Date: Wed, 31 Jan 2001 11:36:00 -0800 (PST) From: Mikko Tyolajarvi <mikko@dynas.se> To: darryl@osborne-ind.com Cc: freebsd-questions@freebsd.org Subject: Re: ppp packet filtering Message-ID: <200101311936.f0VJa0s58753@explorer.rsa.com> References: <003501c08b9a$c3c9f170$0701a8c0@darryl>
next in thread | previous in thread | raw e-mail | index | archive | help
In local.freebsd.questions you write: >Greetings, >I use userland ppp with the -auto and -nat flags. This is a >good combo for me. I want to do some packet filtering for >security reasons, and wondered if the packet filtering that >you can do with rules in the ppp.conf is good ? The It goes a long way if you just want to block unwanted traffic and do NAT. The only thing I can think of that I miss is the ability to filter ICMP packet types. >tutorials I've seen start off by configuring NAT on the system >then using one of the system filtering programs to do the >job. Seems like overkill if ppp can do the job. Indeed. Have you had a look at /usr/share/examples/ppp/ppp.conf.sample? It contains sample configurations for pretty much anything you may want to do. And the ppp(8) man page has loads of information too. $.02, /Mikko -- Mikko Työläjärvi_______________________________________mikko@rsasecurity.com RSA Security To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200101311936.f0VJa0s58753>