On Mon, 23 Aug 2004, Edwin wrote:
> I want to only allow centain ip-adresses to make a pptp connection to
> my monowall, but this doesnot seem to work. Even if i block all
> traffic to my wan interface, with pptp server enabled i can get a pptp
> connection anyway!
> Is it possible to restrict this in some way (block 1723, gre, tried it
Currently no, since it automatically adds pass rules for TCP 1723 and GRE
when the PPTP server or PPTP redirect is enabled. Though oddly enough,
when I just tried enabling the PPTP server for testing, the pass rules
specified the localhost address as the destination.
It might make sense to have an option to disable the automatic PPTP rules
for this reason.