From owner-freebsd-pf@FreeBSD.ORG  Thu Nov 30 16:27:14 2006
Return-Path: <owner-freebsd-pf@FreeBSD.ORG>
X-Original-To: freebsd-pf@freebsd.org
Delivered-To: freebsd-pf@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 8A86016A618
	for <freebsd-pf@freebsd.org>; Thu, 30 Nov 2006 16:27:14 +0000 (UTC)
	(envelope-from dhartmei@insomnia.benzedrine.cx)
Received: from insomnia.benzedrine.cx (insomnia.benzedrine.cx [62.65.145.30])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 704BD443FE
	for <freebsd-pf@freebsd.org>; Thu, 30 Nov 2006 16:21:06 +0000 (GMT)
	(envelope-from dhartmei@insomnia.benzedrine.cx)
Received: from insomnia.benzedrine.cx (dhartmei@localhost [127.0.0.1])
	by insomnia.benzedrine.cx (8.13.4/8.13.4) with ESMTP id kAUGKmI3011774
	(version=TLSv1/SSLv3 cipher=DHE-DSS-AES256-SHA bits=256 verify=NO);
	Thu, 30 Nov 2006 17:20:48 +0100 (MET)
Received: (from dhartmei@localhost)
	by insomnia.benzedrine.cx (8.13.4/8.12.10/Submit) id kAUGKmtV015572;
	Thu, 30 Nov 2006 17:20:48 +0100 (MET)
Date: Thu, 30 Nov 2006 17:20:48 +0100
From: Daniel Hartmeier <daniel@benzedrine.cx>
To: Gilberto Villani Brito <linux@giboia.org>
Message-ID: <20061130162048.GB31746@insomnia.benzedrine.cx>
References: <62972.217.12.197.82.1164883946.squirrel@sigma.interami.com>
	<6e6841490611300512t73dca3ddt106d58a3e63bc1f1@mail.gmail.com>
	<55273.217.12.197.82.1164898183.squirrel@sigma.interami.com>
	<6e6841490611300803y577338adqf52918ef13ca7605@mail.gmail.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <6e6841490611300803y577338adqf52918ef13ca7605@mail.gmail.com>
User-Agent: Mutt/1.5.10i
Cc: FreeBSD <freebsd-pf@freebsd.org>
Subject: Re: PF-NAT
X-BeenThere: freebsd-pf@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Technical discussion and general questions about packet filter
	\(pf\)" <freebsd-pf.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
	<mailto:freebsd-pf-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-pf>
List-Post: <mailto:freebsd-pf@freebsd.org>
List-Help: <mailto:freebsd-pf-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
	<mailto:freebsd-pf-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 30 Nov 2006 16:27:14 -0000

On Thu, Nov 30, 2006 at 02:03:57PM -0200, Gilberto Villani Brito wrote:

> Try change this options.

None of those will help if you really want two concurrent PPTP
connections to the same external peer.

pf doesn't look into the payload of PPTP packets and hence can't decide
which internal peer to dispatch incoming replies from the one external
peer to (there are no port numbers helping there, like in TCP).

You can try a userland PPTP proxy, like

  http://freshmeat.net/projects/frickin/

There are no plans to integrate PPTP proxy support into pf. While
libalias_pptp and ng_nat look potentially helpful, you'd have to write
that patch yourself, or find a developer that is using PPTP (not me ;)

Daniel