-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Shane Machon said: > > I suspect my only way around this is to change the interface name of the > pppoe link from ppp0 to something else like extif, then i can build > rules specific to that interface knowing that will always be the > external connection. > > Anyone know how if there is a switch in pppoe to set a specific > interface name? Is there another solution (and no, i cant run IPSEC, as > much as i'd like to :P).
When giving out an ip address range for pptp connections, you could specify a separate subnet and create rules for that. $FW -A FORWARD -i ppp+ -s $PPTP_NET -j ACCEPT/REJECT/WHATEVER and for your pppoe connection use ! $PPTP_NET ... $FW -A FORWARD -i ppp+ -s ! $PPTP_NET -j ACCEPT/REJECT/WHATEVER - -- /phil -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (MingW32) iD8DBQFChIa9Gbd/rBLcaFwRAvoEAJ9KNGHP06QLAKoKrEPv7J+Rw7rOPgCfTue4 twnmLr44VI0OOCRcGu1hdtc= =B0rL -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
