Date: Wed, 31 Jan 2001 22:08:08 +0100 From: Cliff Sarginson <cliff@raggedclown.net> To: Josh Paetzel <jpaetzel@hutchtel.net> Cc: darryl@osborne-ind.com, freebsd-questions@FreeBSD.ORG Subject: Re: ppp packet filtering Message-ID: <20010131220808.A1156@raggedclown.net> In-Reply-To: <001c01c08b9f$14a9b0e0$6100000a@vladsempire.net>; from jpaetzel@hutchtel.net on Wed, Jan 31, 2001 at 10:01:01AM -0600 References: <E14NzFf-000NA1-00@post.mail.nl.demon.net> <001c01c08b9f$14a9b0e0$6100000a@vladsempire.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Jan 31, 2001 at 10:01:01AM -0600, Josh Paetzel wrote: > > ----- Original Message ----- > From: "Cliff Sarginson" <cliff@raggedclown.net> > To: <darryl@osborne-ind.com>; <freebsd-questions@FreeBSD.ORG> > Sent: Wednesday, January 31, 2001 9:32 AM > Subject: Re: ppp packet filtering > > > > I hope you get an answer to this. I have asked several times > > on this list for an expert to give some summary of the mystifying > > number of combinations available for PPP, filters, ipfw, Nat here, Nat > > there nat everywhere. And the documentation available is contradictory. > > > > I am sure someone out there knows. Pure NAT questions get answered, > > but mention PPP .. and silence reigns .. lol. > > > > Cliff > > > > > Greetings, > > > I use userland ppp with the -auto and -nat flags. This is a > > > good combo for me. I want to do some packet filtering for > > > security reasons, and wondered if the packet filtering that > > > you can do with rules in the ppp.conf is good ? The > > > tutorials I've seen start off by configuring NAT on the system > > > then using one of the system filtering programs to do the > > > job. Seems like overkill if ppp can do the job. > > > > > > thanks for the input, > > > Darryl > > PPP packet filtering is really the only way that I know of to filter > when you have a dynamic IP and dialup. The man page for PPP... <snip> The input is great, thanks! I was not really complaining about the PPP pages, what I think is not really clear is not the rule-set etc, but *what* to use. Nat withing ppp, so to speak is suggested in some places, nat seperately in others. Rulesets as ppp filters in one place, ipfw in others..and doubtless combinations in between ! Cliff To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010131220808.A1156>