Date: Sat, 18 Apr 1998 19:05:54 -0300 From: Capriotti <capriotti@geocities.com> To: freebsd-questions@FreeBSD.ORG Subject: PPP filtering Message-ID: <3.0.32.19691231210000.00a22e30@pop.mpc.com.br>
next in thread | raw e-mail | index | archive | help
Hi, all. Calling PPP automatically, at boot up is solved and I intend to make a step-by-step explanation soon. As soon as I can solve this next problem: When I boot the machine, for soome reason, it starts dialing and wants to stabilish a connection, w/o any requisition, aparently. I read the man pages, the ppp.conf.filter.sample, but I couldn't get it to work right. I would apreciate any help. Additionally, I am trying to figure out how to deny access for users whose IP address (in the LAN. Not valid one for the Internet) are : 150.150.150.152 150.150.150.155 to 150.150.150.162 Again, reading the man pages was not all thet clatifying. Where could I find some more examples/texts to understand filtering ? Thank you. [my ppp.conf] default: set device /dev/cuaa1 set speed 115200 disable pred1 deny pred1 disable lqr deny lqr set dial "ABORT BUSY ABORT NO\\sCARRIER TIMEOUT 5 \"\" ATE1Q0M0L0 OK-AT-OK \\dATDP\\T TIMEOUT 40 CONNECT" set redial 5 10 set log Phase Chat Connect Carrier hdlc LCP IPCP CCp tun ################# # ################# mp: set phone 2345678 set login "TIMEOUT 15 blablabla" set authname loginname set authkey passwrd set timeout 600 set openmode active set ifaddr 10.0.0.1/0 10.0.0.2/0 255.255.255.0 # filtering taken from ppp.conf.filter.sample and slighly changed # Don't keep Alive with ICMP,DNS and RIP packets # set afilter 0 deny icmp set afilter 1 deny udp src eq 53 set afilter 2 deny udp dst eq 53 set afilter 3 deny udp src eq 520 set afilter 4 deny udp dst eq 520 set afilter 5 permit 0/0 0/0 # # Don't let ICMP packets cause us to dial # set dfilter 0 deny icmp set dfilter 1 permit 0/0 0/0 # # Allow ident packets to pass through # set ifilter 0 permit tcp dst eq 113 set ofilter 0 permit tcp src eq 113 # # Deny telnet connections to the Internet # set ifilter 1 deny tcp src eq 23 estab set ofilter 1 deny tcp dst eq 23 ########################################## end filtering delete ALL add 0 0 HISADDR # #### To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3.0.32.19691231210000.00a22e30>