Psst.. new poll here.
Psst.. new forums here.
Microsoft is blocking us again (TY IP Reputation!) so just use oauth login instead. :)
Paste
Pasted as Bash by Butek ( 15 years ago )
gate# cat /etc/pf.conf
# Macros
ext_if = "rl0"
int_if = "nfe0"
extnet = "172.0.0.0/8"
lannet = "192.168.1.0/24"
ext_ip = "172.16.24.35/32"
bsd = "192.168.1.1/32"
private_nets="{ 127.0.0.0/8, 192.168.0.0/24, 0.0.0.0/8, 240.0.0.0/4}"
set block-policy drop
set state-policy floating
set loginterface $ext_if
set limit { frags 100000, states 100000 }
set optimization normal
set skip on lo0
scrub in all
# NAT
nat on $ext_if inet from $lannet to any -> $ext_ip
# Rules
antispoof quick for {lo0, $int_if, $ext_if }
block log all
block drop in quick on $ext_if from $private_nets to any
pass inet proto icmp icmp-type echoreq
pass in on $int_if proto tcp from any to any port >0
pass proto udp to any port domain keep state
pass quick on $ext_if inet proto tcp from $extnet to $ext_if port ssh
pass quick on $ext_if inet proto tcp from $ext_if port ssh to $extnet
pass quick on $ext_if inet proto tcp from
pass out on $ext_if proto tcp from any to any
pass out on $ext_if proto udp from any to any keep state
pass out on $int_if proto tcp from any to any
pass out on $int_if proto udp from any to any keep state
gate# cat /usr/local/etc/mpd5/mpd.conf
startup:
set user Butek nUmlA22j admin
set user Inna 001cf00c
set console self 127.0.0.1 5005
set console open
set web self 0.0.0.0 5006
set web open
default:
load pptp_server
pptp_server:
set ippool add pool1 192.168.1.50 192.168.1.100
create bundle template B
set iface idle 1800
set iface enable tcpmssfix
set ipcp ranges 192.168.1.1/32 ippool pool1
set ipcp dns 172.16.128.20
# MS Point-to-Point Shifrovanie
set bundle enable compression
set ccp yes mppc
set mppc yes e40
set mppc yes e128
set mppc yes stateless
create link template L pptp
set link action bundle B
set link disable multilink
set link yes acfcomp protocomp
# CHAP
set link no pap chap eap
set link enable chap
set link mtu 1400
set pptp self 172.16.24.35
set link enable incoming
Revise this Paste
Children: 78929