Archlinux下连接中国电信网络

无线篇

这里其实本质上是连接无线AP,和中国电信没多大关系了。
环境:
中国电信带路由的modem 已经配置好路由认证。(即通过wifi连接无线即可上网,客户端电脑无需再进行认证)
路由默认ip 192.168.1.1 ,开启了dhcp功能。
无线认证方式:wpa-psk
无线路由认证程序依旧是用的wpa_supplicant(在《Archlinux 连无线网手记》一文中已有介绍)。
搜索可用ssid:

1
2
sudo ifconfig wlan0 up
iwlist wlan0 scanning

生成wpa_key:

1
wpa_passphrase 无线AP的ssid "密钥" >/etc/wpa_supplicant_xx.conf

生成的wpa supplicant 配置文件内容类似于:

1
2
3
4
5
network={
    ssid="ChinaNet-5R3F"
    #psk="密钥明文"
    psk=f61db5ad70477eee51eb544300212f24cedad736597430ff22d29f54xxxxxxxx
}

这里,要修改下刚才生成的配置文件,把 #psk=”密钥明文” 前面的注释取消,后面的psk=xxxxxxxx…注释掉。
然后,写个sh脚本来连无线AP:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
└─[$] <> cat wlan_chinatelecom
#!/bin/bash
echo "configure wlan0 inet address and netmask ......"
sudo ifconfig wlan0 inet 192.168.1.4 broadcast 192.168.1.255 netmask 255.255.255.0 up
echo "wlan0 is up now ......"
sudo wpa_supplicant -Dwext -iwlan0 -c/etc/wpa_supplicant_renlei.conf -B
echo "wpa_supplicant is running now ......"
echo "deleting default route via eth0 ......"
sudo route delete default
echo "adding default route for wlan0 ......"
sudo route add -net 0.0.0.0 netmask 0.0.0.0 gw 192.168.1.1 dev wlan0
echo "default route has been added."
echo "now test the link ......"
ping -c4 192.168.1.1
ping -c4 www.google.com

为什么我这里没有使用dhcp方式从路由获取ip呢?因为archlinux默认是没有带dhclient这个工具的,我之前也没有安装。因此,先手动设置ip吧。
后面安装上dhclient后可以用sudo dhclient wlan0 来自动获取ip.
如果认证失败可以取消wpa_supplicant的 -B 参数试试。


PPPoE认证

环境:通过5类网线连接modem拨号认证。
如果认证失败可在用户名前面加两个^ (6键上面的那个符号).这个各地的规则可以不同。各地方有不同的算法来确定最终发送出去的用户名。
这里我使用的是pppoe系列的脚本来完成工作的。
设置pppoe:

1
sudo pppoe-setup

认证:

1
sudo pppoe-start

查看认证状态:

1
sudo pppoe-status

断开连接:

1
sudo pppoe-stop

连接成功后如无法ping通外网,可查查看下默认路由是否正确。

1
2
3
4
5
6
7
8
9
route -vn
sudo route delete default
sudo route add default ppp0
└─[$] <> route -vn
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         0.0.0.0         0.0.0.0         U     0      0        0 ppp0
192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
222.247.144.1   0.0.0.0         255.255.255.255 UH    0      0        0 ppp0

然后ping下谷哥~~

1
2
3
4
5
6
7
8
9
10
└─[$] <> ping -c4 www.google.com
PING www.l.google.com (74.125.71.147) 56(84) bytes of data.
64 bytes from hx-in-f147.1e100.net (74.125.71.147): icmp_req=1 ttl=53 time=61.8 ms
64 bytes from hx-in-f147.1e100.net (74.125.71.147): icmp_req=2 ttl=53 time=61.3 ms
64 bytes from hx-in-f147.1e100.net (74.125.71.147): icmp_req=3 ttl=53 time=60.5 ms
64 bytes from hx-in-f147.1e100.net (74.125.71.147): icmp_req=4 ttl=53 time=59.4 ms

--- www.l.google.com ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3003ms
rtt min/avg/max/mdev = 59.425/60.799/61.835/0.926 ms

不使用pppoe-xxxx的方法

pppoe-setup这个脚本,实际上是修改了ppp的配置。
在chap-secrets和pap-secrets文件中均加了一行:

1
"PPPoE认证用户名"  *   "PPPoE认证密码"

然后,它修改了pppoe.conf中的网卡/用户名/密码/防火墙模式:

1
2
3
4
ETH='eth0'
USER='PPPoE认证用户名'
# Firewalling: One of NONE, STANDALONE or MASQUERADE
FIREWALL=STANDALONE

同时,还把pppoe配置保存到了/etc/ppp/pppoe.conf 文件中,此文件主要内容如下:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
# When you configure a variable, DO NOT leave spaces around the "=" sign.

