Debian Linix GRE protocol forwarding

You might want to check to see that you are monitoring the correct interface... When I ran the following command on eth0, I got no packets... but when I ran it on ppp0 I did.

Do an ifconfig and see if there are other interfaces.

firewall:/root # tcpdump -i ppp0 proto 47
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on ppp0, link-type LINUX_SLL (Linux cooked), capture size 96 bytes
20:15:34.259140 IP xxxx.dyndns.org > xxxx.nwc.acsalaska.net: call 1039 ack 4294967295 no-payload
20:15:34.280656 IP xxx.dyndns.org > xxxx.nwc.acsalaska.net: call 1039 seq 0 gre-ppp-payload

2 packets captured
3 packets received by filter
0 packets dropped by kernel

firewall:/root # tcpdump -i eth0 proto 47
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes

0 packets captured
0 packets received by filter
0 packets dropped by kernel

*ping* Did monitoring the ppp0 (or other encapsulated interface) show the GRE packets ?

No it didnt.

try

iptables -A OUPUT -p tcp --dport 47 -j LOG
iptables -A FORWARD -p tcp --dport 47 -j LOG
iptables -A INPUT -p tcp --dport 47 -j LOG

or UDP ..and then
tail -f /var/log/syslog and you will see the packets being logged if they are incoming/outgoing or being forwarded by the system

Thanks for the reply.  Interesting, I'm not seeing anything in the log files as I try to vpn through it.  I'm assuming that it means gre isn't passing through.