Differences between version 3 and predecessor to the previous major change of PPTPConnectionTracking.
Other diffs: Previous Revision, Previous Author, or view the Annotated Edit History
| Newer page: | version 3 | Last edited on Monday, October 31, 2005 9:32:21 am | by CraigBox | Revert |
| Older page: | version 2 | Last edited on Tuesday, June 14, 2005 9:44:58 pm | by CraigBox | Revert |
@@ -4,9 +4,15 @@
!!Problem:
Netfilter doesn't know about the connection between a PPTP connection on TCP, and the portless GRE protocol. When you create a PPTP connection, a NAT table entry with a default 10 minute timeout is added. When you disconnect the PPTP, this connection is still running and has to time out before you can connect again.
!!Solution
-Install
PPTP Connection Tracking
, an extra
kernel patch provided by the Netfilter developers.
+Get a kernel that supports
PPTP connection tracking.
+
+You have two options:
+
+* install 2.6.14 or higher
, as it was [merged into the mainline|http://kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=926b50f92a30090da2c1a8675de954c2d9b09732] at this point
+** __Note:__ I am not yet sure if the conntracking as in 2.6.14 requires changes to iptables as below. Please test this (and update this page!) before you do anything else based on this instruction.
+* patch
an older
kernel with a
patch provided by the Netfilter developers.
!Build and install a new kernel
Grab a snapshot from http://ftp.netfilter.org/pub/patch-o-matic-ng/snapshot/ and untar it into a directory.
