For PPTP I do this for logging:
Code: Select all
14 ;;; PPTP-VPN rules
chain=input action=accept protocol=tcp dst-port=1723
15 chain=input action=log protocol=gre log-prefix=""
16 chain=input action=accept protocol=gre
However, I get more than a 100 hits on port 443 every day. How can I log whether a SSTP tunnel has been established with success vs just another harmless port scanner driving by?
Regards,
Jeroen