mpd5.7 pptp_client

default:
	load pptp_client

pptp_client:
	create bundle static IP_BUNDLE
	
	set ipcp ranges 0.0.0.0/0 0.0.0.0/0
	set bundle enable compression
	set ccp yes mppc
	set mppc yes e128
	set mppc yes stateless
#дело в том что мне не нужно чтобы впн был route default
# 	set iface route default
#	set iface up-script /usr/local/etc/mpd5/ip-up.sh
#	set iface down-script /usr/local/etc/mpd5/ip-down.sh
	
	create link static IP_LINK pptp
	set link action bundle IP_BUNDLE
	set auth authname vpnbook
	set auth password *******
	set link no eap pap chap
	set link accept chap-msv2
	set link max-redial 0
	set link mtu 1360
	set link keep-alive 20 75
	set pptp peer uk1.vpnbook.com
	set pptp enable windowing
	open

ng0: flags=88d1<UP,POINTOPOINT,RUNNING,NOARP,SIMPLEX,MULTICAST> metric 0 mtu 1356
	inet 172.16.36.71 --> 172.16.36.1 netmask 0xffffffff

$ curl -vvvv --interface ng0 http://ip.bjango.com/
* Adding handle: conn: 0x801cdc300
* Adding handle: send: 0
* Adding handle: recv: 0
* Curl_addHandleToPipeline: length: 1
* - Conn 0 (0x801cdc300) send_pipe: 1, recv_pipe: 0
* About to connect() to ip.bjango.com port 80 (#0)
*   Trying 64.79.143.19...
* Local Interface ng0 is ip 172.16.36.71 using address family 2
* Local port: 0
* Operation timed out
* Failed connect to ip.bjango.com:80; Operation timed out
* Closing connection 0
curl: (7) Failed connect to ip.bjango.com:80; Operation timed out

$ netstat -rnW -finet
Routing tables
Internet:
Destination        Gateway            Flags    Refs      Use    Mtu    Netif Expire
default            xx.xx.xxx.62      UGS         2    69095   1500      em0
xx.xx.xxx.0/26     link#2             U           0        0   1500      em0
xx.xx.xxx.34       link#2             UHS         0        0  16384      lo0
xx.xx.xxx.44       link#2             UHS         0        0  16384      lo0
127.0.0.1          link#6             UH          0     4436  16384      lo0
172.16.36.1        link#9             UH          0        0   1356      ng0
172.16.36.71       link#9             UHS         0        0  16384      lo0

$ pfctl -ss
STATES:
em0 gre xx.xx.xxx.34 -> 46.23.68.178       MULTIPLE:MULTIPLE
em0 tcp xx.xx.xxx.34:45202 -> 46.23.68.178:1723       ESTABLISHED:ESTABLISHED
em0 tcp xx.xx.xxx.34:80 <- xx.xx.xx.96:62030       FIN_WAIT_2:FIN_WAIT_2
em0 tcp xx.xx.xxx.44:80 <- xx.xx.xx.96:62100       FIN_WAIT_2:FIN_WAIT_2
em0 tcp 172.16.36.71:19739 -> 64.79.143.19:80       SYN_SENT:CLOSED

$ pfctl -sn
nat on em0 inet from 192.168.2.3 to any -> (ng0) round-robin

$ grep pptp /etc/pf.conf
table <pptp_client> persist { uk1.vpnbook.com, 46.23.68.178, 172.16.36.0/24 }

pass  log  quick on em0 inet from  <pptp_client>  to any  label "RULE 15 -- vpn"
pass  log  quick on em0 inet proto tcp  from any  to <pptp_client> port 1723 flags any  label "RULE 16 -- vpn conncet"  
pass  log  quick on em0 inet proto gre  from any  to <pptp_client>  label "RULE 17 -- vpn gre"