Configure iptables for PPTPD on CentOS 6

Rules in bold are essential.

#!/bin/bash

# Set defaults. Be careful with -F and -X they will reset your iptable rules.
# iptables -F
# iptables -X
iptables -A OUTPUT -j ACCEPT
iptables -A FORWARD -j ACCEPT
iptables -A INPUT -j DROP
iptables -A INPUT -i lo -j ACCEPT

# Accept established sessions
iptables -A INPUT -m state –state RELATED,ESTABLISHED -j ACCEPT

# Allow Pings.
# iptables -A INPUT -p icmp -j ACCEPT

# Allow SSH
# iptables -A INPUT -p tcp –dport 22 -j ACCEPT

# Allow PPTP Control connection
iptables -A INPUT -p tcp –dport 1723 -j ACCEPT

# Allow GRE
iptables -A INPUT -p gre -j ACCEPT

# NAT for PPTP clients connectivity
iptables -t nat -A POSTROUTING -j SNAT –to-source 192.168.0.1
iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -o eth0 -j MASQUERADE

Leave a Reply

Your email address will not be published. Required fields are marked *