[pptp-server] Pushing pptpd through...

[ctooley at amoa.org]

I've got a gateway/router style firewall based on a 2.4 kernel.  I'm using
IPTables (somewhat reluctantly) and need to push pptp traffic through to the
NAT'd server.  Anyone got any good iptables based scripts to do that?  What I
have currently keeps timing out:

#Allow pptpd connections (port 1723)
/sbin/iptables -t nat -A PREROUTING -i $EXTINT -p TCP \
        --sport $PUBLICPORTS --dport 1723 -j ACCEPT
/sbin/iptables -t nat -A OUTPUT -o $EXTINT -p 47 -j ACCEPT
/sbin/iptables -A OUTPUT -o $EXTINT -p 47 -j ACCEPT
/sbin/iptables -A INPUT  -i $EXTINT -p 47 -j ACCEPT
/sbin/iptables -A INPUT  -i ppp+ \
        -s $LOCALNETWORK -d $LOCALNETWORK -j ACCEPT
/sbin/iptables -A OUTPUT -o ppp+ \
        -s $LOCALNETWORK -d $LOCALNETWORK -j ACCEPT
echo "PPTP clients allowed"

# Allow inbound pptpd connections to PoPToP - forward to pptp server
/sbin/iptables -t nat -A PREROUTING -i $EXTINT -p TCP --dport 1723 --sport
$PUBLIC
PORTS -j DNAT --to $POPTOPSERVER
/sbin/iptables -t nat -A PREROUTING -i $EXTINT -p 47 -j DNAT --to $POPTOPSERVER
/sbin/iptables -A FORWARD -p TCP --dport 1723 --sport 1723 -j ACCEPT
/sbin/iptables -A FORWARD -p 47 -j ACCEPT
echo "PPTPD Server connections allowed"

I'm pretty sure that there are some parts missing.  Any help will be
appreciated.

Chris Tooley