[pptp-server] ipchains not forwarding to pptpd server
LIENARD Nicolas
nicolas.lienard at internet-telecom.net
Thu Jan 6 05:18:56 CST 2000
Hello
Why do u use this rules with ipchains ?
I only put this (with ipfwadm):
/sbin/ipfwadm -F -a m -S 7.0.10.0/255.255.255.0 -D 0.0.0.0/0
and it works good.
[root scripts]# ./etat-firewall
IP firewall forward rules, default policy: deny
pkts bytes type prot opt tosa tosx ifname ifaddress source
destination ports
0 0 acc/m all ---- 0xFF 0x00 any any 7.0.10.0/24
anywhere n/a
0 0 acc tcp b--- 0xFF 0x00 any any anywhere
cache.internet-telecom.net 1024:65535 -> smtp
0 0 acc tcp b--- 0xFF 0x00 any any
cache.internet-telecom.net anywhere smtp -> 1024:65535
0 0 acc tcp b--- 0xFF 0x00 any any anywhere
cache.internet-telecom.net 1024:65535 -> http
0 0 acc tcp b--- 0xFF 0x00 any any 7.0.10.0
anywhere http -> 1024:65535
0 0 acc udp b--- 0xFF 0x00 any any anywhere
7.0.10.0/24 domain -> any
why do u need a VPN ? i don't understand... is it better than ip
masquerading ?
Thanx .
Nicolas.
Nicolas LIENARD
Internet Telecom
T/01.55.80.17.26 - F/01.55.80.17.18
19/21, rue Poissonnière - 75002 PARIS
nicolas.lienard at internet-telecom.net
----- Original Message -----
From: Terrelle Shaw <hshaw at epills.com>
To: pptpd <pptp-server at lists.schulte.org>
Sent: Tuesday, January 04, 2000 4:30 AM
Subject: [pptp-server] ipchains not forwarding to pptpd server
> Hello all..
>
> I think I might have an ipchains issue. Wondering of anything jumps out
any
> anyone while looking at my ipchains rules. It's supposed to be forwarding
> 1723 and 47 stuff to the vpn-pptpd server.. but looking at the logs on the
> firewall and pptpd-server.. its just getting to the firewall and
stopping..
>
> Any help is appreciated.
>
> Chain input (policy ACCEPT):
> target prot opt source destination ports
> REJECT icmp ------ anywhere external_ip
> echo-request
> ACCEPT tcp ------ anywhere anywhere any ->
> 1723
> ACCEPT tcp !y---- anywhere external_ip 1723 ->
> any
> Chain forward (policy ACCEPT):
> target prot opt source destination ports
> ACCEPT tcp ------ anywhere vpn_server_ip any ->
> 1723
> ACCEPT tcp ------ vpn_server_ip anywhere 1723 ->
> any
> ACCEPT 47 ------ anywhere vpn_server_ip n/a
> ACCEPT 47 ------ vpn_server_ip anywhere n/a
> ACCEPT all ------ 10.0.0.0/24 external_real_ip/28 n/a
> MASQ all ------ 10.0.0.0/24 anywhere n/a
> MASQ 47 ------ anywhere anywhere n/a
> MASQ tcp ------ 10.0.0.0 anywhere any ->
> 1723
> Chain output (policy ACCEPT):
> target prot opt source destination ports
> ACCEPT tcp !y---- anywhere 10.0.0.0
1723 ->
> any
> ACCEPT tcp ------ 10.0.0.0 anywhere any ->
> any
>
>
> Terrelle Shaw
> HealthCentralRx.com
> System Administrator
> hshaw at healthcentralrx.com
>
>
> _______________________________________________
> pptp-server maillist - pptp-server at lists.schulte.org
> http://lists.schulte.org/mailman/listinfo/pptp-server
> List services provided by www.schulte.org!
More information about the pptp-server
mailing list