pptp的包过滤规则

论坛 期权论坛 编程之家     
选择匿名的用户   2021-6-2 17:58   1335   0

14.11.3. Packet Filtering Characteristics of PPTP

PPTP negotiation takes place on TCP port 1723. The actual tunnel is based on GRE, which is IP protocol 47, and uses GRE protocol hexadecimal 880B (indicating that the tunneled packets are PPP). GRE is discussed further in Chapter 4, "Packets and Protocols ".

Direction

Source Addr.

Dest. Addr.

Protocol

Source Port

Dest. Port

ACK Set

Notes

In

Ext

Int

GRE

[37]

[37][38]

Tunnel data, external client to internal server

Out

Int

Ext

GRE

[37][37][38]Tunnel reply, internal server to external client

In

Ext

Int

TCP

>1023

1723

[39]

Setup request, external client to internal server

Out

Int

Ext

TCP

1723

>1023

Yes

Setup response, internal server to external client

Out

Int

Ext

GRE

[37][37][38]Tunnel data, internal client to external server

In

Ext

Int

GRE

[37][37][38]Tunnel reply, external server to internal client

Out

Int

Ext

TCP

>1023

1723

[39]

Setup request, internal client to external server

In

Ext

Int

TCP

1723

>1023

Yes

Setup response, external server to internal client

[37]GRE does not have ports. GRE does have protocol types, and PPTP is protocol type hexadecimal 880B.

[38]GRE has no ACK equivalent.

[39]ACK will not be set on the first packet (establishing connection) but will be set on the rest.

参考:http://www.unix.org.ua/orelly/networking_2ndEd/fire/ch14_11.htm

分享到 :
0 人收藏
您需要登录后才可以回帖 登录 | 立即注册

本版积分规则

积分:3875789
帖子:775174
精华:0
期权论坛 期权论坛
发布
内容

下载期权论坛手机APP