Skip site navigation (1)Skip section navigation (2)
Date:      Sun, 19 Apr 1998 16:59:07 -0500
From:      "Jonathan E. Lyons" <parrothd@midwest.net>
To:        Brian Somers <brian@Awfulhak.org>, Capriotti <capriotti@geocities.com>
Cc:        freebsd-questions@FreeBSD.ORG
Subject:   Re: HELP with PPP and filetring, please ! 
Message-ID:  <3.0.5.32.19980419165907.00913c50@midwest.net>
In-Reply-To: <199804191846.TAA28974@awfulhak.org>
References:  <Your message of "Sun, 19 Apr 1998 13:59:52 -0300."             <3.0.32.19980419135439.00a4c890@pop.mpc.com.br>

next in thread | previous in thread | raw e-mail | index | archive | help


Add this to your ppp.conf file, be sure to change the IP adress, you can look at the examples in /etc/ppp/ppp.conf for dynamic IP adress.....



		gateway IP 	Your IP

 set ifaddr 209.60.4.1/0 209.60.6.59/0 255.255.255.0

 add 0 0 209.60.6.59


Later//

At 07:46 PM 4/19/98 +0100, Brian Somers wrote:

>Is this with the latest ppp ?  If not, get the latest from 

>http://www.FreeBSD.org/~brian, otherwise you could try enabling 

>command logging (set log +command) to see what's actually being 

>executed.  It looks as if the ``set ifaddr'' isn't being seen.

>



>> 

>> 

>> 

>> My ppp.conf is as follows:

>> 

>> 

>> default:

>>  set device /dev/cuaa1

>>  set speed 115200

>>  disable pred1

>>  deny pred1

>>  disable lqr

>>  deny lqr

>>  set dial "ABORT BUSY ABORT NO\\sCARRIER TIMEOUT 5 \"\" ATE1Q0M0L0 OK-AT-OK

>>  \\dATDP\\T TIMEOUT 40 CONNECT"

>>  set redial 5 10

>>  set log Phase Chat Connect Carrier hdlc LCP IPCP CCp tun

>> #################

>> #

>> #################

>> mp:

>> 

>> #### Set FILTERing

>> 

>> # Don't keep Alive with ICMP,DNS and RIP packets

>> #

>> # set afilter 0 deny icmp

>> # set afilter 1 deny udp src eq 53

>> # set afilter 2 deny udp dst eq 53

>> # set afilter 3 deny udp src eq 520

>> # set afilter 4 deny udp dst eq 520

>> # set afilter 5 permit 0/0 0/0

>> #

>> # Don't let ICMP packets cause us to dial

>> #

>> # set dfilter 0 deny icmp

>> # set dfilter 1 permit 0/0 0/0

>> #

>> #

>> # Allow ident packets to pass through

>> #

>> # set ifilter 0 permit tcp dst eq 113

>> # set ofilter 0 permit tcp src eq 113

>> #

>> # DO NOT Allow telnet connections to the Internet

>> #

>> # set ifilter 1 deny tcp src eq 23 estab

>> # set ofilter 1 deny tcp dst eq 23

>> #

>> # Allow ftp access to the Internet

>> #

>> # set ifilter 2 permit tcp src eq 21 estab

>> # set ofilter 2 permit tcp dst eq 21

>> # set ifilter 3 permit tcp src eq 20 dst gt 1023 

>> # set ofilter 3 permit tcp dst eq 20

>> #

>> # Allow access to any DNS

>> #

>> # set ifilter 4 permit udp src eq 53

>> # set ofilter 4 permit udp dst eq 53

>> #

>> # DO NOT Allow access from/to my company network

>> #

>> # set ifilter 5 deny 192.244.191.0/24 0/0

>> # set ofilter 5 deny 0/0 192.244.191.0/24

>> #

>> # Allow ping and traceroute response

>> #

>> # set ifilter 6 permit icmp

>> # set ofilter 6 permit icmp

>> # set ifilter 7 permit udp dst gt 33433

>> # set ofilter 7 permit udp dst gt 33433

>> #

>> # Deny dialing for some stupid reasons like DNS LOOKUP, according to

>> # http://www.FreeBSD.org/FAQ/FAQ142.html#142

>> #

>> # set dfilter 2 deny udp src eq 53

>> # set dfilter 3 deny udp dst eq 53

>> # set dfilter 4 permit 0/0 0/0

>> #

>> # Set log on for trafic. I just don't know where should I find the log file.

>> #

>> #  set log +tcp/ip

>> #

>> 

>> #### End set filtering

>> 

>> 

>>  set phone 2541855

>>  set login "TIMEOUT 15 blablabla" 

>>  set authname loginname

>>  set authkey passwd

>>  set timeout 600

>>  set openmode active

>>  set ifaddr 10.0.0.1/0 10.0.0.2/0 255.255.255.0

>>  delete ALL

>>  add 0 0 HISADDR

>> #

>> ####

>> 

>> To Unsubscribe: send mail to majordomo@FreeBSD.org

>> with "unsubscribe freebsd-questions" in the body of the message

>

>

>

>To Unsubscribe: send mail to majordomo@FreeBSD.org

>with "unsubscribe freebsd-questions" in the body of the message

>

>




<smaller>The beer is too cold, the daiquiris too fruitful, there's no
place like home!

Jimmy Buffett "The weather is here, Wish you were beautiful"


Jon Lyons

parrothd@midwest.net

87 HONDA VFR700

http://cplkagan.dyn.ml.org/</smaller>;

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3.0.5.32.19980419165907.00913c50>