[pptp-server] Firewall issues... More info...
Jason Bradley Nance
jbnance at tresgeek.net
Sun Oct 8 14:50:04 CDT 2000
> I'm confused here, because you say your rule 34 is defined to match
> interface $EXTIF and protocol 6 (tcp), but you also say your error log is
> giving errors on rule 34 matching interface ppp0 and protocol 17 (udp).
> They cannot be the same rule. Maybe one is an input rule and the other an
> output rule?
Well, how would I go about extracting rule #34. Maybe I'm not doing it
right. I did:
less rc.firewall | grep /sbin/ipchains > firewall.raw
vi firewall.raw
:34
That's what rule was on line 34.
> As for the two rules:
>
> /sbin/ipchains -A forward -j ACCEPT -s 192.168.1.0/24 -d 192.168.1.0/24
> /sbin/ipchains -A input -j REJECT -i $EXTIF -p tcp -s $UNIVERSE 139 -d
> $EXTIP
>
> These two rules are on two completely separate rule chains (forward and
> input) so neither one is before or after the other. The first applies
when
> a packet is being forwarded, and the second applies to input packets. See
> the section "How Packets Traverse The Filters" in the IPCHAINS-HOWTO for
> more details.
Can you give me an example of how to allow traffic to pass to the ppp*
interface from local net to local net? My default has all SMB traffic
killed that tries to leave the internal interface.
j
More information about the pptp-server
mailing list