From owner-freebsd-questions Sat Aug 19 12: 2:43 2000 Delivered-To: freebsd-questions@freebsd.org Received: from stinky.trash.net (stinky.trash.net [195.141.182.42]) by hub.freebsd.org (Postfix) with ESMTP id 63EDD37B422 for ; Sat, 19 Aug 2000 12:02:40 -0700 (PDT) Received: (from thomasb@localhost) by stinky.trash.net (8.10.1/8.10.1) id e7JJ2bb02389 for freebsd-questions@freebsd.org; Sat, 19 Aug 2000 21:02:37 +0200 (MET DST) X-Authentication-Warning: stinky.trash.net: thomasb set sender to thomas@t-bader.ch using -f Date: Sat, 19 Aug 2000 21:02:37 +0200 From: Thomas Bader To: freebsd-questions@freebsd.org Subject: User ppp/firewall on 4.1-RELEASE Message-ID: <20000819210237.A2327@trash.net> Mail-Followup-To: freebsd-questions@freebsd.org Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable User-Agent: Mutt/1.2.5i Organization: private X-Url: X-Cool: get your free UNIX account @ http://www.trash.net/ X-PGP-Key: mailto (automated reply) X-PGP-Algorithms: RSA and DSA/EG keys are available X-Operating-System: SunOS 5.7 (sun4u) X-Editor: Vim-507 http://www.vim.org Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Hi! I have a box running FreeBSD 4.1-RELEASE. There I set up=20 /etc/ppp/ppp.conf and I get a connection to both my ISPs. Now I'd like to protect some services on my machine (for=20 example SMTP) from the outside. So, I put this in my=20 ppp.conf: --- =BB=B7=B7=B7=B7=B7=B7=B7# Some rules for incoming packets =BB=B7=B7=B7=B7=B7=B7=B7set filter in 0 deny 0/0 MYADDR tcp dst eq 22=BB=B7= =B7=BB=B7=B7=B7=B7=B7=B7=B7# Secure Shell =BB=B7=B7=B7=B7=B7=B7=B7set filter in 1 deny 0/0 MYADDR udp dst eq 22=BB=B7= =B7=BB=B7=B7=B7=B7=B7=B7=B7# Secure Shell =BB=B7=B7=B7=B7=B7=B7=B7set filter in 2 deny 0/0 MYADDR tcp dst eq 25=BB=B7= =B7=BB=B7=B7=B7=B7=B7=B7=B7# Simple Mail Transport Protocol =BB=B7=B7=B7=B7=B7=B7=B7set filter in 3 deny 0/0 MYADDR udp dst eq 25=BB=B7= =B7=BB=B7=B7=B7=B7=B7=B7=B7# Simple Mail Transport Protocol =BB=B7=B7=B7=B7=B7=B7=B7set filter in 4 deny 0/0 MYADDR tcp dst eq 23=BB=B7= =B7=BB=B7=B7=B7=B7=B7=B7=B7# Telnet =BB=B7=B7=B7=B7=B7=B7=B7set filter in 5 deny 0/0 MYADDR udp dst eq 23=BB=B7= =B7=BB=B7=B7=B7=B7=B7=B7=B7# Telnet =BB=B7=B7=B7=B7=B7=B7=B7set filter in 6 permit 0/0 MYADDR 0 0 --- But I just get something like this: --- Warning: ParseUdpOrTcp: bad src/dst port syntax: Warning: ParseIcmp: bad icmp syntax. Warning: ParseUdpOrTcp: bad src/dst port syntax: Warning: Parse: 0: Invalid protocol --- What I'm doing wrong? I'm sure, that my syntax is according to the manpage of ppp. Still, I have second question: Is there a possibility to make ppp write the entiry chat-script to the logfiles? I'd like to verify, which phone number gets dialed in the ATD command. BTW: Please cc me as I'm not subscribed to the list. Thomas --=20 .-. Thomas Bader =B7 thomasb@trash.net.remove =B7 http://www.t-bader.ch= / .-. oo| o= o| /`'\ Einen Unix-Shellaccount gibt es unter http://www.trash.net/ /`= '\ (\_;/) PGP Key-ID: 0x3A4B7F5D (RSA) 0x7584F5D8 (DSA/EG) (\_= ;/) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message