ppp idle timer
Karl Juchen
karl.juchen at gmx.de
Sun Jan 4 03:32:13 PST 2004
Hi!
fbsd_user wrote:
> I have been reading this list for 4 years and your post is the first
> on any body trying to use 'user ppp' filter rules.
> I read about them when I setup my own user ppp dial out to ISP over
> voice phone modem, tried to use them, but they have no way to verify
> the rules are working, and iirc no logging function.
There is a logging facility 'Filter' that allows basic logging, but for my
problem
that's not very important, I think. I check the idle timer with:
set server +3000 mypasswd
pppctl 3000
show bundle
That's probably not the best solution, but it works.
> Here's my advice, you are better off with ipfilter firewall which is
> delivered as part of the FBSD core system. IPFW is massive overkill
> in most cases.
>
> More information on IPF can be found here.
> http://www.obfuscation.org/ipf/ipf-howto.html#TOC_1
>
> http://coombs.anu.edu.au/~avalon/ip-filter.html
Thanks, first of all. Of course I do not want to do real packet-filtering
with ppp, but just control the idle timer. Example:
Somebody sends icmp echo-requests to my box. Even if my box doesn't
give any replies, the incoming packets will keep up my dial-on-demand
connection.
That's what I want to suppress with my ppp filter rules. The problem
occurs very frequently with p2p-network requests, that belong to the
former owner of my dynamic ip address...
I can't imagine I'm the only one, who has such a kind of problem.
Unfortunately, I couldn't find out how to control ppp idle timer with IPF,
is it really possible?
I'm grateful for any solution.
Regards,
Karl
--
+++ GMX - die erste Adresse für Mail, Message, More +++
Neu: Preissenkung für MMS und FreeMMS! http://www.gmx.net
More information about the freebsd-questions
mailing list