# Ethernet card connected to DSL modem
ETH='eth0'

# PPPoE user name.  You may have to supply "@provider.com"  Sympatico
# users in Canada do need to include "@sympatico.ca"
# Sympatico uses PAP authentication.  Make sure /etc/ppp/pap-secrets
# contains the right username/password combination.
# For Magma, use xxyyzz@magma.ca
USER='PPPoE认证用户名'

# Bring link up on demand?  Default is to leave link up all the time.
# If you want the link to come up on demand, set DEMAND to a number indicating
# the idle time after which the link is brought down.
DEMAND=no
#DEMAND=300

# DNS type: SERVER=obtain from server; SPECIFY=use DNS1 and DNS2;
# NOCHANGE=do not adjust.
DNSTYPE=SERVER

# Obtain DNS server addresses from the peer (recent versions of pppd only)
# In old config files, this used to be called USEPEERDNS.  Changed to
# PEERDNS for better Red Hat compatibility
PEERDNS=yes

DNS1=
DNS2=

# Make the PPPoE connection your default route.  Set to
# DEFAULTROUTE=no if you don't want this.
DEFAULTROUTE=yes

这里的配置项的值是你运行pppoe-setup时设定的。

再说下pppoe-connect ,查看下进程可以看到类似如下命令行:

1
2
/usr/sbin/pppd pty /usr/sbin/pppoe -p /var/run/pppoe.conf-pppoe.pid.pppoe -I eth0 -T 80 -U  -m 1412    noipdefault noauth default-asyncmap defaultroute hide-password nodetach usepeerdns mtu 1492 mru 1492 noaccomp nodeflate nopcomp novj novjccomp user PPPoE认证用户名 lcp-echo-interval 20 lcp-echo-failure 3
/usr/sbin/pppoe -p /var/run/pppoe.conf-pppoe.pid.pppoe -I eth0 -T 80 -U -m 1412

可以看到后面加一了堆参数。这些参数可以写在一个配置文件的(放在/etc/ppp/目录下面),如:

1
sudo touch /etc/ppp/chinatelecom

内容为:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
# /etc/ppp/peers/your_provider
 
plugin rp-pppoe.so
# rp_pppoe_ac 'your ac name'
# rp_pppoe_service 'your service name'
 
# network interface
eth0
# login name
name "用户名"
usepeerdns
persist
# Uncomment this if you want to enable dial on demand
#demand
#idle 180
defaultroute
hide-password
noauth
noaccomp
nodeflate
nopcomp
novj
novjccomp

然后还要编辑/etc/ppp/pap-secrets文件,加上一行(其实这个在上面已经有说到了):

1
PPPoE认证用户名 * PPPoE认证密码

然后通过

1
pppd call chinatelecom

1
pon chinatelecom

启动。
若后面不加参数,则默认会使用/etc/ppp/peers/provider这个配置,所以我们可以做个符号链接:

1
sudo ln -s /etc/ppp/peers/chinatelecom /etc/ppp/peers/provider

然后只要简单地

1
pon

1
poff chinatelecom

开机启动认证:
修改rc.conf文件,添加MODULE:
MODULES=(… ppp-generic …)
添加DAEMON:
DAEMONS=(… network … ppp …)
若在/var/log/errors.log看到
pppd[nnnn]: not replacing existing default route via xx.xx.xx.xx
错误,可新建一/etc/ppp/ip-pre-up,内容如下:

1
2
#!/bin/sh
/sbin/route del default

设置好合适的权限:

1
chmod +x /etc/ppp/ip-pre-up

然后重启pppd:

1
/etc/rc.d/ppp restart

此部分参考了:https://wiki.archlinux.org/index.php/PPPoE_Setup_with_pppd

更多
No Responses Post a comment

Leave a Reply

Note: You may use basic HTML in your comments. Your email address will not be published.

Subscribe to this comment feed via RSS