Re: Specifying the interface name on pppoe connection

To: debian-firewall@lists.debian.org
Subject: Re: Specifying the interface name on pppoe connection
From: Phil Dyer <phil.dyer@cox.net>
Date: Fri, 13 May 2005 06:51:41 -0400
Message-id: <[🔎] 428486BD.2050001@cox.net>
In-reply-to: <[🔎] 1115969527.9949.23.camel@ghent.office.linsec.com.au>
References: <[🔎] 1115969527.9949.23.camel@ghent.office.linsec.com.au>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Shane Machon said:
> 
> I suspect my only way around this is to change the interface name of the
> pppoe link from ppp0 to something else like extif, then i can build
> rules specific to that interface knowing that will always be the
> external connection.
> 
> Anyone know how if there is a switch in pppoe to set a specific
> interface name? Is there another solution (and no, i cant run IPSEC, as
> much as i'd like to :P).

When giving out an ip address range for pptp connections, you could
specify a separate subnet and create rules for that.

$FW -A FORWARD -i ppp+ -s $PPTP_NET -j ACCEPT/REJECT/WHATEVER

and for your pppoe connection use ! $PPTP_NET ...

$FW -A FORWARD -i ppp+ -s ! $PPTP_NET -j ACCEPT/REJECT/WHATEVER

- --

/phil


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (MingW32)

iD8DBQFChIa9Gbd/rBLcaFwRAvoEAJ9KNGHP06QLAKoKrEPv7J+Rw7rOPgCfTue4
twnmLr44VI0OOCRcGu1hdtc=
=B0rL
-----END PGP SIGNATURE-----

Reply to:

References:
- Specifying the interface name on pppoe connection
  - From: Shane Machon <shane@linsec.com.au>

Prev by Date: Specifying the interface name on pppoe connection
Next by Date: SSh Tunnel Over Squid
Previous by thread: Specifying the interface name on pppoe connection
Next by thread: SSh Tunnel Over Squid
Index(es):
- Date
- Thread