summaryrefslogtreecommitdiffstats
path: root/wiki/src/blueprint/Add_Gnome_PPP_for_Dial-Up_Users.mdwn
blob: fb485359e5ef6d7f32d0ed35beca9030aebeedb5 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
[[!toc levels=2]]

# Rationale

Tails should be usable by those stuck with dial-up Internet access. Recent
events have shown that in some cases, dial-up might be the last option to
reach the Internet when broadband operators have been shut down.

# Roadmap

**Next thing to do**: make up our mind wrt. towards which one of the
possible solutions we want to go: [[!tails_ticket 6045]].

Possible solutions:

 * fix [[!debbug 258064]], but GNOME PPP looks dead upstream, so
   it might be an option to create a custom package handling resolvconf the way
   we want.
 * find alternative ways to use WvDial or PPP.

Ideal solution: [[!tails_ticket 5543]]

# Research

NetworkManager (and ModemManager) have full support for **mobile** modems. But
nothing for old school dial-up modems at the moment:
see [[!gnomebug 348330 desc="Integrated PPP support"]]

Fallback option: provide GNOME PPP, a GUI front-end to old but trusty WvDial.

# Dial-up emulation

Here is a method to test dial-up PPP connections without resorting to a real modem
and a real Internet provider available on the Plain Old Telephony System. It needs
a system running Tails and another one (the *gateway*) running standard Debian.
So this requires either two computers in the same LAN or runing Tails using
virtualization.

1. Prepare the networking stack on the *gateway*:

        # iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
        # sysctl -w net.ipv4.ip_forward=1

2. In Tails, create `.wvdial.conf`:

        [Dialer Defaults]
        Baud = 115200
        Init = ATZ
        Init2 = AT%R1
        Phone = 192.168.1.2:6789
        Username = test
        Password = test
        Carrier Check = off

   Replace the IP address in `Phone` with the IP address of the other system.

3. In Tails, install the `modemu` package.

4. In Tails, remove the default route to let room for the one provided by PPP:

        # ip route del default

5. On the *gateway* run:

        # pppd noauth local lock nodefaultroute persist debug nodetach 10.1.2.3:10.4.5.6 pty "nc -l 6789"

6. And fairly quickly (before `pppd` times out), run on Tails:

        $ sudo modemu -c 'ln -nsf %s /dev/modem ; wvdial -C .wvdial.conf'

Repeat the last two steps if the connection is broken at some point.

# PPPoE emulation

To ensure that PPPoE (broadband DSL) support is not broken by tweaks
to PPP configuration files, here is a test procedure. This needs
a standard Debian system (the *gateway*), and either a spare wired network card
or using virtualization.

This reciepe uses `kvm`, but could be easily adapted to other setups:

1. On the *gateway*, install the `pppoe` package.
2. On the *gateway*, create `/etc/ppp/pppoe-server-options`:

        debug
        noauth
        lcp-echo-interval 10
        lcp-echo-failure 2
        ms-dns 8.8.8.8
        defaultroute
        noipdefault

3. Start KVM, adding those arguments: `-net nic,model=virtio -net tap,ifname=tails`.
4. On the *gateway*, *up* this interface:

        # ip link set tails up

5. On the *gateway*, start the PPPoE server:

        # sudo pppoe-server -I tails -F -S test -m 1412

6. On Tails, you can now right-click the NetworkManager icon, and select
   *Edit connections...*. In the *DSL* tab, click *Add*. *Service name*
   should be set to `test`. Other settings should not matter.

7. On Tails, left-click the NetworkManager icon and selection the newly
   created connection.

To debug, use `tcpdump`, and look at `/var/log/syslog`.

# Implementation

## GNOME PPP

As WvDial (and thus GNOME PPP) is not integrated with NetworkManager in any
way, the hooks in `/etc/NetworkManager/dispatcher.d` are not normally run upon
connection.

They will be after adding the following script as
`/etc/ppp/ip-up.d/010call-nm-hooks`:

    #!/bin/sh

    run-parts --regex='^[a-z0-9-]+(\.sh)?$' /etc/NetworkManager/dispatcher.d --arg="$1" --arg="up"

But this will probably has the undesired effect of calling NetworkManager
hooks twice when using PPPoE. This does not look like a real issue, but Tor
is still restarted twice which is not nice.

Answer to this problem is fairly simple: when using WvDial with a good ol'
modem, a `SPEED` environment variable is defined when `01call-nm-hooks`
runs. Let's simply use this to determine if we should run NetworkManager hooks
manually.

Remaining issues:

* `gnome-ppp` conflicts with `resolvconf`, see [[!debbug 258064]].
* Clarify what groups must the user be part of to run wvdial /
  gnome-ppp? We've been told on the
  forum that
  the answer was `dialout` (which is already the case) and `dip`
  (which is not).