November 27th, 2003, 01:02
Desktop FreeBSD Part 6: User PPP Connections
Ed Hurst 26 November 2003

================================================== ======================

By this time, you should have guessed that running KDE takes a large
chunk of machine resources. Really old machines will run this latest
version of KDE quite slowly. I chose it for the FreeBSD beginner because
it's a good safe place to start, with so many built-in tools. One of the
most important ones up to now has been KPPP -- the dialup tool. In this
lesson we are going to learn how to dialup without KPPP. With that,
about the only reason to keep using KDE is simply that you like it.

First of all, let's review a basic concept from the Clueless User's
Guide series: everything on the Open Source computer is a file. In your
/dev folder is kept all sorts of "devices" which are linked there as
files. A "device" may be nothing more than a particular protocol by
which the kernel communicates to the hardware. During the lesson on
Initial Setup, we talked about making sure the firewall had matching
entries for "ppp0" and "tun0". Each of those is a protocol linked in
your /dev folder. When you use KPPP to connect to the Internet, it uses
the ppp0 device.

However, FreeBSD has built into it another device which allows a
greater flexibility. For now, the one thing you need to know about the
tun0 interface is that it stands for the word "tunnel" and that it
stands ready to handle the Internet when IP addresses will have to
change their format. You may recall that IP addresses are not the handy
names you use to identify a website, such as "www.some-site.com", but
the numbering system to which those names are a reference. In your
/etc/firewall.conf file you should have some of those IP addresses
added to allow your computer to ask for DNS: the service that matches
the names to the numbers. The standard IP address now is four sets of
digits, separated by a dot or period: 12.345.67.980 -- it might have
between one and three digits for each set. In the near future, the
Internet might run out of such numbers and will need to start using a
new scheme, with six sets of numbers. The tunnel interface on FreeBSD
is setup to use that new scheme already.

For now, we've turned that feature off, but the tunnel interface is
built into the kernel, and is the device used for the built-in dialing
system. During the installation of FreeBSD, you were supposed to type in
certain information for the Network Connection setup. That information
was written to some files that we need to look at, in the /etc/ppp/
folder. You must log in as root to work there.

We've already edited the "options" file and can leave it alone for now.
Our interest is the "ppp.conf" file. You can open the file with Joe
(or whatever editor you prefer):

joe ppp.conf

Most of what you find there will probably be over your head. It took me
a week of reading in books, Internet tutorials and bundled documentation
befor I began to feel like I understood most of it. Fortunately, the
installer probably did a great job of getting most everything there.

Notice the format. There are at least two sections, each marked by a
keyword that is flush with the left margin. In mine, those words are
"default:" and "papchap:" and it's a good chance yours is the same:

set log Phase Chat LCP IPCP CCP tun command
ident user-ppp VERSION (built COMPILATIONDATE)
set device /dev/cuaa0

set speed 115200
set timeout 180 # 3 minute idle timer (the default)
enable dns # request DNS info (for resolv.conf)
allow users jeh

set phone 9995551234
set authname user
set authkey PassWord
set redial 5+5 3

set ifaddr
add default HISADDR # Add a (sticky) default route

Don't forget that any line starting with a hash-mark (#) is ignored by
the software, so I've left them out of my sample. Also, my ISP's phone
number is bogus, as are the account name and password. Notice that all
the lines below each header are indented one space. We have to stay
with that format or the dialer won't work.

The first section is named "default:" in case you have more than one
connection, or more than one dialup account. Of course, you should
double check to make sure that the "set device" line uses the correct
link from the /dev folder for your modem. Recall that "cuaa0" is the
first COMM port. There is only one line I have that you probably don't,
at the bottom of the section: the "allow users" command followed by the
account name(s) on =your= machine allowed to dial out. If you have
other users with an account on your computer (besides root) and you
want them to have that option, simply leave a space and add their name
on the end of the same line.

