'Re: [pptp-devel] Firewall and pptp client'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       pptpclient-devel
Subject:    Re: [pptp-devel] Firewall and pptp client
From:       "Harry A. Sutton" <Harry.Sutton () comcast ! net>
Date:       2005-01-16 22:32:22
Message-ID: 1105914742.19825.58.camel () toby ! multifids ! com
[Download RAW message or body]

On Mon, 2005-01-17 at 09:18 +1100, James Cameron wrote:
> On Sun, Jan 16, 2005 at 09:54:16PM +0000, Paul Smith wrote:
> > Maybe, James Cameron would like to add this information to his
> > Mandrake 10.1 HOWTO.
> 
> I've just added this information.
> http://pptpclient.sourceforge.net/howto-mandrake-101.phtml updated.
> 
> Are the fw and net destinations what the user should type, or should
> they be replaced with IP addresses?

This is the nomenclature that the Shorewall product expects; you don't
use IP addresses.
> 
> Is ppp0 on your system the external network interface or is it the
> tunnel?  From these rules, it looks like it is the external.  For people
> using eth0 as their external interface (e.g. on a LAN or ethernet
> connected ADSL service), would they replace ppp0 with eth0?

The ppp0 interface doesn't replace eth0, it's in addition to it.

> 
> Does the rules addition of "net fw tcp 1723" make it possible for a
> connection to port 1723 on the client system work?  If so, that's not
> needed.
> 

You're right, it's probably redundant, and could conceivably be dropped,
but that hasn't been tested. I recommended it for completeness.

> Is there a way to phrase these rules with a specific PPTP server IP
> address instead of an interface name?
> 

If there is, I haven't found it yet in the Shorewall documentation.




-------------------------------------------------------
The SF.Net email is sponsored by: Beat the post-holiday blues
Get a FREE limited edition SourceForge.net t-shirt from ThinkGeek.
It's fun and FREE -- well, almost....http://www.thinkgeek.com/sfshirt
_______________________________________________
pptpclient-devel mailing list
pptpclient-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/pptpclient-devel
[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic