Re: PPTP NAT support with Debian Woody

To: debian-firewall@lists.debian.org
Subject: Re: PPTP NAT support with Debian Woody
From: Daniel Pittman <daniel@rimspace.net>
Date: Wed, 15 Sep 2004 12:45:43 +1000
Message-id: <[🔎] 874qm0gsh4.fsf@enki.rimspace.net>
References: <[🔎] 9E9AC52457FA1D4FAA7C2572EBBD260F349E72@dchardtec.hardtec.com.ar>

On 14 Sep 2004, Federico Lazcano wrote:
> I'm proudly using Debian Woody on my router/firewall, but now I need
> support for natting PPTP connections from inside my network to
> exterior PPTP VPN Servers.

Ack. I hope that you, and the owner of that server, are aware that PPtP
provides very weak security for the connection.

> That's OK, I patched the kernel source with the patch-o-matic included
> in iptables-1.2.6a (source package), and I want to compile a build the
> iptables package in reference to this patched kernel.
>
> Which one is the most elegant way to do it?
>
> I'll try to recompile iptables from the Debian sources and build the
> package in reference to the patched kernel source.
>
> Any better idea?

No, what you are talking about is the best option.

Don't forget to increase the version number of the iptables package when
you build it locally, since apt will overwrite it with the upstream
version otherwise.

Also, you may look at the `apt-build' and `apt-src' packages, which are
aimed at managing this sort of thing.  I never had great luck with them,
though, and chose to do things manually.

Regards,
        Daniel
-- 
If a joke is worth telling, it's worth telling once.
        -- Ollie MacNoonan

Reply to:

References:
- PPTP NAT support with Debian Woody
  - From: "Federico Lazcano" <flazcano@hardtec.com.ar>

Prev by Date: Re: Connection states information tables
Next by Date: Re: Account
Previous by thread: PPTP NAT support with Debian Woody
Next by thread: Connection states information tables
Index(es):
- Date
- Thread