298977887/lede
1
0
Fork 0
mirror of https://github.com/coolsnowwolf/lede.git synced 2025-04-19 14:13:30 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix too much ppp policies in forwarding_rule chain

Browse Source 
Every time restart firewall, pptpd.include will be executed. Thus two ppp policy will be added to forwarding_rule chain.
Modified to delete old policies before add new ones.
P.S. according to https://wiki.openwrt.org/doc/howto/vpn.server.pptpd , ppp+ policies will also allow data from other ppp interfaces, including pppoe. Thus if you are using ppp (PPPoE or similar) in wan(that's what in my case), this configuration is insecure. However someone made it like this: https://datahunter.org/openwrt_pptp
This commit is contained in:
dongjuanyong 2018-09-15 20:18:26 +08:00 committed by GitHub
parent 72e44c814a
commit 1adbd1f0c8
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
package/lean/luci-app-pptp-server/root/etc/pptpd.include
View File

@ -1,3 +1,6 @@
iptables -D forwarding_rule -i ppp+ -j ACCEPT
iptables -D forwarding_rule -o ppp+ -j ACCEPT
iptables -A forwarding_rule -i ppp+ -j ACCEPT
iptables -A forwarding_rule -o ppp+ -j ACCEPT
echo 1 > /proc/sys/net/ipv4/conf/br-lan/proxy_arp