Hello all -
Looking for some input on how to allow PPTP / GRE connections. Allowing TCP port 1723 in the config is easy to do - but PPTP also requires a GRE packet type. How can this ben allowed?
Allow PPTP / GRE
Re: Allow PPTP / GRE
Resurrecting this question to see if anyone can provide assistance.
In essence, is there a file within the CSF config that allows me to specifically put in additional IPTABLES rules? If so, I could open up the GRE protocol myself by using an IPTABLES rule.
Thank you
In essence, is there a file within the CSF config that allows me to specifically put in additional IPTABLES rules? If so, I could open up the GRE protocol myself by using an IPTABLES rule.
Thank you
Re: Allow PPTP / GRE
Hi,
Something like this should help:
You also need to enable ipv4 packet forward with sysctl.
Hope it helps.
Something like this should help:
Code: Select all
[root@server csf]# cat csfpost.sh
#!/bin/bash
iptables -I INPUT -p gre -j ACCEPT
iptables -I OUTPUT -p gre -j ACCEPT
iptables -I FORWARD -i ppp+ -j ACCEPT
[root@server csf]#
Hope it helps.