diff -urN ppp-2.4.7/pppd/auth.c ppp-2.4.7-patched/pppd/auth.c --- ppp-2.4.7/pppd/auth.c 2014-08-09 23:31:39.000000000 +1100 +++ ppp-2.4.7-patched/pppd/auth.c 2014-08-11 16:25:36.701647610 +1100 @@ -243,6 +243,11 @@ extern char *crypt __P((const char *, const char *)); +#ifdef NOEXT_TRAFFIC +/* Boolean to care for external traffic or not. Defined in options.c */ +extern int noexttraffic; +#endif + /* Prototypes for procedures local to this file. */ static void network_phase __P((int)); @@ -1189,6 +1194,14 @@ tlim = idle_time_hook(&idle); } else { itime = MIN(idle.xmit_idle, idle.recv_idle); +#ifdef NOEXT_TRAFFIC /* modified version, additional commandline-switch noext-traffic */ + if (!noexttraffic) + itime = MIN(idle.xmit_idle, idle.recv_idle); + else + itime = idle.xmit_idle; +#else /* standard version */ + itime = MIN(idle.xmit_idle, idle.recv_idle); +#endif tlim = idle_time_limit - itime; } if (tlim <= 0) { diff -urN ppp-2.4.7/pppd/Makefile.linux ppp-2.4.7-patched/pppd/Makefile.linux --- ppp-2.4.7/pppd/Makefile.linux 2014-08-11 16:25:19.064360401 +1100 +++ ppp-2.4.7-patched/pppd/Makefile.linux 2014-08-11 16:25:36.702647626 +1100 @@ -60,6 +60,8 @@ # Linux distributions: Please leave TDB ENABLED in your builds. USE_TDB=y +NOEXT_TRAFFIC=y + HAS_SHADOW=y USE_PAM=y HAVE_INET6=y @@ -97,6 +99,10 @@ endif endif +ifdef NOEXT_TRAFFIC +CFLAGS += -DNOEXT_TRAFFIC +endif + # EAP SRP-SHA1 ifdef USE_SRP CFLAGS += -DUSE_SRP -DOPENSSL -I/usr/local/ssl/include diff -urN ppp-2.4.7/pppd/options.c ppp-2.4.7-patched/pppd/options.c --- ppp-2.4.7/pppd/options.c 2014-08-09 23:31:39.000000000 +1100 +++ ppp-2.4.7-patched/pppd/options.c 2014-08-11 16:25:36.702647626 +1100 @@ -129,6 +129,10 @@ #endif +#ifdef NOEXT_TRAFFIC +int noexttraffic = 0; /* decide whether or not we want to care for traffic from extern */ +#endif + extern option_t auth_options[]; extern struct stat devstat; @@ -325,6 +329,9 @@ { "active-filter", o_special, setactivefilter, "set filter for active pkts", OPT_PRIO }, #endif +#ifdef NOEXT_TRAFFIC + { "noext-traffic", o_bool, (void *)&noexttraffic, "ignore external pkts for timeout", 1 }, +#endif #ifdef MAXOCTETS { "maxoctets", o_int, &maxoctets, diff -urN ppp-2.4.7/pppd/pppd.8 ppp-2.4.7-patched/pppd/pppd.8 --- ppp-2.4.7/pppd/pppd.8 2014-08-09 23:31:39.000000000 +1100 +++ ppp-2.4.7-patched/pppd/pppd.8 2014-08-11 16:25:36.703647643 +1100 @@ -295,6 +295,20 @@ \fIdebug\fR. This information can be directed to a file by setting up /etc/syslog.conf appropriately (see syslog.conf(5)). .TP +.B noext-traffic +Do not count incoming traffic against the idle time set with the idle +option. The default idle option behavior is to count both outgoing +and incoming traffic. This can be very helpful when remote hosts +keeping sending unwanted traffic, thereby keeping the connection up. + +Note that this \fIcannot\fR prevent programs from responding to incoming +requests and in doing so defeat the idle option. The route program +\fIreject\fR parameter might help in that case when enough is known about +IP address space of the site generating the unwanted requests. If you +initiated contact with the site generating the requests, say with a +web browser, then denying ingress with the "reject" parameter probably +won't be a viable option. +. .B default\-asyncmap Disable asyncmap negotiation, forcing all control characters to be escaped for both the transmit and the receive direction.