Brian Marshall wrote:
> No problem blocking PPPoE from the loc zone, I'm just not sure the protocol
> number(s) I would use to achieve that.
They aren't even IP packets, and as far as I can see should not be getting
forwarded at all. As below, they are ether type 0x8863 or 0x8864 vs 0x0800 for
en reports "ppp
closed by user request" in the ppp log.
If you have any thoughts to offer I'm all ears...
thanks again for your time
From: Simon Hobson
To: Shorewall Users
Sent: Tuesday, 20 September 2016, 20:09
Subject: Re: [Shorewall-users] Shorewall Rejec
I wrote:
> Presumably there's no problem blocking all PPPoE traffic from the loc zone ?
And looking at https://tools.ietf.org/html/rfc2516 it says :
> The ETHER_TYPE is set to either 0x8863 (Discovery Stage) or 0x8864 (PPP
> Session Stage).
But how is the device spoofing the PPPoE LCP Terminat
Brian Marshall wrote:
> I'm trying to learn if shorewall can drop/reject PPP LCP traffic.
>
> I have a Bering/LEAF setup running shorewall and also pppoe for shared DSL
> connection. 'loc' is eth1, 'net' is ppp0/eth0
> One of the machines in 'loc' zone has an unknown application running that
I'm trying to learn if shorewall can drop/reject PPP LCP traffic.
I have a Bering/LEAF setup running shorewall and also pppoe for shared DSL
connection. 'loc' is eth1, 'net' is ppp0/eth0One of the machines in 'loc' zone
has an unknown application running that manages to send LCP TERMREQ commands
