A few things changed when I upgraded from my original Ricochet to my new Ricochet GS modem, and changed from Ricochet to Wireless Web Connect (WWC) as my provider. I started with instructions from http://phobos.illtel.denver.co.us/~abelits/metricom/. These instructions created for RedHat 7.0, but will probably work with 6.2, and should work with most pppd servers. I have not tried setting up the USB interface; only serial. USB requires a kernel upgrade to at least 2.2.18, plus installation of whatever scripts and utilities are needed to run USB. Please see www.linux-usb.org for more details
$ cat /etc/ppp/peers/r2 ttyS0 115200 crtscts ## first line should point at the correct serial port ipparam ricochet connect '/usr/sbin/chat -v -f /etc/sysconfig/network-scripts/chat-r2' # The novj option was needed in the original Ricochet network, but not # with R2 network / GS modem #novj noauth noipdefault # uncomment the following for dial on demand demand # hangup if idle for 1800 seconds = 30 minutes idle 1800 # it takes 30 seconds for the ricochet to hang up, so wait 30 seconds # after a hangup before attempting to dial again holdoff 30 # make ppp0 your default route to the outside world defaultroute # define the name of the ppp server you're dialing into remotename wwc ## Configure the following two so that the user/password match your WWC ## POP username/password. Without a user/passwd, you cannot logon. ## This behaviour is different, compared to the original Ricochet network ## NOTE: password is stored in /etc/ppp/pap-secrets user kjw $ cat /etc/ppp/pap-secrets # Secrets for authentication using PAP # client server secret IP addresses kjw wwc -YOUR-PASSWORD-HERE- $ cat /etc/sysconfig/network-scripts/chat-r2 ABORT "NO CARRIER" ABORT "NO DIALTONE" ABORT "ERROR" ABORT "NO ANSWER" ABORT "BUSY" "" "at" OK "atz" OK "atdt3333" CONNECT
To start the configuration, run as root 'pppd call r2' or whatever you've named the configuration file in /etc/ppp/peers. If you have dial on demand, you'll have to ping the ppp interface (ping 10.112.112.112) to get the interface started.
/etc/resolv.conf can be created by pppd, but because of dial-on-demand, I like to hard code it:
$ cat /etc/resolv.conf nameserver 198.252.32.87 nameserver 198.252.32.88
To start pppd at boot, add the following to /etc/rc.d/rc.local:
pppd call r2 ping -i 15 -c 10 10.112.112.112 >/dev/null 2>&1 &
To force ppp to hang up, you can either stop pppd completely with "killall pppd" or if just temporary (and you use dial-on-demand), you can issue "killall -HUP pppd".
I regularly see ~200ms for latency, and 10-12kbyte/sec downloads. Your performance WILL vary, especially by radio strength and number of redundant antennas your modem can see nearby.
As always, putting up a Linux server on the 'net is dangerous. If you're running any stock version of Linux (i.e. no security patches) you are guaranteed to be vulnerable. My recommendation is to turn everything that you can off, and those that you can't, you packet filter them with ipchains. If you must keep the server up all the time or for long periods of time, you must also review your security logs daily. If you don't do so, you'll never know when (not if!) you've been compromised. Yes, it's cynical, but yes it's realistic.
To figure out what services still need to be turned off, use "netstat -na" and look for "0.0.0.0:*" under Foreign Addresses. For example:
kjw@serval:~ $ netstat -na Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 0.0.0.0:6000 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:515 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN udp 0 0 0.0.0.0:67 0.0.0.0:*This listing shows three tcp ports in the LISTEN state and one udp port waiting for input. Referring to /etc/services, we can start to get some idea of what these ports are used for:
(incomplete) ipchains -vnLIMPORTANT: This is not a complete security guide, just a quickie guide. If your configuration is any different (multiple interfaces, masquerading, more) please refer to the more complete firewall security howto's available on the Net.