setting up:

apt-get install pptpd

vi /etc/ppp/chap-secrets
#enter username pwd

vi /etc/pptpd.conf
-->
option /etc/ppp/pptpd-options
logwtmp
localip 198.142.70.106
remoteip 192.168.10.100-120

vi /etc/ppp/pptpd-options
-->
name pptpd
refuse-pap
refuse-chap
refuse-mschap
require-mschap-v2
require-mppe-128
ms-dns 8.8.8.8
ms-dns 8.8.4.4
#ms-wins 10.0.0.3
#ms-wins 10.0.0.4
proxyarp
nodefaultroute
#debug
#dump
lock
nobsdcomp

vi /etc/syscto.conf
--> net.ipv4.ip_forward=1
sysctl -p



#block common attacks
iptables -A INPUT -p tcp --tcp-flags ALL NONE -j DROP
iptables -A INPUT -p tcp ! --syn -m state --state NEW -j DROP
iptables -A INPUT -p tcp --tcp-flags ALL ALL -j D


iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT
iptables -A INPUT -s 192.168.100.0/24 -i ppp0 -j ACCEPT
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
iptables -A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
iptables -A INPUT -p tcp -m tcp --dport 1723 -j ACCEPT
iptables -A INPUT -i eth0 -p gre -j ACCEPT
iptables -A FORWARD -i eth0 -j ACCEPT
iptables -A FORWARD -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu

iptables -P POSTROUTING ACCEPT
iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -t nat -A POSTROUTING -o ppp+ -j MASQUERADE


iptables -P INPUT DROP


sudo apt-get install iptables-persistent

#reverse
sudo iptables -D INPUT -j DROP
{rules}
sudo iptables -A INPUT -j DROP


#saving firewall rules:
sudo invoke-rc.d iptables-persistent save