From owner-freebsd-questions  Sun Dec 21 06:21:15 1997
Return-Path: <owner-freebsd-questions>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.7/8.8.7) id GAA04060
          for questions-outgoing; Sun, 21 Dec 1997 06:21:15 -0800 (PST)
          (envelope-from owner-freebsd-questions)
Received: from ptero.ag.com.br (agsist.centroin.com.br [200.225.60.1])
          by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id GAA04055
          for <questions@FreeBSD.ORG>; Sun, 21 Dec 1997 06:21:09 -0800 (PST)
          (envelope-from ricardag@ag.com.br)
Received: from server01 (du-rjo-88b.centroin.com.br [200.225.57.88]) by ptero.ag.com.br (8.8.5/8.7.3) with SMTP id MAA23209 for <questions@FreeBSD.ORG>; Sun, 21 Dec 1997 12:21:02 -0200 (EDT)
Message-Id: <3.0.32.19971221122142.00973a70@ptero.ag.com.br>
X-Sender: ricardag@ptero.ag.com.br
X-Mailer: Windows Eudora Pro Version 3.0 (32)
Date: Sun, 21 Dec 1997 12:21:50 -0200
To: questions@FreeBSD.ORG
From: Ricardo AG Almeida <ricardag@ag.com.br>
Subject: pppd question
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Sender: owner-freebsd-questions@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

Hi,

I own some FreeBSD boxes, and one of them have 3 leased lines connecting
remote machines via ppp. I had set up pppd in /etc/ttys (cuaa2
"/usr/sbin/pppd -detach 57600" dial up on, for instance), and it's working
fine.

But now I have to set up firewall rules, to deny specifics services to some
of these remote machines. I had successfully compiled a new kernel, with
the firewall options, and applied the rules. That also works fine.

The problem i'm facing is that when the machine boots up, the remote boxes
connects into the pppN interfaces in a "first come, first served" basis.
So, the first remote box that connects grabs the ppp0, the second ppp1 and
so on. Clearly, that's a mess with ipfw rules like:

   ipfw add 1001 deny tcp from 10.0.123.0/24 to any 21 via ppp0

since I can't grant that the 10.0.123 net is always connected via ppp0.

Is there any way to force pppd use a specific interface (pppN)? In other
words, I wish that the cuaa2 line always uses the ppp0 interface, the cuaa3
uses the ppp1, in a way that the connect order doesn't matter. Is it possible?



Best regards,

   Ricardo A G Almeida
   AG SISTEMAS
   http://www.ag.com.br