[pptp-server] Firewall issues... More info...

Phil Van Baren phil at vibrationresearch.com
Sun Oct 8 18:19:22 CDT 2000


Those rules apply only to the traffic on the internal and PPTP interfaces,
and so will not affect traffic on the external interface.  You must have
other rules in your chains which apply to the external interface to block
external traffic (or set your default policy to DENY).

Specifying an interface name "ppp+" will match all interfaces which begin
with the letters ppp.  This should work as long as your external interface
is not a ppp device as well.

> -----Original Message-----
> From: pptp-server-admin at lists.schulte.org
> [mailto:pptp-server-admin at lists.schulte.org]On Behalf Of Jason Bradley
> Nance
> Sent: Sunday, October 08, 2000 6:51 PM
> To: pptp-server at lists.schulte.org
> Subject: RE: [pptp-server] Firewall issues... More info...
>
>
> > In addition, if you want to allow all traffic on your internel ethernet
> > device ($INTIF) and all traffic on your pptp device ($PPTPIF), just add
> > these rules.
> >
> > ipchains -A input -i $INTIF -j ACCEPT
> > ipchains -A output -i $INTIF -j ACCEPT
> >
> > ipchains -A input -i $PPTPIF -j ACCEPT
> > ipchains -A output -i $PPTPIF -j ACCEPT
>
> Won't that allow SMB traffic to the $EXTIF too?
> And can I say ppp* for all ppp interfaces?  Cause I will have
> more than one
> person connecting at a time.
>
> Thanks.
>
> j
>
>
> _______________________________________________
> pptp-server maillist  -  pptp-server at lists.schulte.org
> http://lists.schulte.org/mailman/listinfo/pptp-server
> List services provided by www.schulteconsulting.com!
>




More information about the pptp-server mailing list