How to disable incoming ppp connections?

YuryG

Well-Known Member

Thanks: 13
Messages: 334

#1
I use PPPoE from my ISP via standard ppp client. From time to time I see lines in its log:
Code:
Dec 18 16:48:39 94 ppp[44872]: tun0: Phase: Connected to client from 5.34.97.13:62943
Dec 18 16:48:39 94 ppp[44872]: tun0: Command: 5.34.97.13:62943: GET http://www.google.com/ HTTP/1.0
Dec 18 16:48:55 94 ppp[44872]: tun0: Phase: 5.34.97.13:62943: Client connection closed.
I have a password for pppctl, but still I do not like incoming connections from outthere. (5.34.97.13 is neither my nor ISP IP)
So, how can I disable any non-local connections to ppp?
 

SirDice

Administrator
Staff member
Administrator
Moderator

Thanks: 6,776
Messages: 28,526

#2
Why is it accepting incoming connections in the first place? PPPoE connections to your ISP are outgoing only.
 

ShelLuser

Son of Beastie

Thanks: 1,648
Messages: 3,502

#4
Surely you have a firewall on this box? That would take care of unwanted incoming connections.

Anyway, how did you set up ppp anyway? That might give us a better clue as to what is going on here.
 
OP
OP
Y

YuryG

Well-Known Member

Thanks: 13
Messages: 334

#5
Code:
default:
    set log Phase Chat LQM IPCP CCP tun command
    set ifaddr 10.0.0.1/0 10.0.0.2/0 0.0.0.0 0.0.0.0

eltel:
    set device PPPoE:em0
    set authname ********
    set authkey ********
    set dial
    set speed sync
    set cd 15
    set reconnect 60 10000
    set redial 60 10000
    set server +3001 *******
    resolv writable
    add default HISADDR
    nat enable yes
    nat same_ports yes
    nat use_sockets yes
    set login
Suppose, the problem is near "server" option, is't it?
 
OP
OP
Y

YuryG

Well-Known Member

Thanks: 13
Messages: 334

#6
Surely you have a firewall on this box? That would take care of unwanted incoming connections.

Anyway, how did you set up ppp anyway? That might give us a better clue as to what is going on here.
And what Firewall rules do you recommend? I have small httpd and ftp server (for personal use, mostly) and some torrent connections.
 
Top