The second section would normally be a name you have chosen as the
nickname for your ISP. Since I only have one ISP, the default heading
is "papchap:". The entire phone number should be there. You can also
add prefixes that are necessary for various types of phone service. For
example, in the US, if your phone line has the "call-waiting" service,
you can put in front of the phone number "*70" (most locations) and at
least one comma, and two are better. The commas tell your modem to wait
a second or so for the phone service to react to the command:

set phone *70,,9995551234

The "authname" should be your user account name =at your ISP=. The
"authkey" is your ISP account password, in plain text. Everything else
should be pretty much the same. Out in the woods where I live, the
phone lines are ancient, and my connection is likely to be dropped
without notice. I want my system to re-dial automatically, so I have
"set redial". If you do not like the auto-redial, leave that line out.
The numbers are explained in the FreeBSD Handbook (section 18) and in
more detail in the ppp man page (type "man ppp" on the command line)
but both are likely to confuse some readers. The numbers I have are a
good default.

The rest shouldn't need your attention. Save the file, then still as
root go up one folder to /etc:

cd /etc

There you should find a file named "group" that you will open in an
editor. Look down the list for the line that says "network". You need
to make sure that you place in the network group every user who should
have permission to dial out:


In my case, I'm the only user on my machine, but you can add more by
separating each additional name with a comma, but no spaces.

If all is well, nothing more need be done. Your user account can now
dial out and connect to the ISP. But how?

The command in this case is as follows:

ppp -background papchap

That is the "ppp" command, with the option to work in the background,
and connecting to the only ISP I have, which is by default nicknamed
"papchap". What should happen is that you should hear the modem dial,
as with KPPP, and connect. You will see some useful feedback from the
ppp command. Using the "-background" option simply tells my system I
want it to do the job without any other input from me, and that I want
the command line back when it's connected. That way, from the same
Konsole window I can run Fetchmail, for example. When you are ready to
disconnect, there's no elegant way to do it. You have to simply kill the

killall ppp

That command says to kill every process named "ppp".

After awhile, it can be a bit of nuisance to type everything out at full
length. Here the built-in script function of Open Source and the Bash
Shell commands will provide an answer.

First, make a sub-folder in your home directory:

mkdir bin

Using the "cd" command with no other information takes you home. The
name of the folder tells the system you will have commands there that
you want to use. This assumes you have made Bash your default shell --
that is, your default CLI command system. In fact, you probably open a
Konsole window with a prompt that includes the name "bash" in it.

A script is nothing more than a set of commands, just like what you
could type on the command line, but all run together as a single
command. Every Bash Script has this line at the top:


This tells your system to use Bash to interpret the following commands.
While most scripts are complicated and long, you learn to write them by
starting with something simple, such as a pair of commands to dial up
and to break the connection. In this case, it is very simple: just add
the shell ID line and the command for dialing out. Move into your ~/bin
directory and open a new file:

cd ~/bin

Recall that the tilde character (~) is shorthand for "my home
directory" in Open Source systems. Joe will open a new file. Type that
ID line, followed by the command to dial up:

ppp -background papchap

Now save the file with the name "Netup" and close it. Now open another
and put these lines in it:

killall ppp

Save it as "Netdn" and close it. Now, open your file browser,
Konqueror, and navigate into your new "bin" directory. Select both
files -- Netup and Netdn -- by dragging your pointer across the window
so that you draw a box around the both. Right click on one of them, and
select "Properties" and then the "Permissions" tab. Check the boxes
that allow "User" to "Execute". Click "OK". Now you can go back to the
Konsole window and type on the command line "Netup" and it should dial
the same as before. To drop the connection, type "Netdn" and it should
work. Please note that in Open Source systems, it makes a difference
whether you capitalize. Most software commands in FreeBSD use only
lower-case letters. Thus, your own personal scripts should have the
first letter capitalized to avoid the chance you might give a command
you don't know about that would mess things up.

Now it won't matter which desktop you use, because you can simply open
a terminal window (most menus offer Xterm) and connect without worrying
about KPPP. FreeBSD has the option to use any number of desktop
systems, and the light-weight ones are simply called "window managers".
Ask a user group what the favorites are and why. Or visit


for a good survey of the most popular desktop systems and window

=In our next lesson, we will take care of a collection of minor tasks to
make life a little easier working in Xterm and Konsole.=