[ previous ] [ next ] [ threads ]
 From:  Fred Wright <fw at well dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] pptp block rule?
 Date:  Mon, 23 Aug 2004 20:33:11 -0700 (PDT)
On Mon, 23 Aug 2004, Edwin wrote:

> I want to only allow centain ip-adresses to make a pptp connection to
> my monowall, but this doesnot seem to work. Even if i block all
> traffic to my wan interface, with pptp server enabled i can get a pptp
> connection anyway!
> Is it possible to restrict this in some way (block 1723, gre, tried it
> all......)

Currently no, since it automatically adds pass rules for TCP 1723 and GRE
when the PPTP server or PPTP redirect is enabled.  Though oddly enough,
when I just tried enabling the PPTP server for testing, the pass rules
specified the localhost address as the destination.

It might make sense to have an option to disable the automatic PPTP rules
for this reason.

					Fred Wright