[pptp-server] pptp modifying the firewall

Nick Farrell nick at dfa.com.au
Tue Jun 6 23:50:34 CDT 2000


Good afternoon..

I've picked up a number of hints from this list recently - thanks for
the fixes, Landy! - but have hit problems with ipchains.

PPTP is working, in that the NT client connects to my 2.2.15/2.3.11 box,
negotiates MPPE, but then spews out: 

Jun  7 14:38:11 scully pppd[3845]: MPPE 40 bit, stateless compression
enabled
Jun  7 14:38:11 scully kernel: Packet log: input DENY ppp0 PROTO=1
192.168.200.242:8 192.168.200.3:0 L=60 S=0x00 I=31874 F=0x0000 T=32 (#8)
Jun  7 14:38:12 scully modprobe: modprobe: Can't locate module eth1_0
Jun  7 14:38:12 scully modprobe: modprobe: Can't locate module eth1_0
Jun  7 14:38:13 scully kernel: Packet log: input DENY ppp0 PROTO=1
192.168.200.242:8 192.168.200.3:0 L=60 S=0x00 I=32386 F=0x0000 T=32 (#8)
Jun  7 14:38:14 scully kernel: Packet log: input DENY ppp0 PROTO=1
192.168.200.242:8 192.168.200.3:0 L=60 S=0x00 I=33154 F=0x0000 T=32
(#10)

.. and so on. If I re-run my ipchains configuration script, these
messages go away - evidently, pptp/ppp is modifying my firewall rules,
and doing it incorrectly. Yes, I am running with two ethernet cards, and
eth1 is the one it's connecting via, and yes there is an alias eth1:0,
but this is not the one in my routing table:

Target          Router  Genmask         Flags Metric Ref    Use Iface
192.168.200.242 *       255.255.255.255 UH    0      0        0 ppp0
localnet        *       255.255.255.0   U     0      0        0 eth1
validipaddr     *       255.255.240.0   U     0      0        0 eth0
default         scully  0.0.0.0         UG    0      0        0 eth0

Any ideas? I hope I haven't missed something extremely obvious. If I
find the solution and it doesn't seem documented, I'll follow up with
it...

Nick Farrell.



More information about the pptp-server mailing list