Dialmon 0.5 Mini-HOWTO
----------------------

This file is really just intended to give a few example setups for
dialmon, the diald monitor daemon.


1. My Old Setup
---------------

My old setup comprised a Linux box which acts as my gateway to the outside
world, plus a Windows 95 machine (which I use) and a WfWG 3.11 machine
(which my wife uses). The configuration files are nearly as below:

/etc/dialmon.conf
-----------------
[host]
	port	7002
	force	90
	fifo	/etc/diald/diald.ctl
	allow	up

[quaking]
	allow	down

/etc/dialmon.users
------------------
[mike]
	allow up
	allow down

[tina]
	allow up
	allow down

The /etc/dialmon.conf file is pretty straightforward. diald is in the
standard place, and I use port 7002 for dialmon. Any client can, by
default, bring the link up. In addition, a client on "quaking" (which
is actually the Linux box) can take the link down.

In trust both myself (mike) and my wife (tina) to be sensible about
taking the link down, so both are allowed up and down. You need to provide
allow up, even though it is the default, as the user entry overrides the
default client entry.

Note that both Mike and Tina must be users on the Linux box.

2. Some security
----------------

Suppose that I wanted to allow Alan access to dialmon, but only to bring
the link up; nobody else has access at all. Like Mike and Tina, Alan must
be a Linux box user.

/etc/dialmon.conf
-----------------
[host]
	port	7002
	force	90
	fifo	/etc/diald/diald.ctl

/etc/dialmon.users
------------------
[mike]
	allow up
	allow down

[tina]
	allow up
	allow down

[alan]
	allow up	



3. Some security part 2
-----------------------

Now, maybe I want to allow everyone other than Mike and Tina to be able
to bring the link up. However, none of them are Linux box users. So,
create a Linux box user called, say "dialuser", with password "niflheim" [*],
but remove the login shell entry from /etc/passwd (so "dialuser" cannot
be used to login in). Then:

/etc/dialmon.conf
-----------------
[host]
	port	7002
	force	90
	fifo	/etc/diald/diald.ctl

/etc/dialmon.users
------------------
[mike]
	allow up
	allow down

[tina]
	allow up
	allow down

[default]
	passwd dialuser
	allow up	

The [default] section covers any user other than Mike and Tina, and
says that they must be able to supply the "dialuser" password.

4. Manual Only
--------------

One dialmon user reported that he used it only as a way to bring up
and take down the link. diald is given no rules, so its a sort of
manually operated ppp command. Everyone is trusted. This is for you;
the /etc/dialmon.users file can be empty (or need not exist). Note
that this has changed in version 0.5-1

/etc/dialmon.conf
-----------------
[host]
	port	7002
	force	90
	fifo	/etc/diald/diald.ctl
	allow	set

5. Multiple Configurations
--------------------------

For various reasons, I use two ISPs. Planet and Demon, and need to be
able to switch between them. So, I have two configuration files for
diald, and put the following in /etc/dialmon.conf and /etc/dialmon.users:

/etc/dialmon.conf
-----------------
[host]
	....
	ddconf	Planet	"/usr/sbin/diald -daemon -f /etc/diald.conf.planet"
	ddconf	Demon	"/usr/sbin/diald -daemon -f /etc/diald.conf.demon"

/etc/dialmon.users
------------------
[mike]
	....
	allow	ctrl

The script in /etc/rc.d/init/diald which starts diald now has just
the following line to start things up; dialmon itself will spawn
diald and will restart it when requested or when it dies. dialmon will
also kill of a ppp daemon for ppp0 when restarting diald.

	daemon /usr/sbin/dialmon -rDemon -pppp0 -b28800

The "allow ctrl" allows me to switch configurations and to restart
diald, but now anyone else.

7. Worrying Diald Behaviour
---------------------------

You might find a situation where diald is bringing up the link at
odd times for some reason that, pending further investigation, is
not understood. As a result, you may have difficulty sleeping at
night, or concentrating during the day, because of worries that your
telephone bill is going through the roof!

To get around this, set up dialmon for multiple configurations
(even if you only have one) and then all the -i option to the dialmon
command line.

	daemon /usr/sbin/dialmon -rDemon -pppp0 -b28800 -i

This adds an extra configuration called "Idle". When this one is
selected and the restart command is given, diald is stopped completely.
No link up, no bills, sleep on.

Alternatively, if you are a little less paranoid, there is the
following. This allows user mike to send block (and force) commands.

/etc/dialmon.users
------------------
[mike]
	....
	allow	set


Mike Richardson
mike@quaking.demon.co.uk
http://www.quaking.demon.co.uk, http://www.min.a-i-s.co.uk

[*]
Niflheim lies under the left-hand root of the world-tree, Yggdrasil. It
is a place of darkness and mists, wherein lies hell. It is also
under the Totes Gebirge in Austria ....
