Add reverse GRE rules for PPTP server and clients

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@337 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-11-24 18:40:51 +00:00 · 2002-11-24 18:40:51 +00:00 · 9a8d39bdd5
commit 9a8d39bdd5
parent b420f4dd36
2 changed files with 8 additions and 4 deletions
--- a/STABLE/firewall
+++ b/STABLE/firewall
@ -1211,6 +1211,7 @@ setup_tunnels() # $1 = name of tunnels file
    setup_pptp_client() # $1 = gateway
    {
 	addrule $outchain -p 47               -d $1 -j ACCEPT
+	addrule $inchain  -p 47               -s $1 -j ACCEPT
 	addrule $outchain -p tcp --dport 1723 -d $1 -j ACCEPT

 	echo "   PPTP tunnel to $1 defined."
@ -1218,8 +1219,9 @@ setup_tunnels() # $1 = name of tunnels file

    setup_pptp_server()
    {
-	addrule $inchain -p 47               -j ACCEPT
-	addrule $inchain -p tcp --dport 1723 -j ACCEPT
+	addrule $inchain  -p 47               -j ACCEPT
+	addrule $outchain -p 47               -j ACCEPT
+	addrule $inchain  -p tcp --dport 1723 -j ACCEPT

 	echo "   PPTP server defined."
    }
--- a/Shorewall/firewall
+++ b/Shorewall/firewall
@ -1236,6 +1236,7 @@ setup_tunnels() # $1 = name of tunnels file
    setup_pptp_client() # $1 = gateway
    {
 	addrule $outchain -p 47               -d $1 -j ACCEPT
+	addrule $inchain  -p 47               -j ACCEPT
 	addrule $outchain -p tcp --dport 1723 -d $1 -j ACCEPT

 	echo "   PPTP tunnel to $1 defined."
@ -1243,8 +1244,9 @@ setup_tunnels() # $1 = name of tunnels file

    setup_pptp_server()
    {
-	addrule $inchain -p 47               -j ACCEPT
-	addrule $inchain -p tcp --dport 1723 -j ACCEPT
+	addrule $inchain  -p 47               -j ACCEPT
+	addrule $outchain -p 47               -j ACCEPT
+	addrule $inchain  -p tcp --dport 1723 -j ACCEPT

 	echo "   PPTP server defined."
    }