# How to disable incoming ppp connections?



## YuryG (Dec 18, 2018)

I use PPPoE from my ISP via standard `ppp` client. From time to time I see lines in its log:

```
Dec 18 16:48:39 94 ppp[44872]: tun0: Phase: Connected to client from 5.34.97.13:62943
Dec 18 16:48:39 94 ppp[44872]: tun0: Command: 5.34.97.13:62943: GET http://www.google.com/ HTTP/1.0
Dec 18 16:48:55 94 ppp[44872]: tun0: Phase: 5.34.97.13:62943: Client connection closed.
```
I have a password for `pppctl`, but still I do not like incoming connections from outthere. (5.34.97.13 is neither my nor ISP IP)
So, how can I disable any non-local connections to `ppp`?


----------



## SirDice (Dec 18, 2018)

Why is it accepting incoming connections in the first place? PPPoE connections to your ISP are _outgoing_ only.


----------



## YuryG (Dec 18, 2018)

SirDice said:


> Why is it accepting incoming connections in the first place? PPPoE connections to your ISP are _outgoing_ only.


Yes, that's my question. How and why it has that possibility. And how to disable it?


----------



## ShelLuser (Dec 18, 2018)

Surely you have a firewall on this box? That would take care of unwanted incoming connections.

Anyway, how did you set up ppp anyway? That might give us a better clue as to what is going on here.


----------



## YuryG (Dec 19, 2018)

```
default:
    set log Phase Chat LQM IPCP CCP tun command
    set ifaddr 10.0.0.1/0 10.0.0.2/0 0.0.0.0 0.0.0.0

eltel:
    set device PPPoE:em0
    set authname ********
    set authkey ********
    set dial
    set speed sync
    set cd 15
    set reconnect 60 10000
    set redial 60 10000
    set server +3001 *******
    resolv writable
    add default HISADDR
    nat enable yes
    nat same_ports yes
    nat use_sockets yes
    set login
```
Suppose, the problem is near "server" option, is't it?


----------



## YuryG (Dec 27, 2018)

ShelLuser said:


> Surely you have a firewall on this box? That would take care of unwanted incoming connections.
> 
> Anyway, how did you set up ppp anyway? That might give us a better clue as to what is going on here.


And what Firewall rules do you recommend? I have small httpd and ftp server (for personal use, mostly) and some torrent connections.


----------



## SirDice (Dec 27, 2018)

YuryG said:


> And what Firewall rules do you recommend?


That's fairly simple, block everything except the incoming connections you actually use.


----------

