Desktop FreeBSD Part 6: User PPP Connections

By Ed Hurst | Posted at 5:33 PM
By this time, you should have guessed that running KDE takes a large chunk of machine resources. Really old machines will run this latest version of KDE quite slowly. I chose it for the FreeBSD beginner because it's a good safe place to start, with so many built-in tools. One of the most important ones up to now has been KPPP -- the dialup tool. In this lesson we are going to learn how to dialup without KPPP. With that, about the only reason to keep using KDE is simply that you like it.

First of all, let's review a basic concept from the Clueless User's Guide series: everything on the Open Source computer is a file. In your /dev (device) folder is kept all sorts of "devices" which are linked there as files. A "device" may be nothing more than a particular protocol by which the kernel communicates to the hardware. During the lesson on Initial Setup, we talked about making sure the firewall had matching entries for ppp0 and tun0. Each of those is a protocol linked in your /dev folder. When you use KPPP to connect to the Internet, it uses the ppp0 device.

However, FreeBSD has built into it another device which allows a greater flexibility. For now, the one thing you need to know about the tun0 interface is that it stands for the word "tunnel" and that it stands ready to handle the Internet when IP addresses will have to change their format. You may recall that IP addresses are not the handy names you use to identify a website, such as "," but the numbering system to which those names are a reference. In your /etc/firewall.conf file you should have some of those IP addresses added to allow your computer to ask for DNS: the service that matches the names to the numbers. The standard IP address now is four sets of digits, separated by a dot or period: 12.345.67.980 -- it might have between one and three digits for each set. In the near future, the Internet might run out of such numbers and will need to start using a new scheme, with six sets of numbers. The tunnel interface on FreeBSD is setup to use that new scheme already.

For now, we've turned that feature off, but the tunnel interface is built into the kernel, and is the device used for the built-in dialing system. During the installation of FreeBSD, you were supposed to type in certain information for the Network Connection setup. That information was written to some files that we need to look at, in the /etc/ppp/ folder. You must log in as root to work there.

We've already edited the options file and can leave it alone for now. Our interest is the ppp.conf file. You can open the file with Joe (or whatever editor you prefer):

   joe ppp.conf

Most of what you find there will probably be over your head. It took me a week of reading in books, Internet tutorials and bundled documentation befor I began to feel like I understood most of it. Fortunately, the installer probably did a great job of getting most everything there.

Notice the format. There are at least two sections, each marked by a keyword that is flush with the left margin. In mine, those words are default: and papchap: and it's a good chance yours is the same:

set log Phase Chat LCP IPCP CCP tun command
ident user-ppp VERSION (built COMPILATIONDATE)
set device /dev/cuaa0

set speed 115200
set timeout 180 # 3 minute idle timer (the default)
enable dns # request DNS info (for resolv.conf)
allow users jeh

set phone 9995551234
set authname user
set authkey PassWord
set redial 5+5 3

set ifaddr
add default HISADDR # Add a (sticky) default route

Don't forget that any line starting with a hash-mark (#) is ignored by the software, so I've left them out of my sample. Also, my ISP's phone number is bogus, as are the account name and password. Notice that all the lines below each header are indented one space. We have to stay with that format or the dialer won't work.

The first section is named default: in case you have more than one connection, or more than one dialup account. Of course, you should double check to make sure that the set device line uses the correct link from the /dev folder for your modem. Recall that cuaa0 is the first COMM port. There is only one line I have that you probably don't, at the bottom of the section: the allow users command followed by the account name(s) on your machine allowed to dial out. If you have other users with an account on your computer (besides root) and you want them to have that option, simply leave a space and add their name on the end of the same line.

