Date: Wed, 31 Jan 2001 11:48:44 -0800 (PST) From: Mikko Tyolajarvi <mikko@dynas.se> To: freebsd-questions@freebsd.org Subject: Re: ppp packet filtering Message-ID: <200101311948.f0VJmit58837@explorer.rsa.com> References: <200101311936.f0VJa0s58753@explorer.rsa.com>
next in thread | previous in thread | raw e-mail | index | archive | help
In local.freebsd.questions I write:
>In local.freebsd.questions you write:
>>Greetings,
>>I use userland ppp with the -auto and -nat flags. This is a
>>good combo for me. I want to do some packet filtering for
>>security reasons, and wondered if the packet filtering that
>>you can do with rules in the ppp.conf is good ? The
>It goes a long way if you just want to block unwanted traffic and do
>NAT. The only thing I can think of that I miss is the ability to
>filter ICMP packet types.
Following up to myself: just had a look at the source code, and it
looks like ICMP types can be matched using the, perhaps slightly
bogus, syntax "icmp src eq TYPE".
$.02,
/Mikko
--
Mikko Työläjärvi_______________________________________mikko@rsasecurity.com
RSA Security
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200101311948.f0VJmit58837>