Arch Linux

turboNOMAD

Member

From: Ukraine

Registered: 2009-09-06

Posts: 21

[SOLVED] /etc/ppp/ip-up.d/* scripts don't run

Hello everybody.
I have 3G internet connection which has to be shared to my home network. To set up sharing I have created a script anp put it un /etc/ppp/ip-up.d/.
The script's file name is /etc/ppp/ip-up.d/setupiptables, "executable" property is on, and file permissions are set to 777.
When I run pppd via command-line (via "pon") the script seems to run successfully.

The problem is, the script doesn't run when pppd starts as a daemon. I have added it to the daemons list in /etc/rc.conf and it successfully connects to the network at system startup, but does not execute any scripts in /etc/ppp/ip-up.d/. How should I fix that?

Last edited by turboNOMAD (2009-09-09 15:37:47)

mcover

Member

From: Germany

Registered: 2007-01-25

Posts: 134

Re: [SOLVED] /etc/ppp/ip-up.d/* scripts don't run

Can you paste the script?

EDIT: According to /etc/ip-{up,down}, script names in /etc/ip-{up,down}.d need to end with .sh - rename your script, if it still does not work, paste it.

Last edited by mcover (2009-09-06 17:17:03)

turboNOMAD

Member

From: Ukraine

Registered: 2009-09-06

Posts: 21

Re: [SOLVED] /etc/ppp/ip-up.d/* scripts don't run

Here is the script:

$ cat /etc/ppp/ip-up.d/setupiptables.sh
#!/bin/sh
modprobe ipt_MASQUERADE
iptables -F; iptables -t nat -F; iptables -t mangle -F
iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -m state --state NEW -i ! ppp0 -j ACCEPT

As you see, I have renamed it and now will reboot to test if it works.
BTW, is something wrong with the script? When running it iptables issues a warning which I don't understand:

Using intrapositioned negation (`--option ! this`) is deprecated in favor of extrapositioned (`! --option this`).

I made the script using a how-to and don't understand everything in it...

turboNOMAD

Member

From: Ukraine

Registered: 2009-09-06

Posts: 21

Re: [SOLVED] /etc/ppp/ip-up.d/* scripts don't run

No, it stll doesn't work.

mcover

Member

From: Germany

Registered: 2007-01-25

Posts: 134

Re: [SOLVED] /etc/ppp/ip-up.d/* scripts don't run

There is nothing wrong with your script as such. It should get executed, since the daemon script just calls pon as well. You could verify that iptables holds your rules with: iptables -L; iptables -t nat -L

While we're at it, do not set the permissions to 777, rather set it to 755. You don't want every user to be able to modifiy the script. Also to save you some time, just run instead of rebooting: /etc/rc.d/ppp restart

How can you tell your script does not get executed? Does the forwarding work when you manually run pon?

turboNOMAD

Member

From: Ukraine

Registered: 2009-09-06

Posts: 21

Re: [SOLVED] /etc/ppp/ip-up.d/* scripts don't run

When pon is run manually, forwarding doesn't work and iptables shows empty lists.

EDIT: but if I modify my script by adding a "touch somefile" line, the file gets created. That's strange. Script runs, but does nothing to iptables. Maybe a run permission issue? How to configure that?

Last edited by turboNOMAD (2009-09-06 20:03:48)

mcover

Member

From: Germany

Registered: 2007-01-25

Posts: 134

Re: [SOLVED] /etc/ppp/ip-up.d/* scripts don't run

If it's run as root, there is no problem with permissions. So the daemon isn't an issue and pon shouldn't be either, given you executed it as root.

There is not much more help that could be given here, unless you would provide a bit more debug info. Try executing the script without pon and see what iptables -L shows you. Look at /var/log/messages.log and see if there is anything. Then show us the ouput of what you did. Embed everything from your terminal output or any code with the code-tag like so:

iptables -L
# just an example

I'm sure its a silly mistake somewhere

turboNOMAD

Member

From: Ukraine

Registered: 2009-09-06

Posts: 21

Re: [SOLVED] /etc/ppp/ip-up.d/* scripts don't run

If I manually execute my script, iptables correctly shows two added rules:

# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED 
ACCEPT     all  --  anywhere             anywhere            state NEW 

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

There is nothing new in the message log.

Last edited by turboNOMAD (2009-09-09 13:28:03)

PeteMo

Member

From: H'Burg, VA

Registered: 2006-01-26

Posts: 191

Website

Re: [SOLVED] /etc/ppp/ip-up.d/* scripts don't run

I ran into this recently, and I believe you have to specify the full path to any executables you call in your script.

turboNOMAD

Member

From: Ukraine

Registered: 2009-09-06

Posts: 21

Re: [SOLVED] /etc/ppp/ip-up.d/* scripts don't run

I ran into this recently, and I believe you have to specify the full path to any executables you call in your script.

Great thanks! I have read your post and solved the problem similarly: just put

PATH=$PATH:/usr/sbin

at the start of my script. And everything now works PERFECTLY.

Thanks everybody for your patience in dealing with someone else's noobish problems!