peasthope@shaw.ca wrote:> Folk,
>
> For several years a dial-in connection has worked
> via mgetty and PPP on a machine which lacks Shorewall.
> Now I am configuring this connection on
> another machine where Shorewall is working.
>
> A ppp zone should be defined for the system which
> dials in. Correct?
See below.
>
> In the old system, there was no ppp0 in
> /etc/network/interfaces. Will such an entry be
> required on the Shorewalled system?
No.>
> If the previous answer is no, how should the ppp
> interface be cited in /etc/shorewall/masq ?
Whether an interface is or isn''t mentioned in /etc/network/interfaces
has absolutely nothing to do with what goes in /etc/shorewall/masq.
We can''t tell you what to put in /etc/shorewall/masq unless we know:
a) What connectivity you want dial-in clients to have; if they need
internet access; then
b) We need to know if the IP address that you assign to the PPP
interface is in your local network''s range that is already being masqed
via another entry. If it is, then you need to do nothing. Otherwise, you
need to masq the ppp range out through your ''net'' interface.
>
> /usr/share/shorewall/macro.PPP does not exist on
> the shorewalled system. Any tips on creating one
> or otherwise setting a rule?
ppp0 is just an interface. You either assign it it''s own zone or you
just make it part of your local zone. If you make it part of your local
zone, just add:
loc ppp+
to /etc/shorewall/interfaces and you''re all set.
This is all very much like setting up a PPTP server only simpler because
you don''t need to worry about anything in the tunnels file.
------------------------------------------------------------------------------
This SF.net email is sponsored by:
SourcForge Community
SourceForge wants to tell your story.
http://p.sf.net/sfu/sf-spreadtheword