Hi,

that's strange, I checked the status.php and my ipfstat -nio looks like 
this:

@1 pass in quick proto gre from any to x.y.233.10/32 keep state group 200
@2 pass in quick proto tcp from any to x.y.233.10/32 port = 1723 keep 
state group 200
@3 pass in log first quick proto tcp from any to x.y.240.1/32 port = 
1723 keep state group 200


The network x.y.233.10/3 (@1, @2) is not my network, but somehow 
monowall added a rule for this network (instead for my network), the 
rule @3 (x.y.240.1) is the rule I added so that I can use PPTP. Again, I 
just did a upgrade, it's the same config (I added only the rule @3 so 
that I can use PPTP) which worked with the 1.11 version without any 
problems. It looks like a bug in the final version, at least I have no 
clue why monowall is using the wrong network, I never added the network 
x.y.233.10 to monowall because this network comes not even close to my 
network. This explains of course why PPTP is not working right out of 
the box.

Regards,

   JM

PS.: The x.y. is the same number for all 3 rules.


Chris Buechler wrote:
> On 10/16/05, Juergen Moellenhoff <jm at oic dot de> wrote:
> 
>>that's not the rule I mean :-), you refer to the rule for the PPTP
>>interface but I had to add a rule to the WAN interface so that to the
>>port TCP/1723 (PPTP control port) is open for a connection, this was not
>>necessary with the 1.11 version.
> 
> 
> 
> shouldn't be necessary now either.  In my status.php, under ipfstat
> -nio, I have:
> 
> @2 pass in quick proto tcp from any to 12.202.x.x/32 port = 1723 keep
> state group 200
> 
> as an automatically added rule.  right below the automatically added
> rule that allows GRE.  Do you not see that rule on yours?
> 
> -Chris
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>