Correct filter syntax.

This commit is contained in:
Brian Somers 1998-03-17 01:26:52 +00:00
parent eaa4df37f4
commit fd33683210
Notes: svn2git 2020-12-20 02:59:44 +00:00
svn path=/cvs2svn/branches/MP/; revision=34637

View File

@ -4,7 +4,7 @@
#
# Originally written by Toshiharu OHNO
#
# $Id: ppp.conf.sample,v 1.27 1997/12/30 23:34:35 brian Exp $
# $Id: ppp.conf.sample,v 1.28 1997/12/31 03:58:45 brian Exp $
#
#################################################################
@ -188,15 +188,15 @@ dodgy:
#
# If we don't want ICMP and DNS packets to keep the connection alive:
#
set afilter 0 deny icmp
set afilter 1 deny udp src eq 53
set afilter 2 deny udp dst eq 53
set afilter 3 permit 0/0 0/0
set filter alive 0 deny icmp
set filter alive 1 deny udp src eq 53
set filter alive 2 deny udp dst eq 53
set filter alive 3 permit 0/0 0/0
#
# And we don't want ICMPs to cause a dialup:
#
set dfilter 0 deny icmp
set dfilter 1 permit 0/0 0/0
set filter dial 0 deny icmp
set filter dial 1 permit 0/0 0/0
#
# Once the line's up, allow connections for ident (113), telnet (23),
# ftp (20 & 21), DNS (53), my place of work (192.244.191.0/24),
@ -204,22 +204,22 @@ dodgy:
#
# Anything else is blocked by default
#
set ifilter 0 permit tcp dst eq 113
set ofilter 0 permit tcp src eq 113
set ifilter 1 permit tcp src eq 23 estab
set ofilter 1 permit tcp dst eq 23
set ifilter 2 permit tcp src eq 21 estab
set ofilter 2 permit tcp dst eq 21
set ifilter 3 permit tcp src eq 20 dst gt 1023
set ofilter 3 permit tcp dst eq 20
set ifilter 4 permit udp src eq 53
set ofilter 4 permit udp dst eq 53
set ifilter 5 permit 192.244.191.0/24 0/0
set ofilter 5 permit 0/0 192.244.191.0/24
set ifilter 6 permit icmp
set ofilter 6 permit icmp
set ifilter 7 permit udp dst gt 33433
set ofilter 7 permit udp dst gt 33433
set filter in 0 permit tcp dst eq 113
set filter out 0 permit tcp src eq 113
set filter in 1 permit tcp src eq 23 estab
set filter out 1 permit tcp dst eq 23
set filter in 2 permit tcp src eq 21 estab
set filter out 2 permit tcp dst eq 21
set filter in 3 permit tcp src eq 20 dst gt 1023
set filter out 3 permit tcp dst eq 20
set filter in 4 permit udp src eq 53
set filter out 4 permit udp dst eq 53
set filter in 5 permit 192.244.191.0/24 0/0
set filter out 5 permit 0/0 192.244.191.0/24
set filter in 6 permit icmp
set filter out 6 permit icmp
set filter in 7 permit udp dst gt 33433
set filter out 7 permit udp dst gt 33433
# Server side PPP