Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 31 Jan 2001 11:36:00 -0800 (PST)
From:      Mikko Tyolajarvi <mikko@dynas.se>
To:        darryl@osborne-ind.com
Cc:        freebsd-questions@freebsd.org
Subject:   Re: ppp packet filtering
Message-ID:  <200101311936.f0VJa0s58753@explorer.rsa.com>
References:  <003501c08b9a$c3c9f170$0701a8c0@darryl>

next in thread | previous in thread | raw e-mail | index | archive | help
In local.freebsd.questions you write:

>Greetings,
>I use userland ppp with the -auto and -nat flags.  This is a 
>good combo for me.  I want to do some packet filtering for
>security reasons, and wondered if the packet filtering that
>you can do with rules in the ppp.conf is good ?  The 

It goes a long way if you just want to block unwanted traffic and do
NAT.  The only thing I can think of that I miss is the ability to
filter ICMP packet types.

>tutorials I've seen start off by configuring NAT on the system
>then using one of the system filtering programs to do the
>job.  Seems like overkill if ppp can do the job.

Indeed.  Have you had a look at /usr/share/examples/ppp/ppp.conf.sample?
It contains sample configurations for pretty much anything you
may want to do.  And the ppp(8) man page has loads of information too.

    $.02,
    /Mikko
-- 
 Mikko Työläjärvi_______________________________________mikko@rsasecurity.com
 RSA Security


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200101311936.f0VJa0s58753>