diff --git a/Shorewall-docs/PPTP.xml b/Shorewall-docs/PPTP.xml index ccc4802fc..e77fd236b 100644 --- a/Shorewall-docs/PPTP.xml +++ b/Shorewall-docs/PPTP.xml @@ -2,6 +2,8 @@
+ + PPTP @@ -30,8 +32,8 @@ document under the terms of the GNU Free Documentation License, Version 1.2 or any later version published by the Free Software Foundation; with no Invariant Sections, with no Front-Cover, and with no Back-Cover - Texts. A copy of the license is included in the section entitled "GNU Free Documentation License". + Texts. A copy of the license is included in the section entitled + GNU Free Documentation License. @@ -81,15 +83,15 @@ http://www.poptop.org - The 'kernelmod' package can be used to quickly install - MPPE into your kernel without rebooting. + The kernelmod package can be used to quickly + install MPPE into your kernel without rebooting. I am leaving the instructions for building MPPE-enabled kernels and pppd in the text below for those who may wish to obtain the relevant - current patches and "roll their own". + current patches and roll their own.
@@ -164,8 +166,8 @@ patch -p1 < ../ppp-2.4.1-MSCHAPv2-fix.patch make You will need to install the resulting binary on your firewall - system. To do that, I NFS mount my source filesystem and use "make - install" from the ppp-2.4.1 directory. + system. To do that, I NFS mount my source filesystem and use + make install from the ppp-2.4.1 directory.
@@ -257,7 +259,7 @@ require-mppe-stateless System 192.168.1.3 acts as a WINS server so I have included - that IP as the 'ms-wins' value. + that IP as the ms-wins value. @@ -267,7 +269,8 @@ require-mppe-stateless I am requiring 128-bit stateless compression (my kernel is - built with the 'require-mppe.diff' patch mentioned above. + built with the require-mppe.diff patch mentioned + above. @@ -319,7 +322,7 @@ remoteip 192.168.1.33-38 I have assigned a remote IP range that overlaps my local - network. This, together with 'proxyarp' in my + network. This, together with proxyarp in my /etc/ppp/options.poptop file make the remote hosts look like they are part of the local subnetwork. @@ -1125,9 +1128,9 @@ loadmodule ip_nat_pptp I use the combination of interface and hosts file to define the - 'cpq' zone because I also run a PPTP server on my firewall (see - above). Using this technique allows me to distinguish clients of my own - PPTP server from arbitrary hosts at Compaq; I assign addresses in + cpq zone because I also run a PPTP server on my firewall + (see above). Using this technique allows me to distinguish clients of my + own PPTP server from arbitrary hosts at Compaq; I assign addresses in 192.168.1.0/24 to my PPTP clients and Compaq doesn't use that RFC1918 Class C subnet. @@ -1285,11 +1288,11 @@ restart_pptp > /dev/null 2>&1 & Modem Some ADSL systems in Europe (most notably in Austria) feature a PPTP - server built into an ADSL "Modem". In this setup, an ethernet + server built into an ADSL Modem. In this setup, an ethernet interface is dedicated to supporting the PPTP tunnel between the firewall - and the "Modem" while the actual internet access is through PPTP - (interface ppp0). If you have this type of setup, you need to modify the - sample configuration that you downloaded as described in this section. + and the Modem while the actual internet access is through + PPTP (interface ppp0). If you have this type of setup, you need to modify + the sample configuration that you downloaded as described in this section. These changes are in addition to those described in the QuickStart Guides. @@ -1341,8 +1344,8 @@ restart_pptp > /dev/null 2>&1 & - That entry defines a new zone called 'modem' which will - contain only your ADSL modem. + That entry defines a new zone called modem which + will contain only your ADSL modem. @@ -1378,9 +1381,10 @@ restart_pptp > /dev/null 2>&1 & - You will of course modify the 'net' entry in - /etc/shorewall/interfaces to specify 'ppp0' as the interface - as described in the QuickStart Guide corresponding to your setup. + You will of course modify the net entry in + /etc/shorewall/interfaces to specify ppp0 as the + interface as described in the QuickStart Guide corresponding to your + setup.