Bug 78842

From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.0.1) Gecko/20021003

Description of problem:
The active-filter option in pppd does not work because filter support is not
enabled by default. This option is required for correct idle timeout hangup
behaviour. Right now pppd resets packet idle time counters for both incoming and
outgoing packets. This is problematic for users with dynamic IPs. Incoming
packets from unwanted services like file sharing servers (e.g Gnutella) reset
the idle time counter so pppd never kills the connection. This is not good for
users who pay for their online time. Setting up firewall rules does not help
because the firewall rules are checked after pppd handed the packet over to the
kernel.
The solution is to enable the filter service in pppd. With filtering enabled you
can use the option active-filter to setup special rules for the idle timeout
counters.
You only have to enable the variable FILTER=y in pppd/Makefile.linux. The option
requires a kernel with CONFIG_PPP_FILTER=y, but all current Red Hat kernels
already have this option enabled. Besides this libpcap is required. This problem
also applies to all earlier Red Hat versions 7.3, 7.2...


Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
1. set an idle timeout for a ppp connection
2. the ppp connection is never killed when packets come IN 
3.
	

Additional info: