|remotehost||(str) IP Address or DNS name of remote host running ssltunnel server.|
|port||(int) Port on which the remote ssltunnel server is listening. Defaults to 443.|
|useproxy||(bool) If set, pppclient should connect using an HTTP Proxy. Defaults to 0.|
|proxy||(str) IP Address or DNS name of HTTP Proxy to use. No default.|
|proxyport||(int) Proxy port, defaults to 8080.|
|proxyuser||(str) Username to send for authentication on proxy. Defaults to none.|
|proxypass||(str) Password to send for authentication on proxy. Defaults to none.|
|autoreconnect||(bool) If set to 1, if link goes down (ppp exit), pppclient will try to reconnect to server after waiting for 10 seconds.|
|timeout||(int) Timeout in seconds used in many operations such as reading banner, reading proxy response, ... Defaults to 10.|
localppp (str) pppd local path on client. Defaults to /usr/sbin/pppd. bsdppp (bool) If set to 1, launches ppp program with options suitable for BSD userland ppp(1) program. Defaults to 0. localproxyarp (bool) If set to 1, pppd will be launched with proxyarp option, allowing remote host to have a local LAN address and be seen on the LAN without routing changes. Defaults to 0. localechoint (int) Number of seconds between LCP-Echo requests sent to the remote peer. This is used to monitor link and exit if peer does not respond anymore. See also next option. Defaults to 10. localechofail (int) Number of LCP-Echo requests lost (no LCP-Echoreply received) before declaring link dead. Defaults to 10. peer (str) Name of ppp peer. If set, pppd will look for options in /etc/ppp/peers. If not set, you will probably need to set noauth option in /etc/ppp/options. When using BSD Userland ppp, this is the label name used (ppp is launched with ppp -direct peer command line). Defaults to none. ipparam (str) Set the pppd ipparam parameter, which is passed to /etc/ppp/ip-up script when link goes up. This can be used for example to set different routes automatically depending on your target. Defaults to none.
cacertfile (str) File containing in PEM format the CA authorities trusted by the client. Beware that if you put unsecure or unknown certs in this file, someone can hijack your connexion. certfile (str) File containing in PEM format your certificate, signed by a CA authority trusted by the server. keyfile (str) File containing the private RSA key used with the certificate. If the key is protected by a passphrase, it will be asked during initialization of OpenSSL layer.
verbose (bool) If set, pppclient will log on STDERR server responses and print a line for every packet sent or received. Defaults to 1. You probably want to turn this off if using pppclient in daemon mode. daemon (bool) If set, pppclient will fork and detach from terminal after reading configuration file. Defaults to 0. logfile (str) When started in daemon mode, pppclient will normally log with syslog (local6 facility). If set, then log are appended to this file.
Example below of a configuration file will connect to 192.168.200.1 port 443, by using proxy 192.168.10.1 (port 3128) with rominet user and fubar password. pppd will be called with ssltunnel peer name.
# My Certificates
# My Proxy configuration
The file /etc/ppp/peers/ssltunnel will simply be, assuming remote host will not ask for PAP or CHAP authentication :
and /etc/ppp/ip-up will place some routes to hosts 192.168.200.10 and 192.168.200.11 inside the tunnel (example is for FreeBSD, see route(8) for your system) :
if [ $6 = tunnel ]; then
/sbin/route add -host 192.168.200.10 -iface $1
/sbin/route add -host 192.168.200.11 -iface $1
$HOME/.ssltunnelrc Default configuration file. /etc/ppp/options pppd Configuration /etc/ppp/ppp.conf BSD Userland ppp Configuration /etc/ppp/ip-up Script run when interface goes up
Please report them !
Alain Thivillon <firstname.lastname@example.org>
|SSLTUNNELRC (5)||September 06, 2003|