Hi, my firewall is a duron 800 with sarge and 2.6.11 ... my dsl connection does work only after I did run pppoeconfig. If I reboot (without changes to pppoe settings) it doesn't work anymore. ppp starts and quits, no other message logged. Is this the same problem as yours?
But I think your problem may be another one... As on the Interface (eth0 in your case) the firewall policy is already set when you start dialing, i think the pppoe traffic gets dropped. If your policy sets the filters for eth0 (in case you use ethernet), you have to disable these policies before dialing out and set the policy again after connection is established... firestarter has to set the default action for the interface to deny or reject and let ports through that you have allowed. I think the pppoe protocol is not tcp/ip and can not be filtered corretly by iptables. So the packages get dropped because of the default action. do you have anything in your log when you start dialing? anything useful to build an rule? If you do not use ethernet in a local area network you should set the firewall policy on ppp0 instead of the ethernet interface. For pppoe to work the eth0 interface shouldn't be configured and have an default policy action like drop or reject, AFAIK... If firestarter doesn't give you enough options to configure the iptables rules maybe fwbuilder (http://www.fwbuilder.org) is something for you. Regards. mfl Am Freitag, den 22.04.2005, 08:33 +1000 schrieb Cedric Pradalier: > Hi all, > > is there anybody out there using a kernel >= 2.6.10, with a pppoe connection > to internet > and a firewall with iptables, defined by hand or with firestarter ? (my > machine is an > ibook2.2, but I don't think this is relevant here). > > I'd really like to know if I'm the only one having problem with this > configuration. If > this is a kernel bug, or my configuration's bug? Especially, if someone has > this > kind of setup working, I'd like to compare our configs. > > On my machine, I'm stuck with 2.6.8 since any newer kernel (custom build or > debian), with > the firewall on, will fail to let TCP packet enter my machine. > > Thanks for your help. > -- > Cedric > > -- Michael Flaig <[EMAIL PROTECTED]> -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
