Welcome, guest! Login / Register - Why register?
Psst.. new poll here.
Psst.. new forums here.
Microsoft is blocking us again (TY IP Reputation!) so just use oauth login instead. :)

Paste

Pasted as Bash by Butek ( 15 years ago )
gate# cat /etc/pf.conf
# Macros
        ext_if = "rl0"
        int_if = "nfe0"

        extnet = "172.0.0.0/8"
        lannet = "192.168.1.0/24"
        ext_ip = "172.16.24.35/32"
        bsd = "192.168.1.1/32"
        private_nets="{ 127.0.0.0/8, 192.168.0.0/24, 0.0.0.0/8, 240.0.0.0/4}"

        set block-policy drop
        set state-policy floating
        set loginterface $ext_if
        set limit { frags 100000, states 100000 }
        set optimization normal
        set skip on lo0
        scrub in all
# NAT
        nat on $ext_if inet from $lannet to any -> $ext_ip
# Rules
        antispoof quick for {lo0, $int_if, $ext_if }
        block log all
        block drop in quick on $ext_if from $private_nets to any
        pass inet proto icmp icmp-type echoreq

        pass in on $int_if proto tcp from any to any port >0
        pass proto udp to any port domain keep state

        pass quick on $ext_if inet proto tcp from $extnet to $ext_if port ssh
        pass quick on $ext_if inet proto tcp from $ext_if port ssh to $extnet
        pass quick on $ext_if inet proto tcp from

        pass out on $ext_if proto tcp from any to any
        pass out on $ext_if proto udp from any to any keep state
        pass out on $int_if proto tcp from any to any
        pass out on $int_if proto udp from any to any keep state



gate# cat /usr/local/etc/mpd5/mpd.conf
startup:
        set user Butek nUmlA22j admin
        set user Inna 001cf00c

        set console self 127.0.0.1 5005
        set console open

        set web self 0.0.0.0 5006
        set web open
default:
        load pptp_server

pptp_server:
        set ippool add pool1 192.168.1.50 192.168.1.100
        create bundle template B
        set iface idle 1800
        set iface enable tcpmssfix
        set ipcp ranges 192.168.1.1/32 ippool pool1
        set ipcp dns 172.16.128.20

        # MS Point-to-Point Shifrovanie
        set bundle enable compression
        set ccp yes mppc
        set mppc yes e40
        set mppc yes e128
        set mppc yes stateless

        create link template L pptp
        set link action bundle B
        set link disable multilink
        set link yes acfcomp protocomp

        # CHAP
        set link no pap chap eap
        set link enable chap
        set link mtu 1400
        set pptp self 172.16.24.35
        set link enable incoming

 

Revise this Paste

Children: 78929
Your Name: Code Language: