Re: Most useful pppd active-filter string for Linux
From: Andy Furniss (spam.bucket_at_surfanytime.co.uk)
Date: Sun, 24 Aug 2003 09:53:46 +0100
> If a (RH) linux pppd daemon is set up to "dial on demand" and hold the
> line open while legitimate/solicited packets are passed across it; given
> the number of unsloicited packets comming across a dialup link:
> P2P (KaZaA edonkey etc), Microsft servers ports (137 etc), unsolicited
> pings (icmp=8), etc,etc;
> What is the most useful string to put in the active-filter line of the
> /etc/ppp/options file so that the line only stays up for genuine
> connections (including FTP (none passive) client sessions and
> outgoing pings)?
> NB This is a posting of a question about the packets keeping a
> linux PPP link up, it is NOT about firewalls (ipconfig/iptables).
I used to use just 'outbound' - but it won't work unless you have a
firewall to stop you sending port unreachables/rst.
I did use one for a while before I got the firewall together - it worked
for me, but is probably flawed, definatley inelegant & didn't get tested
for very long.
outbound and not ((tcp & 4 !=0) or (icmp = 3))
As for FTP - I don't know, I never had problems - a question of timeouts I