First a little about the setup on my Linux box:
- eth0: LAN interface (10.0.0.2/24)
- eth1: wireless interface (10.0.1.1/24)
- ppp0: interface that's brought up by PPTPd (192.168.0.0/24)
And my LAN:
- Linux box (Athlon 1400, 512MB RAM, Debian stable (2.4.20)
- Smoothwall box (K6/3 500, 128MB RAM, 2 interfaces; cable and LAN, Smothwall GPL 1.0)
Now my problem: I don't know enough about iptables at the moment to achieve what I want to do, and really need some help from you wonderful people.
What I want to do on the Linux box, is to run a firewall to block all packets coming in from the wireless interface
except for PPTPd related ports (47 and 1723), web and FTP and possibly some forwarded ports. I am also sharing my internet connection at the moment over wireless and am using PPTPd\VPN to secure it a little bit (only 128bit encyption though) and want to masquerade the PPTPd\ppp related traffic (192.168.0.0/24) over the LAN interface (10.0.0.2/24) because my Smoothwall box only accepts\forwards connections from my LAN IP range. Is this possible? Is it also possible to setup some rules if the interface doesn't exist when the firewall is brought up (ie. ppp won't exist until a VPN connection is started).
In the past when I have just had two interfaces to worry about I have just used pre-made iptables scripts like
monmotha's firewall scripts, which have worked very well.
Thank's for your help!
edit: can I just use one of monmothas script's and modify it maybe?