From owner-freebsd-questions Sun Apr 19 14:46:16 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id OAA19762 for freebsd-questions-outgoing; Sun, 19 Apr 1998 14:46:16 -0700 (PDT) (envelope-from owner-freebsd-questions@FreeBSD.ORG) Received: from cplkagan.globaleyes.net (cplkagan.midwest.net [208.235.2.205]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id VAA19683 for ; Sun, 19 Apr 1998 21:45:49 GMT (envelope-from parrothd@midwest.net) Received: from parrothd.houselan.net (parrothd [10.10.0.10]) by cplkagan.globaleyes.net (8.8.7/8.8.5) with SMTP id QAA05916; Sun, 19 Apr 1998 16:44:42 -0500 (CDT) Message-Id: <3.0.5.32.19980419165907.00913c50@midwest.net> X-Sender: parrothd@midwest.net X-Mailer: QUALCOMM Windows Eudora Pro Version 3.0.5 (32) Date: Sun, 19 Apr 1998 16:59:07 -0500 To: Brian Somers , Capriotti From: "Jonathan E. Lyons" Subject: Re: HELP with PPP and filetring, please ! Cc: freebsd-questions@FreeBSD.ORG In-Reply-To: <199804191846.TAA28974@awfulhak.org> References: Mime-Version: 1.0 Content-Type: text/enriched; charset="us-ascii" Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Add this to your ppp.conf file, be sure to change the IP adress, you can look at the examples in /etc/ppp/ppp.conf for dynamic IP adress..... gateway IP Your IP set ifaddr 209.60.4.1/0 209.60.6.59/0 255.255.255.0 add 0 0 209.60.6.59 Later// At 07:46 PM 4/19/98 +0100, Brian Somers wrote: >Is this with the latest ppp ? If not, get the latest from >http://www.FreeBSD.org/~brian, otherwise you could try enabling >command logging (set log +command) to see what's actually being >executed. It looks as if the ``set ifaddr'' isn't being seen. > >> >> >> >> My ppp.conf is as follows: >> >> >> default: >> set device /dev/cuaa1 >> set speed 115200 >> disable pred1 >> deny pred1 >> disable lqr >> deny lqr >> set dial "ABORT BUSY ABORT NO\\sCARRIER TIMEOUT 5 \"\" ATE1Q0M0L0 OK-AT-OK >> \\dATDP\\T TIMEOUT 40 CONNECT" >> set redial 5 10 >> set log Phase Chat Connect Carrier hdlc LCP IPCP CCp tun >> ################# >> # >> ################# >> mp: >> >> #### Set FILTERing >> >> # Don't keep Alive with ICMP,DNS and RIP packets >> # >> # set afilter 0 deny icmp >> # set afilter 1 deny udp src eq 53 >> # set afilter 2 deny udp dst eq 53 >> # set afilter 3 deny udp src eq 520 >> # set afilter 4 deny udp dst eq 520 >> # set afilter 5 permit 0/0 0/0 >> # >> # Don't let ICMP packets cause us to dial >> # >> # set dfilter 0 deny icmp >> # set dfilter 1 permit 0/0 0/0 >> # >> # >> # Allow ident packets to pass through >> # >> # set ifilter 0 permit tcp dst eq 113 >> # set ofilter 0 permit tcp src eq 113 >> # >> # DO NOT Allow telnet connections to the Internet >> # >> # set ifilter 1 deny tcp src eq 23 estab >> # set ofilter 1 deny tcp dst eq 23 >> # >> # Allow ftp access to the Internet >> # >> # set ifilter 2 permit tcp src eq 21 estab >> # set ofilter 2 permit tcp dst eq 21 >> # set ifilter 3 permit tcp src eq 20 dst gt 1023 >> # set ofilter 3 permit tcp dst eq 20 >> # >> # Allow access to any DNS >> # >> # set ifilter 4 permit udp src eq 53 >> # set ofilter 4 permit udp dst eq 53 >> # >> # DO NOT Allow access from/to my company network >> # >> # set ifilter 5 deny 192.244.191.0/24 0/0 >> # set ofilter 5 deny 0/0 192.244.191.0/24 >> # >> # Allow ping and traceroute response >> # >> # set ifilter 6 permit icmp >> # set ofilter 6 permit icmp >> # set ifilter 7 permit udp dst gt 33433 >> # set ofilter 7 permit udp dst gt 33433 >> # >> # Deny dialing for some stupid reasons like DNS LOOKUP, according to >> # http://www.FreeBSD.org/FAQ/FAQ142.html#142 >> # >> # set dfilter 2 deny udp src eq 53 >> # set dfilter 3 deny udp dst eq 53 >> # set dfilter 4 permit 0/0 0/0 >> # >> # Set log on for trafic. I just don't know where should I find the log file. >> # >> # set log +tcp/ip >> # >> >> #### End set filtering >> >> >> set phone 2541855 >> set login "TIMEOUT 15 blablabla" >> set authname loginname >> set authkey passwd >> set timeout 600 >> set openmode active >> set ifaddr 10.0.0.1/0 10.0.0.2/0 255.255.255.0 >> delete ALL >> add 0 0 HISADDR >> # >> #### >> >> To Unsubscribe: send mail to majordomo@FreeBSD.org >> with "unsubscribe freebsd-questions" in the body of the message > > > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-questions" in the body of the message > > The beer is too cold, the daiquiris too fruitful, there's no place like home! Jimmy Buffett "The weather is here, Wish you were beautiful" Jon Lyons parrothd@midwest.net 87 HONDA VFR700 http://cplkagan.dyn.ml.org/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message