forked from extern/shorewall_code
Add support for PPTP client and server on the Firewall
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@295 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
parent
912681428b
commit
c1d99fe769
@ -1175,7 +1175,23 @@ setup_tunnels() # $1 = name of tunnels file
|
|||||||
addrule $inchain -p $3 -s $2 -j ACCEPT
|
addrule $inchain -p $3 -s $2 -j ACCEPT
|
||||||
addrule $outchain -p $3 -d $2 -j ACCEPT
|
addrule $outchain -p $3 -d $2 -j ACCEPT
|
||||||
|
|
||||||
echo " $1 tunnel to $gateway defined."
|
echo " $1 tunnel to $2 defined."
|
||||||
|
}
|
||||||
|
|
||||||
|
setup_pptp_client() # $1 = gateway
|
||||||
|
{
|
||||||
|
addrule $outchain -p 47 -d $1 -j ACCEPT
|
||||||
|
addrule $outchain -p tcp --dport 1723 -d $1 -j ACCEPT
|
||||||
|
|
||||||
|
echo " PPTP tunnel to $1 defined."
|
||||||
|
}
|
||||||
|
|
||||||
|
setup_pptp_server()
|
||||||
|
{
|
||||||
|
addrule $inchain -p 47 -j ACCEPT
|
||||||
|
addrule $inchain -p tcp --dport 1723 -j ACCEPT
|
||||||
|
|
||||||
|
echo " PPTP server defined."
|
||||||
}
|
}
|
||||||
|
|
||||||
strip_file tunnels $1
|
strip_file tunnels $1
|
||||||
@ -1199,6 +1215,12 @@ setup_tunnels() # $1 = name of tunnels file
|
|||||||
gre|GRE)
|
gre|GRE)
|
||||||
setup_one_other GRE $gateway 47
|
setup_one_other GRE $gateway 47
|
||||||
;;
|
;;
|
||||||
|
pptpclient|PPTPCLIENT)
|
||||||
|
setup_pptp_client $gateway
|
||||||
|
;;
|
||||||
|
pptpserver|PPTPSERVER)
|
||||||
|
setup_pptp_server
|
||||||
|
;;
|
||||||
*)
|
*)
|
||||||
error_message "Tunnels of type $kind are not supported:" \
|
error_message "Tunnels of type $kind are not supported:" \
|
||||||
"Tunnel \"$tunnel\" Ignored"
|
"Tunnel \"$tunnel\" Ignored"
|
||||||
|
@ -10,7 +10,7 @@
|
|||||||
# The columns are:
|
# The columns are:
|
||||||
#
|
#
|
||||||
# TYPE -- must start in column 1 and be "ipsec", "ipsecnat","ip"
|
# TYPE -- must start in column 1 and be "ipsec", "ipsecnat","ip"
|
||||||
# or "gre"
|
# "gre","pptpclient" or "pptpserver"
|
||||||
#
|
#
|
||||||
# ZONE -- The zone of the physical interface through which
|
# ZONE -- The zone of the physical interface through which
|
||||||
# tunnel traffic passes. This is normally your internet
|
# tunnel traffic passes. This is normally your internet
|
||||||
@ -58,5 +58,18 @@
|
|||||||
#
|
#
|
||||||
# ipsec net 0.0.0.0/0 vpn1,vpn2,vpn3
|
# ipsec net 0.0.0.0/0 vpn1,vpn2,vpn3
|
||||||
#
|
#
|
||||||
|
# Example 5:
|
||||||
|
#
|
||||||
|
# You run the Linux PPTP client on your firewall and
|
||||||
|
# connect to server 192.0.2.221.
|
||||||
|
#
|
||||||
|
# pptpclient net 192.0.2.221
|
||||||
|
#
|
||||||
|
# Example 6:
|
||||||
|
#
|
||||||
|
# You run a PPTP server on your firewall.
|
||||||
|
#
|
||||||
|
# pptpserver net
|
||||||
|
#
|
||||||
# TYPE ZONE GATEWAY GATEWAY ZONE
|
# TYPE ZONE GATEWAY GATEWAY ZONE
|
||||||
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
|
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
|
||||||
|
Loading…
Reference in New Issue
Block a user