Re: PPP Routing

["Miguel Angel Amador L." <amador@puc.cl>]

create the rules for each interface... and applied ppp+ for rules in all
ppp's interfaces,
the rules work when de interfaces are up , in the other case, the rules not
work if the interfaces not exist.

in other Words... Read the How To Filter Packet  (netfilter.samba.org)


Att.
  /===/  Miguel Angel Amador L.  /====/
"la vida me sonrie, o se estara riendo de mi? "

-----BEGIN GEEK CODE BLOCK-----
Version: 3.12
GCM d- s:+ a- C++++ UL+++ P- L+++ E--- W+++ N++ o K- w++
O- M- V- PS+ PE++ Y PGP- t 5 X+++ R !tv b+ DI- D
G++ e- h* r- y*
------END GEEK CODE BLOCK------

----- Original Message -----
From: "Willi Dyck" <wdyck@gmx.net>
To: <netfilter@lists.netfilter.org>
Sent: Wednesday, February 26, 2003 7:56 PM
Subject: Re: PPP Routing


> On Wed, Feb 26, 2003 at 10:59:38AM -0700, Tom Smith wrote:
> > RedHat 7.3 Kernel 2.4.9-31
> > iptables 1.2.5
> >
> > I have a working Firewall/VPN. Problem is that I need to create a
> > seperate set of rules for each ppp# connection. For example, ppp0's
> > ruleset would be:
> >
> > $IPTABLES -A INPUT -i ppp0 -s $INTNET -d $INTNET -j ACCEPT
> > $IPTABLES -A OUTPUT -o ppp0 -s $INTNET -d $INTNET -j ACCEPT
> > $IPTABLES -A FORWARD -i ppp0 -d $INTNET -j ACCEPT
> > $IPTABLES -A FORWARD -o ppp0 -d $INTNET -j ACCEPT
> >
> > Is there a way to dynamically create the ppp# as new connections come
> > and go?
>
> You might try 'ppp+' instead of 'ppp0'. Although it might not be what
> you want, since it will not be loaded dynamically, but it will match
> dynamically for all ppp# interfaces. See the netfilter docs for further
> info. Hope that helps.
>
> Gruß/Regards -- Willi
>
> --
> A Microsoft Certified System Engineer is to information technology as a
> McDonalds Certified Food Specialist is to the culinary arts.
>         Michael Bacarella commenting on the limited value of
certification.
>
>