From owner-freebsd-net Tue Oct 31 13:19:39 2000 Delivered-To: freebsd-net@freebsd.org Received: from taka.swcp.com (taka.swcp.com [198.59.115.12]) by hub.freebsd.org (Postfix) with ESMTP id 2E1FD37B4C5 for ; Tue, 31 Oct 2000 13:19:37 -0800 (PST) Received: from argotsoft.com (argotsoft.com [198.59.115.127]) by taka.swcp.com (8.10.0.Beta12/8.10.0.Beta12) with ESMTP id e9VLJXr40677; Tue, 31 Oct 2000 14:19:34 -0700 (MST) Received: (from msommer@localhost) by argotsoft.com (8.9.3/8.8.7) id OAA03064; Tue, 31 Oct 2000 14:18:52 -0700 (MST) (envelope-from msommer) From: "Mark J. Sommer" Message-Id: <200010312118.OAA03064@argotsoft.com> Subject: Re: getting mpd-netgraph pptp to work throug ipfw firewall with natd In-Reply-To: <000001c0437b$e1a68940$47010a0a@fire.sysadmininc.com> from Peter Brezny at "Oct 31, 2000 03:48:09 pm" To: peter@sysadmin-inc.com Date: Tue, 31 Oct 2000 14:18:52 -0700 (MST) Cc: freebsd-net@freebsd.org X-Mailer: ELM [version 2.4ME+ PL68 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Here's the lines I have for PPTP in rc.firewall: # Allow connections on pptp. $fwcmd add pass tcp from any 1723 to any 1024-65535 out xmit ${oif} $fwcmd add pass tcp from any 1024-65535 to any 1723 in recv ${oif} $fwcmd add pass 47 from any to any out xmit ${oif} $fwcmd add pass 47 from any to any in recv ${oif} oif=outside interface [Charset iso-8859-1 unsupported, filtering to ASCII...] > A while back someone asked how to get this working and Archie replied... > === > Should work fine.. just make sure you allow TCP port 1723 and > IP proto #47 to reach mpd. > > -Archie > === > could anyone elaborate on this, specifically the ip proto#47 part and/or > share a couple example ipfw rules? > > TIA > > Peter Brezny > SysAdmin Services, Inc. > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message > ~Mark -------------------------------------------------------------------------------- Mark J. Sommer ARGOT Software Corporation, P.O. Box 92020, Albuquerque, New Mexico 87199-2020 FAX: 505-771-0274 PHONE: 505-867-6750 E-MAIL: msommer@argotsoft.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message