[pptp-server] pptp modifying the firewall
Nick Farrell
nick at dfa.com.au
Tue Jun 6 23:50:34 CDT 2000
Good afternoon..
I've picked up a number of hints from this list recently - thanks for
the fixes, Landy! - but have hit problems with ipchains.
PPTP is working, in that the NT client connects to my 2.2.15/2.3.11 box,
negotiates MPPE, but then spews out:
Jun 7 14:38:11 scully pppd[3845]: MPPE 40 bit, stateless compression
enabled
Jun 7 14:38:11 scully kernel: Packet log: input DENY ppp0 PROTO=1
192.168.200.242:8 192.168.200.3:0 L=60 S=0x00 I=31874 F=0x0000 T=32 (#8)
Jun 7 14:38:12 scully modprobe: modprobe: Can't locate module eth1_0
Jun 7 14:38:12 scully modprobe: modprobe: Can't locate module eth1_0
Jun 7 14:38:13 scully kernel: Packet log: input DENY ppp0 PROTO=1
192.168.200.242:8 192.168.200.3:0 L=60 S=0x00 I=32386 F=0x0000 T=32 (#8)
Jun 7 14:38:14 scully kernel: Packet log: input DENY ppp0 PROTO=1
192.168.200.242:8 192.168.200.3:0 L=60 S=0x00 I=33154 F=0x0000 T=32
(#10)
.. and so on. If I re-run my ipchains configuration script, these
messages go away - evidently, pptp/ppp is modifying my firewall rules,
and doing it incorrectly. Yes, I am running with two ethernet cards, and
eth1 is the one it's connecting via, and yes there is an alias eth1:0,
but this is not the one in my routing table:
Target Router Genmask Flags Metric Ref Use Iface
192.168.200.242 * 255.255.255.255 UH 0 0 0 ppp0
localnet * 255.255.255.0 U 0 0 0 eth1
validipaddr * 255.255.240.0 U 0 0 0 eth0
default scully 0.0.0.0 UG 0 0 0 eth0
Any ideas? I hope I haven't missed something extremely obvious. If I
find the solution and it doesn't seem documented, I'll follow up with
it...
Nick Farrell.
More information about the pptp-server
mailing list