Skip site navigation (1)Skip section navigation (2) 
Date:      Sat, 19 Aug 2000 21:02:37 +0200
From:      Thomas Bader <thomas@t-bader.ch>
To:        freebsd-questions@freebsd.org
Subject:   User ppp/firewall on 4.1-RELEASE
Message-ID:  <20000819210237.A2327@trash.net>
next in thread | raw e-mail | index | archive | help 
Hi!

I have a box running FreeBSD 4.1-RELEASE.  There I set up=20
/etc/ppp/ppp.conf and I get a connection to both my ISPs.
Now I'd like to protect some services on my machine (for=20
example SMTP) from the outside.  So, I put this in my=20
ppp.conf:

---
=BB=B7=B7=B7=B7=B7=B7=B7# Some rules for incoming packets
=BB=B7=B7=B7=B7=B7=B7=B7set filter in 0 deny 0/0 MYADDR tcp dst eq 22=BB=B7=
=B7=BB=B7=B7=B7=B7=B7=B7=B7# Secure Shell
=BB=B7=B7=B7=B7=B7=B7=B7set filter in 1 deny 0/0 MYADDR udp dst eq 22=BB=B7=
=B7=BB=B7=B7=B7=B7=B7=B7=B7# Secure Shell
=BB=B7=B7=B7=B7=B7=B7=B7set filter in 2 deny 0/0 MYADDR tcp dst eq 25=BB=B7=
=B7=BB=B7=B7=B7=B7=B7=B7=B7# Simple Mail Transport Protocol
=BB=B7=B7=B7=B7=B7=B7=B7set filter in 3 deny 0/0 MYADDR udp dst eq 25=BB=B7=
=B7=BB=B7=B7=B7=B7=B7=B7=B7# Simple Mail Transport Protocol
=BB=B7=B7=B7=B7=B7=B7=B7set filter in 4 deny 0/0 MYADDR tcp dst eq 23=BB=B7=
=B7=BB=B7=B7=B7=B7=B7=B7=B7# Telnet
=BB=B7=B7=B7=B7=B7=B7=B7set filter in 5 deny 0/0 MYADDR udp dst eq 23=BB=B7=
=B7=BB=B7=B7=B7=B7=B7=B7=B7# Telnet
=BB=B7=B7=B7=B7=B7=B7=B7set filter in 6 permit 0/0 MYADDR 0 0
---

But I just get something like this:

---
Warning: ParseUdpOrTcp: bad src/dst port syntax:
Warning: ParseIcmp: bad icmp syntax.
Warning: ParseUdpOrTcp: bad src/dst port syntax:
Warning: Parse: 0: Invalid protocol
---

What I'm doing wrong?  I'm sure, that my syntax is according
to the manpage of ppp.

Still, I have second question:  Is there a possibility to
make ppp write the entiry chat-script to the logfiles?  I'd
like to verify, which phone number gets dialed in the ATD
command.

BTW:  Please cc me as I'm not subscribed to the list.

Thomas
--=20
  .-.   Thomas Bader =B7 thomasb@trash.net.remove =B7 http://www.t-bader.ch=
/  .-.
  oo|                                                                     o=
o|
 /`'\     Einen Unix-Shellaccount gibt es unter http://www.trash.net/    /`=
'\
(\_;/)       PGP Key-ID: 0x3A4B7F5D (RSA)  0x7584F5D8 (DSA/EG)          (\_=
;/)


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000819210237.A2327>