I try use filter for securing my VPN clients in PPP profile - not work.

I used Incoming filter, and in filter I used LOG rule.
I didn't see any log messages in log viewer.

Bridge option didn't work too.

It doesn't work in 3.4 either. Vaya con dios.

are you placing a shim jump rule in the forward chain to jump to your ppp chain? Otherwise these new chains are ignored.

Yes, that's the workaround, which creates unwelcome "invalid" displays in the firewall rule display.

Ciao

no no no ... it shouldnt be invalid. a single jump rule with no other specifiers (in-interface, out-interface, ips, etc should all be blank) and jump to chain=ppp. It has always been this way, even in 2.9. The dynamic jumps are placed in the ppp chain then and are used.

Sam

Well, it's invalid until the PPP user connects, then it becomes valid and applies the rules appropriately. It would be nice if it were valid at all times..

ah ... i think thats why ive seen a blank passthru rule at the top in the hotspot on the custom chains... can you enter a passthru rule with a comment and have it always be valid ?