From owner-freebsd-questions@FreeBSD.ORG  Sun Dec 14 23:27:57 2003
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id CC3EB16A4CE
	for <freebsd-questions@freebsd.org>;
	Sun, 14 Dec 2003 23:27:57 -0800 (PST)
Received: from ns.kharkov.ukrpack.net (ns.kharkov.ukrpack.net [212.1.112.1])
	by mx1.FreeBSD.org (Postfix) with SMTP id D391243D2D
	for <freebsd-questions@freebsd.org>;
	Sun, 14 Dec 2003 23:27:54 -0800 (PST)
	(envelope-from alexovch@ns.kharkov.ukrpack.net)
Received: (qmail 84430 invoked by uid 1001); 15 Dec 2003 07:28:11 -0000
From: Aleksey Ovcharenko <alexovch@ic.kharkov.ua>
To: freebsd-questions@freebsd.org
Date: Mon, 15 Dec 2003 09:28:11 +0200
User-Agent: KMail/1.5.3
MIME-Version: 1.0
Content-Type: text/plain;
  charset="koi8-r"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Message-Id: <200312150928.11605.alexovch@ic.kharkov.ua>
Subject: ppp filters don't work
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
Reply-To: alexovch@ic.kharkov.ua
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 15 Dec 2003 07:27:57 -0000

Hi, all!

I have a troubles trying to setup ppp fitlers.

I compiled kernel include following lines:

pseudo-device   ppp     10      #Point-to-point protocol
options         PPP_BSDCOMP     #PPP BSD-compress support
options         PPP_DEFLATE     #PPP zlib/deflate/gzip support
options         PPP_FILTER      #enable bpf filtering (needs bpf)

options         IPFIREWALL              #firewall
options         IPFIREWALL_VERBOSE      #enable logging to syslogd(8)
options         IPFIREWALL_VERBOSE_LIMIT=100    #limit verbosity
options         IPFIREWALL_FORWARD      #enable transparent proxy support
options         IPFW2                   # enable ipfw2

Create section like

test:
 set filter out 0 permit 0 0
 set filter in  0 permit 0 0

in /etc/ppp/ppp.linkup.

After connection established I can see message set filter in ppp.log and using 
pppctl show me same rules active.

But they don't work. The only ipfw rules.

I setup nat via ipfw add divert natd ...
If I enable connection by ipfw it works fine, ppp filter seems to be ignored.

I'll glad to see any suggestion, please.

-- 
Sincerely Yours, Aleksey Ovcharenko