Reviewed by:

1 files changed, 49 insertions, 0 deletions

diff --git a/etc/ppp/ppp.conf.filter.sample b/etc/ppp/ppp.conf.filter.sample
new file mode 100644
index 0000000..1d90f15
--- /dev/null
+++ b/etc/ppp/ppp.conf.filter.sample
@@ -0,0 +1,49 @@
+#
+# $Id:$
+#
+# An example of packet filter definition.
+#
+#
+filterd:
+#
+# Don't dial with ICMP packet
+#
+ set dfilter 0 deny icmp
+ set dfilter 1 permit 0/0 0/0
+#
+# Allow ident packet pass through
+#
+ set ifilter 0 permit tcp dst eq 113
+ set ofilter 0 permit tcp src eq 113
+#
+# Allow telnet connection to the Internet
+#
+ set ifilter 1 permit tcp src eq 23 estab
+ set ofilter 1 permit tcp dst eq 23
+#
+# Allow ftp access to the Internet
+#
+ set ifilter 2 permit tcp src eq 21 estab
+ set ofilter 2 permit tcp dst eq 21
+ set ifilter 3 permit tcp src eq 20 dst gt 1023
+ set ofilter 3 permit tcp dst eq 20
+#
+# Allow access to DNS
+#
+ set ifilter 4 permit udp src eq 53
+ set ofilter 4 permit udp dst eq 53
+#
+# Allow access from/to my company network
+#
+ set ifilter 5 permit 192.244.191.0/24 0/0
+ set ofilter 5 permit 0/0 192.244.191.0/24
+#
+# Allow ping and traceroute response
+#
+ set ifilter 6 permit icmp
+ set ofilter 6 permit icmp
+ set ifilter 7 permit udp dst gt 33433
+ set ofilter 7 permit udp dst gt 33433
+#
+# If none of above rules matches, then packet is blockd.
+#