Add support for PPTP client and server on the Firewall

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@295 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2002-10-14 22:26:28 +00:00
parent 912681428b
commit c1d99fe769
2 changed files with 39 additions and 4 deletions

View File

@ -1175,7 +1175,23 @@ setup_tunnels() # $1 = name of tunnels file
addrule $inchain -p $3 -s $2 -j ACCEPT addrule $inchain -p $3 -s $2 -j ACCEPT
addrule $outchain -p $3 -d $2 -j ACCEPT addrule $outchain -p $3 -d $2 -j ACCEPT
echo " $1 tunnel to $gateway defined." echo " $1 tunnel to $2 defined."
}
setup_pptp_client() # $1 = gateway
{
addrule $outchain -p 47 -d $1 -j ACCEPT
addrule $outchain -p tcp --dport 1723 -d $1 -j ACCEPT
echo " PPTP tunnel to $1 defined."
}
setup_pptp_server()
{
addrule $inchain -p 47 -j ACCEPT
addrule $inchain -p tcp --dport 1723 -j ACCEPT
echo " PPTP server defined."
} }
strip_file tunnels $1 strip_file tunnels $1
@ -1199,6 +1215,12 @@ setup_tunnels() # $1 = name of tunnels file
gre|GRE) gre|GRE)
setup_one_other GRE $gateway 47 setup_one_other GRE $gateway 47
;; ;;
pptpclient|PPTPCLIENT)
setup_pptp_client $gateway
;;
pptpserver|PPTPSERVER)
setup_pptp_server
;;
*) *)
error_message "Tunnels of type $kind are not supported:" \ error_message "Tunnels of type $kind are not supported:" \
"Tunnel \"$tunnel\" Ignored" "Tunnel \"$tunnel\" Ignored"

View File

@ -10,7 +10,7 @@
# The columns are: # The columns are:
# #
# TYPE -- must start in column 1 and be "ipsec", "ipsecnat","ip" # TYPE -- must start in column 1 and be "ipsec", "ipsecnat","ip"
# or "gre" # "gre","pptpclient" or "pptpserver"
# #
# ZONE -- The zone of the physical interface through which # ZONE -- The zone of the physical interface through which
# tunnel traffic passes. This is normally your internet # tunnel traffic passes. This is normally your internet
@ -58,5 +58,18 @@
# #
# ipsec net 0.0.0.0/0 vpn1,vpn2,vpn3 # ipsec net 0.0.0.0/0 vpn1,vpn2,vpn3
# #
# Example 5:
#
# You run the Linux PPTP client on your firewall and
# connect to server 192.0.2.221.
#
# pptpclient net 192.0.2.221
#
# Example 6:
#
# You run a PPTP server on your firewall.
#
# pptpserver net
#
# TYPE ZONE GATEWAY GATEWAY ZONE # TYPE ZONE GATEWAY GATEWAY ZONE
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE