Skip site navigation (1)Skip section navigation (2) 
Date:      Sat, 19 Aug 2000 21:02:37 +0200
From:      Thomas Bader <thomas@t-bader.ch>
To:        freebsd-questions@freebsd.org
Subject:   User ppp/firewall on 4.1-RELEASE
Message-ID:  <20000819210237.A2327@trash.net>
index | next in thread | raw e-mail 

Hi!

I have a box running FreeBSD 4.1-RELEASE.  There I set up 
/etc/ppp/ppp.conf and I get a connection to both my ISPs.
Now I'd like to protect some services on my machine (for 
example SMTP) from the outside.  So, I put this in my 
ppp.conf:

---
»·······# Some rules for incoming packets
»·······set filter in 0 deny 0/0 MYADDR tcp dst eq 22»··»·······# Secure Shell
»·······set filter in 1 deny 0/0 MYADDR udp dst eq 22»··»·······# Secure Shell
»·······set filter in 2 deny 0/0 MYADDR tcp dst eq 25»··»·······# Simple Mail Transport Protocol
»·······set filter in 3 deny 0/0 MYADDR udp dst eq 25»··»·······# Simple Mail Transport Protocol
»·······set filter in 4 deny 0/0 MYADDR tcp dst eq 23»··»·······# Telnet
»·······set filter in 5 deny 0/0 MYADDR udp dst eq 23»··»·······# Telnet
»·······set filter in 6 permit 0/0 MYADDR 0 0
---

But I just get something like this:

---
Warning: ParseUdpOrTcp: bad src/dst port syntax:
Warning: ParseIcmp: bad icmp syntax.
Warning: ParseUdpOrTcp: bad src/dst port syntax:
Warning: Parse: 0: Invalid protocol
---

What I'm doing wrong?  I'm sure, that my syntax is according
to the manpage of ppp.

Still, I have second question:  Is there a possibility to
make ppp write the entiry chat-script to the logfiles?  I'd
like to verify, which phone number gets dialed in the ATD
command.

BTW:  Please cc me as I'm not subscribed to the list.

Thomas
-- 
  .-.   Thomas Bader · thomasb@trash.net.remove · http://www.t-bader.ch/  .-.
  oo|                                                                     oo|
 /`'\     Einen Unix-Shellaccount gibt es unter http://www.trash.net/    /`'\
(\_;/)       PGP Key-ID: 0x3A4B7F5D (RSA)  0x7584F5D8 (DSA/EG)          (\_;/)


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
help

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000819210237.A2327>