Alright folks. I've been gathering some information about the way the connection is handled, and here's how it is.
Packets going through ppp0 are just regular packets. But the point is, they're not going directly through ppp - assuming you are sending a packet, it goes through ppp0, gets packed and sent through a GRE tunnel which goes through eth0 to the PPTP server, which unpacks it and sends it to its way. The same thing in reverse happens when a packet is received. So Dan's solution is the best- allow only connections to the tunnel server on eth0, and filter everything regularly on ppp0. I reckon that if the cable companies (Now Hot, or some other nonsense) and the ISPs in Israel were one entity, the situation would be much easier for us. Straight DHCP, no need for PPTP. Oh well. Back to configuring my firewall. Thanks again, to everyone who helped on the subject. -- Regards, Itamar Ravid.
pgp00000.pgp
Description: PGP signature
