[pptp-server] ppp-filtering - Ready to smash this thing! lol .

Dread Boy dreadboy at hotmail.com
Wed Mar 7 02:12:54 CST 2001 

>Don't give up....
>
>Do you have IP forwarding turned on? using `echo 1 >
>/proc/sys/net/ipv4/ip_forward` ????

Yeah, man.  It is a gateway server.  eth0 = LAN, eth1 = ISP.  All routing 
seems to work just fine, and the only TCP/IP ports I have open on the 
external interface are 22 (SSH) and 80 (HTTP).

>
>can you try using tcpdump and filter packets going through the PPTPD server
>to see where it's stopping?

How does one use these utilities effectively?

>
>
>thanks,
>George Vieira
>
>
>-----Original Message-----
>From: Dread Boy [mailto:dreadboy at hotmail.com]
>Sent: Wednesday, March 07, 2001 1:11 PM
>To: pptp-server at lists.schulte.org
>Subject: [pptp-server] ppp-filtering - Ready to smash this thing! lol.
>
>
>OK, even though I've asked these questions before, I'm gonna try again in 
>an
>
>attempt to get my PPTPD Linux server working perfectly.
>
>I'm one step away, here, I'm sure of it.  Prior to obtaining the ipchains
>rules listed below in ip-up and ip-down, I was completely unable to see any
>machines on my VPN remotely.
>
>Now, with everyone's help, I have indeed gotten further.  Thx to everyone 
>so
>
>far.  Too many to list, but you know who you are.  =)
>
>Now I can indeed see a list of Windoze/SMB server machine names on my 
>remote
>
>Windoze system.  However, I can still only browse or use shares on either
>the SMB server I'm dialing into, or the remote workstation I'm using to
>dial-up.  I can not access anything else (or even ping by name or IP 
>number)
>
>the other machines listed by the WINS server in my Network Neighborhood
>browse list.
>
>I feel for sure, something is being blocked.  I know that SMB sharing
>definitely uses port 139, but I've also noticed that ports 137 and 138 are
>also used.  I don't know if this is it, but does anyone know why I would 
>not
>
>even be able to ping other machines on the network?
>
>- My network is 192.168.0.0/255.255.255.0
>- localip is 88-95
>- remoteip is 96-103
>
>OK, so I've also noticed that although the remoteip shows up on ppp0 on the
>route table (192.168.0.96) the localip doesn't seem to be here...
>
>Does anyone know for sure whether this is a routing problem?  ipchains is
>still Greek to me, somewhat, and I don't even really understand the concept
>of connecting on eth1 and having it turn into a ppp* interface, and how all
>three interfaces (including eth0) have to be configured to pass traffic
>along properly.
>
>Thx.  Craig.
>
> >route
>255.255.255.255 *               255.255.255.255 UH    0      0        0 
>eth0
>192.168.0.96    *               255.255.255.255 UH    0      0        0 
>ppp0
>192.168.0.2     *               255.255.255.255 UH    0      0        0 
>eth0
><extip>         *               255.255.255.255 UH    0      0        0 
>eth1
>192.168.0.0     *               255.255.255.0   U     0      0        0 
>eth0
><extnet>        *               255.255.252.0   U     0      0        0 
>eth1
>127.0.0.0       *               255.0.0.0       U     0      0        0 lo
>default         <extgw>         0.0.0.0         UG    0      0        0 
>eth1
>
>--- /etc/ppp/ip-up ---
>#!/bin/bash
># This file should not be modified -- make local changes to
># /etc/ppp/ip-up.local instead
>LOGDEVICE=$6
>REALDEVICE=$1
>/sbin/ipchains -A input   -i $REALDEVICE -j ACCEPT
>/sbin/ipchains -A output  -i $REALDEVICE -j ACCEPT
>/sbin/ipchains -A forward -i $REALDEVICE -j ACCEPT
>[ -x /etc/ppp/ip-up.local ] && /etc/ppp/ip-up.local $*
># Used for clustering heartbeat monitoring stuff.
>[ -x /etc/ppp/ip-up.heart ] && /etc/ppp/ip-up.heart $*
>/etc/sysconfig/network-scripts/ifup-post ifcfg-${LOGDEVICE}
>exit 0
>
>--- /etc/ppp/ip-down ---
>#!/bin/bash
># This file should not be modified -- make local changes to
># /etc/ppp/ip-down.local instead
>LOGDEVICE=$6
>REALDEVICE=$1
>/sbin/ipchains -D input   -i $REALDEVICE -j ACCEPT
>/sbin/ipchains -D output  -i $REALDEVICE -j ACCEPT
>/sbin/ipchains -D forward -i $REALDEVICE -j ACCEPT
>[ -x /etc/ppp/ip-down.local ] && /etc/ppp/ip-down.local $*
>/etc/sysconfig/network-scripts/ifdown-post ifcfg-${LOGDEVICE}
>exit 0
>
>_________________________________________________________________________
>Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.
>
>_______________________________________________
>pptp-server maillist  -  pptp-server at lists.schulte.org
>http://lists.schulte.org/mailman/listinfo/pptp-server
>List services provided by www.schulteconsulting.com!

_________________________________________________________________________
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.

More information about the pptp-server mailing list