15
+set counter 0
+
+set still_connecting 1
+
+expect {
+ -re ".*CONNECT.*\n" {
+ set timeout 5
+ set still_connecting 0
+ continue -expect
+ }
+ -re ".*CONNECT.*\r" {
+ set timeout 5
+ set still_connecting 0
+ continue -expect
+ }
+ -re ".*NO.*CARRIER" {
+ send_user "Failed to Connect, exiting...\n"
+ exit
+ }
+ -re ".*NO.*DIAL.*TONE" {
+ send_user "Failed to Connect, exiting...\n"
+ exit
+ }
+ -re ".*VOICE" {
+ send_user "Failed to Connect, exiting...\n"
+ exit
+ }
+ -re ".*sscode:.*\n" {
+ continue -expect
+ }
+ -re ".*sscode:" {
+ set timeout -1
+ expect_user -re "(.*)\n"
+ send "$expect_out(1,string)\r"
+ set timeout 30
+ continue -expect
+ }
+ -re ".*Next.*:" {
+ set timeout -1
+ expect_user -re "(.*)\n"
+ send "$expect_out(1,string)\r"
+ set timeout 30
+ continue -expect
+ }
+ -re "Your.*" {
+ send "\r"
+ continue -expect
+ }
+ -re ".*in:" {
+ send "$user\r"
+ continue -expect
+ }
+ -re ".*word:" {
+ send "$password\r"
+ }
+
+ timeout {
+ if { $still_connecting > 0 } {
+ continue -expect
+ }
+ set timeout 15
+ send "\r"
+ incr counter
+ if { $counter > 8 } {
+ send_user "Cannot Connect\n"
+ exit
+ } else {
+ continue -expect
+ }
+ }
+}
+
+overlay -0 $spawn_id -1 $spawn_id pppd /dev/ttyS3 19200 192.111.187.215: \
+ crtscts modem defaultroute debug