From owner-freebsd-net Sun Feb 11 18:33:24 2001 Delivered-To: freebsd-net@freebsd.org Received: from InterJet.dellroad.org (adsl-63-194-81-26.dsl.snfc21.pacbell.net [63.194.81.26]) by hub.freebsd.org (Postfix) with ESMTP id 13EC837B401 for ; Sun, 11 Feb 2001 18:33:23 -0800 (PST) Received: from curve.dellroad.org (curve.dellroad.org [10.1.1.30]) by InterJet.dellroad.org (8.9.1a/8.9.1) with ESMTP id SAA85323; Sun, 11 Feb 2001 18:33:22 -0800 (PST) Received: (from archie@localhost) by curve.dellroad.org (8.9.3/8.9.3) id SAA68980; Sun, 11 Feb 2001 18:33:20 -0800 (PST) (envelope-from archie) From: Archie Cobbs Message-Id: <200102120233.SAA68980@curve.dellroad.org> Subject: Re: pptp (mpd-netgraph) through a firewall In-Reply-To: "from Dan Larsson at Feb 9, 2001 12:30:39 pm" To: Dan Larsson Date: Sun, 11 Feb 2001 18:33:20 -0800 (PST) Cc: freebsd-net@FreeBSD.ORG X-Mailer: ELM [version 2.4ME+ PL77 (25)] MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Dan Larsson writes: > Are the following ipfw lines sufficent to allow pptp?: > > ${fwcmd} add pass tcp from any to any established > ${fwcmd} add pass tcp from any to ${EXT_IF} pptp setup > ${fwcmd} add pass gre from any to any Yes, should be. In any case you can always tell if it's not by using "ipfw log" rules. -Archie __________________________________________________________________________ Archie Cobbs * Packet Design * http://www.packetdesign.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message