Date: Sat, 19 Aug 2000 21:02:37 +0200 From: Thomas Bader <thomas@t-bader.ch> To: freebsd-questions@freebsd.org Subject: User ppp/firewall on 4.1-RELEASE Message-ID: <20000819210237.A2327@trash.net>
next in thread | raw e-mail | index | archive | help
Hi! I have a box running FreeBSD 4.1-RELEASE. There I set up=20 /etc/ppp/ppp.conf and I get a connection to both my ISPs. Now I'd like to protect some services on my machine (for=20 example SMTP) from the outside. So, I put this in my=20 ppp.conf: --- =BB=B7=B7=B7=B7=B7=B7=B7# Some rules for incoming packets =BB=B7=B7=B7=B7=B7=B7=B7set filter in 0 deny 0/0 MYADDR tcp dst eq 22=BB=B7= =B7=BB=B7=B7=B7=B7=B7=B7=B7# Secure Shell =BB=B7=B7=B7=B7=B7=B7=B7set filter in 1 deny 0/0 MYADDR udp dst eq 22=BB=B7= =B7=BB=B7=B7=B7=B7=B7=B7=B7# Secure Shell =BB=B7=B7=B7=B7=B7=B7=B7set filter in 2 deny 0/0 MYADDR tcp dst eq 25=BB=B7= =B7=BB=B7=B7=B7=B7=B7=B7=B7# Simple Mail Transport Protocol =BB=B7=B7=B7=B7=B7=B7=B7set filter in 3 deny 0/0 MYADDR udp dst eq 25=BB=B7= =B7=BB=B7=B7=B7=B7=B7=B7=B7# Simple Mail Transport Protocol =BB=B7=B7=B7=B7=B7=B7=B7set filter in 4 deny 0/0 MYADDR tcp dst eq 23=BB=B7= =B7=BB=B7=B7=B7=B7=B7=B7=B7# Telnet =BB=B7=B7=B7=B7=B7=B7=B7set filter in 5 deny 0/0 MYADDR udp dst eq 23=BB=B7= =B7=BB=B7=B7=B7=B7=B7=B7=B7# Telnet =BB=B7=B7=B7=B7=B7=B7=B7set filter in 6 permit 0/0 MYADDR 0 0 --- But I just get something like this: --- Warning: ParseUdpOrTcp: bad src/dst port syntax: Warning: ParseIcmp: bad icmp syntax. Warning: ParseUdpOrTcp: bad src/dst port syntax: Warning: Parse: 0: Invalid protocol --- What I'm doing wrong? I'm sure, that my syntax is according to the manpage of ppp. Still, I have second question: Is there a possibility to make ppp write the entiry chat-script to the logfiles? I'd like to verify, which phone number gets dialed in the ATD command. BTW: Please cc me as I'm not subscribed to the list. Thomas --=20 .-. Thomas Bader =B7 thomasb@trash.net.remove =B7 http://www.t-bader.ch= / .-. oo| o= o| /`'\ Einen Unix-Shellaccount gibt es unter http://www.trash.net/ /`= '\ (\_;/) PGP Key-ID: 0x3A4B7F5D (RSA) 0x7584F5D8 (DSA/EG) (\_= ;/) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000819210237.A2327>