Diald Control

Linux + IP Masquerade + Diald + Diald Control


Japanese Page is here

Linux kernel has a feature of IP Masquerade and we can connect our Home LAN to the Internet.

Diald calls and connects to the ISP automatically when any user of the home LAN is going to connect to the Internet. Diald monitors the traffic of the connection and if any data of the connection is not sent or received, diald disconnect the connection.

It is not useful in some situations. For examples, when someone wants to use a telephone but diald makes PPP connection. When surfing the web site no traffic is occurred for a short time, diald disconnects automatically. In such cases we would like to control the actions of diald manually.

Diald has a tcl/tk control client named dctrl. Dctrl and diald are connected through named pipe. Named pipe is the communication path between two processes on the same host.

Dctrl controls diald set to the state of Up, Down, Forced up or Block connection using named pipe. The restriction of named pipe that two processes must be on the same host makes dctrl inconvenient.  We want to use the control feature of dctrl from some other host of home LAN which might be Windows, Mac or HP-UX :-).

I made a new control client Diald Control (dcntlc) written in Java and a daemon (dcntls) which accepts the connection from dcntlc and relay the request to diald. Dcntlc works on any host which Java is implemented (JDK1.1 or higher) or web browser (Netscape or IE) is available.

This is a figure of Diald Control client (dcntlc).


Source Code:



Compile and Installation :

  1. Download diald-control.tgz and extract the package.
  2. % zcat diald-control.tgz | tar xvf -
  3. Set variables of Makefile: DCNTLDIR, SBINDIR, BINDIR, SERVER_ADDR, PORT_NUM to fit your environment.
  4. make and make install
           % make
           % su root
           # make install
  5. Add this description to /etc/rc.d/rc.local
           # Start dcntls
           if [ -f /usr/sbin/dcntls ]; then
               /usr/sbin/dcntls ;
               echo -n "dcntls ";


  1. Executing Diald Control server. This is not required if it has already executed in /etc/rc.d/rc.local
    # /usr/sbin/dcntls
  2. Running stand alone client.
    % /usr/local/bin/dcntlc
  3. Running as Applet from Web browser. Open http://your-Diald-Control-Server-address/dcntl/index.html
    from your web browser. Use a right address of your web server.

Security Issues

Diald Control System does not have  an authentication feature. Some problems that someone could control diald from outside of the home LAN through Internet can be avoidable using IP firewall feature of the Linux kernel.

# /sbin/ipfwadm -I -a deny -P tcp -S -D 8972 -W ppp0 

This command line can set the IP firewall to deny any connection through ppp0 on port 8972(Default Diald Control port). The connection from local home LAN is through network interface eth0 rather than ppp0, local connection can be acceptable.

Another security setting is:
Denying one particular host of local Home LAN can be set using this command line.

# /sbin/ipfwadm -I -a deny -P tcp -S -D 8972

In this example, the server address is and denying host address is

Write this command line on /etc/rc.local just before running dcntls.

Related Links

Last modified: Sun Oct 10 22:06:32 1999

Yoshiaki Shinmi