Pppd invokes scripts at various stages in its processing which
can be used to perform site-specific ancillary processing. These
scripts are usually shell scripts, but could be executable code
files instead. Pppd does not wait for the scripts to finish
(except for the ip-pre-up script). The scripts are executed as
root (with the real and effective user-id set to 0), so that they
can do things such as update routing tables or run privileged
daemons. Be careful that the contents of these scripts do not
compromise your system's security. Pppd runs the scripts with
standard input, output and error redirected to /dev/null, and
with an environment that is empty except for some environment
variables that give information about the link. The environment
variables that pppd sets are:
DEVICE
The name of the serial tty device being used.
IFNAME
The name of the network interface being used.
IPLOCAL
The IP address for the local end of the link. This is
only set when IPCP has come up.
IPREMOTE
The IP address for the remote end of the link. This is
only set when IPCP has come up.
LLLOCAL
The Link-Local IPv6 address for the local end of the link.
This is only set when IPV6CP has come up.
LLREMOTE
The Link-Local IPv6 address for the remote end of the
link. This is only set when IPV6CP has come up.
PEERNAME
The authenticated name of the peer. This is only set if
the peer authenticates itself.
SPEED
The baud rate of the tty device.
ORIG_UID
The real user-id of the user who invoked pppd.
PPPLOGNAME
The username of the real user-id that invoked pppd. This
is always set.
For the ip-down and auth-down scripts, pppd also sets the
following variables giving statistics for the connection:
CONNECT_TIME
The number of seconds from when the PPP negotiation
started until the connection was terminated.
BYTES_SENT
The number of bytes sent (at the level of the serial port)
during the connection.
BYTES_RCVD
The number of bytes received (at the level of the serial
port) during the connection.
LINKNAME
The logical name of the link, set with the linkname
option.
CALL_FILE
The value of the call option.
DNS1
If the peer supplies DNS server addresses, this variable
is set to the first DNS server address supplied (whether
or not the usepeerdns option was given).
DNS2
If the peer supplies DNS server addresses, this variable
is set to the second DNS server address supplied (whether
or not the usepeerdns option was given).
Pppd invokes the following scripts, if they exist. It is not an
error if they don't exist.
/etc/ppp/auth-up
A program or script which is executed after the remote
system successfully authenticates itself. It is executed
with the parameters
interface-name peer-name user-name tty-device speed
Note that this script is not executed if the peer doesn't
authenticate itself, for example when the noauth option is
used.
/etc/ppp/auth-down
A program or script which is executed when the link goes
down, if /etc/ppp/auth-up was previously executed. It is
executed in the same manner with the same parameters as
/etc/ppp/auth-up.
/etc/ppp/ip-pre-up
A program or script which is executed just before the ppp
network interface is brought up. It is executed with the
same parameters as the ip-up script (below). At this
point the interface exists and has IP addresses assigned
but is still down. This can be used to add firewall rules
before any IP traffic can pass through the interface.
Pppd will wait for this script to finish before bringing
the interface up, so this script should run quickly.
/etc/ppp/ip-up
A program or script which is executed when the link is
available for sending and receiving IP packets (that is,
IPCP has come up). It is executed with the parameters
interface-name tty-device speed local-IP-address
remote-IP-address ipparam
/etc/ppp/ip-down
A program or script which is executed when the link is no
longer available for sending and receiving IP packets.
This script can be used for undoing the effects of the
/etc/ppp/ip-up and /etc/ppp/ip-pre-up scripts. It is
invoked in the same manner and with the same parameters as
the ip-up script.
/etc/ppp/ipv6-up
Like /etc/ppp/ip-up, except that it is executed when the
link is available for sending and receiving IPv6 packets.
It is executed with the parameters
interface-name tty-device speed local-link-local-address
remote-link-local-address ipparam
/etc/ppp/ipv6-down
Similar to /etc/ppp/ip-down, but it is executed when IPv6
packets can no longer be transmitted on the link. It is
executed with the same parameters as the ipv6-up script.
/etc/ppp/ipx-up
A program or script which is executed when the link is
available for sending and receiving IPX packets (that is,
IPXCP has come up). It is executed with the parameters
interface-name tty-device speed network-number
local-IPX-node-address remote-IPX-node-address
local-IPX-routing-protocol remote-IPX-routing-protocol
local-IPX-router-name remote-IPX-router-name ipparam
pppd-pid
The local-IPX-routing-protocol and
remote-IPX-routing-protocol field may be one of the
following:
NONE to indicate that there is no routing protocol
RIP to indicate that RIP/SAP should be used
NLSP to indicate that Novell NLSP should be used
RIP NLSP to indicate that both RIP/SAP and NLSP should be
used
/etc/ppp/ipx-down
A program or script which is executed when the link is no
longer available for sending and receiving IPX packets.
This script can be used for undoing the effects of the
/etc/ppp/ipx-up script. It is invoked in the same manner
and with the same parameters as the ipx-up script.