Date: Sun, 4 Jan 2004 12:32:10 +0100 (MET) From: "Karl Juchen" <karl.juchen@gmx.de> To: freebsd-questions@freebsd.org Subject: RE: ppp idle timer Message-ID: <11713.1073215930@www52.gmx.net> References: <MIEPLLIBMLEEABPDBIEGAEAHFDAA.fbsd_user@a1poweruser.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi! fbsd_user wrote: > I have been reading this list for 4 years and your post is the first > on any body trying to use 'user ppp' filter rules. > I read about them when I setup my own user ppp dial out to ISP over > voice phone modem, tried to use them, but they have no way to verify > the rules are working, and iirc no logging function. There is a logging facility 'Filter' that allows basic logging, but for my problem that's not very important, I think. I check the idle timer with: set server +3000 mypasswd pppctl 3000 show bundle That's probably not the best solution, but it works. > Here's my advice, you are better off with ipfilter firewall which is > delivered as part of the FBSD core system. IPFW is massive overkill > in most cases. > > More information on IPF can be found here. > http://www.obfuscation.org/ipf/ipf-howto.html#TOC_1 > > http://coombs.anu.edu.au/~avalon/ip-filter.html Thanks, first of all. Of course I do not want to do real packet-filtering with ppp, but just control the idle timer. Example: Somebody sends icmp echo-requests to my box. Even if my box doesn't give any replies, the incoming packets will keep up my dial-on-demand connection. That's what I want to suppress with my ppp filter rules. The problem occurs very frequently with p2p-network requests, that belong to the former owner of my dynamic ip address... I can't imagine I'm the only one, who has such a kind of problem. Unfortunately, I couldn't find out how to control ppp idle timer with IPF, is it really possible? I'm grateful for any solution. Regards, Karl -- +++ GMX - die erste Adresse für Mail, Message, More +++ Neu: Preissenkung für MMS und FreeMMS! http://www.gmx.net
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?11713.1073215930>