The second section would normally be a name you have chosen as the nickname for your ISP. Since I only have one ISP, the default heading is papchap:. The entire phone number should be there. You can also add prefixes that are necessary for various types of phone service. For example, in the US, if your phone line has the "call-waiting" service, you can put in front of the phone number *70 (most locations) and at least one comma, and two are better. The commas tell your modem to wait a second or so for the phone service to react to the command:

set phone *70,,9995551234

The authname should be your user account name at your ISP. The authkey is your ISP account password, in plain text. Everything else should be pretty much the same. Out in the woods where I live, the phone lines are ancient, and my connection is likely to be dropped without notice. I want my system to re-dial automatically, so I have set redial. If you do not like the auto-redial, leave that line out. The numbers are explained in the FreeBSD Handbook (section 18) and in more detail in the ppp man page (type man ppp on the command line) but both are likely to confuse some readers. The numbers I have are a good default.

The rest shouldn't need your attention. Save the file, then still as root go up one folder to /etc:

   cd /etc

There you should find a file named group that you will open in an editor. Look down the list for the line that says network. You need to make sure that you place in the network group every user who should have permission to dial out:


In my case, I'm the only user on my machine, but you can add more by separating each additional name with a comma, but no spaces. If all is well, nothing more need be done. Your user account can now dial out and connect to the ISP. But how? The command in this case is as follows:

   ppp -background papchap

That is the ppp command, with the option to work in the background, and connecting to the only ISP I have, which is by default nicknamed papchap. What should happen is that you should hear the modem dial, as with KPPP, and connect. You will see some useful feedback from the ppp command. Using the -background option simply tells my system I want it to do the job without any other input from me, and that I want the command line back when it's connected. That way, from the same Konsole window I can run Fetchmail, for example. When you are ready to disconnect, there's no elegant way to do it. You have to simply kill the process:

   killall ppp

That command says to kill every process named "ppp."

After awhile, it can be a bit of nuisance to type everything out at full length. Here the built-in script function of Open Source and the Bash Shell commands will provide an answer.

First, make a sub-folder in your home directory:

   mkdir bin

Using the cd command with no other information takes you home. The name of the folder tells the system you will have commands there that you want to use. This assumes you have made Bash your default shell -- that is, your default CLI command system. In fact, you probably open a Konsole window with a prompt that includes the name bash in it.

A script is nothing more than a set of commands, just like what you could type on the command line, but all run together as a single command. Every Bash Script has this line at the top:


This tells your system to use Bash to interpret the following commands. While most scripts are complicated and long, you learn to write them by starting with something simple, such as a pair of commands to dial up and to break the connection. In this case, it is very simple: just add the shell ID line and the command for dialing out. Move into your ~/bin directory and open a new file:

   cd ~/bin

Recall that the tilde character (~) is shorthand for "my home directory" in Open Source systems. Joe will open a new file. Type that ID line, followed by the command to dial up:

ppp -background papchap

Now save the file with the name "Netup" and close it. Now open another and put these lines in it:

killall ppp

Save it as "Netdn" and close it. Now, open your file browser, Konqueror, and navigate into your new bin directory. Select both files -- Netup and Netdn -- by dragging your pointer across the window so that you draw a box around the both. Right click on one of them, and select "Properties" and then the "Permissions" tab. Check the boxes that allow "User" to "Execute." Click "OK." Now you can go back to the Konsole window and type on the command line Netup and it should dial the same as before. To drop the connection, type Netdn and it should work. Please note that in Open Source systems, it makes a difference whether you capitalize. Most software commands in FreeBSD use only lower-case letters. Thus, your own personal scripts should have the first letter capitalized to avoid the chance you might give a command you don't know about that would mess things up.

Now it won't matter which desktop you use, because you can simply open a terminal window (most menus offer Xterm) and connect without worrying about KPPP. FreeBSD has the option to use any number of desktop systems, and the light-weight ones are simply called window managers. Ask a user group what the favorites are and why. Or visit

for a good survey of the most popular desktop systems and window managers.

In our next lesson, we will take care of a collection of minor tasks to make life a little easier working in Xterm and Konsole.

Ed Hurst is Associate Editor of Open for Business. Ed is also the Music Director for Grace Baptist Church of Kickapoo Creek, Texas. He loves computers, runs FreeBSD and GNU/Linux and reads all sorts of things. You can reach Ed at