Brian Marshall <brian351...@yahoo.com> wrote: > I'm trying to learn if shorewall can drop/reject PPP LCP traffic. > > I have a Bering/LEAF setup running shorewall and also pppoe for shared DSL > connection. 'loc' is eth1, 'net' is ppp0/eth0
> One of the machines in 'loc' zone has an unknown application running that > manages to send LCP TERMREQ commands that shutdown the pppoe link, which > obviously affects all users. Presumably there's no problem blocking all PPPoE traffic from the loc zone ? As I understand it, LCP is embedded in PPP packets - so simply blocking all PPP packets from the loc zone should do it. While looking for good information to supplement my rather vague and hazy memory, I found this which seems very good at explaining how it all fits together : http://www.tcpipguide.com/free/t_PointtoPointProtocolPPP.htm ------------------------------------------------------------------------------ _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
