Date: Wed, 31 Jan 2001 11:36:00 -0800 (PST) From: Mikko Tyolajarvi <mikko@dynas.se> To: darryl@osborne-ind.com Cc: freebsd-questions@freebsd.org Subject: Re: ppp packet filtering Message-ID: <200101311936.f0VJa0s58753@explorer.rsa.com> References: <003501c08b9a$c3c9f170$0701a8c0@darryl>
next in thread | previous in thread | raw e-mail | index | archive | help
In local.freebsd.questions you write:
>Greetings,
>I use userland ppp with the -auto and -nat flags. This is a
>good combo for me. I want to do some packet filtering for
>security reasons, and wondered if the packet filtering that
>you can do with rules in the ppp.conf is good ? The
It goes a long way if you just want to block unwanted traffic and do
NAT. The only thing I can think of that I miss is the ability to
filter ICMP packet types.
>tutorials I've seen start off by configuring NAT on the system
>then using one of the system filtering programs to do the
>job. Seems like overkill if ppp can do the job.
Indeed. Have you had a look at /usr/share/examples/ppp/ppp.conf.sample?
It contains sample configurations for pretty much anything you
may want to do. And the ppp(8) man page has loads of information too.
$.02,
/Mikko
--
Mikko Työläjärvi_______________________________________mikko@rsasecurity.com
RSA Security
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200101311936.f0VJa0s58753>