VPN сервер с использованием pptpd

привет. имею в квартире сервер с Gentoo 2.6.23.1 и парочку машин с виндами. решил тут настроить на сервере pptpd, чтобы с локалки был полный доступ в мою домашнюю сеть. Возникло несколько вопросов.

1) Почему то, когда к серверу подключается клиент, после создания интерфеса, default route идёт именно на него, хотя я в настройках options.pptpd ставлю опцию nodefaulroute. Как сделать, чтобы дефолт роут оставался старый?

вот мои настройки:

forger_server log # cat /etc/pptpd.conf | grep -v '#'
option /etc/ppp/options.pptpd
debug
logwtmp
localip 192.168.100.1
remoteip 192.168.100.10-254

forger_server log # cat /etc/ppp/options.pptpd | grep -v '#'
name forger_server
refuse-eap
refuse-pap
refuse-chap
refuse-mschap
require-mschap-v2
mppe required,stateless
ms-dns 192.168.100.1
ms-dns 192.168.100.1
ms-wins 192.168.100.1
ms-wins 192.168.100.1
debug
dump
lock
nobsdcomp
novj
novjccomp
nologfd
mppc
mtu 1250
mru 1250
nodeflate
nodefaultroute
lcp-echo-interval 10
lcp-echo-failure 6

Это до подключения клиента:

forger_server log # ifconfig
eth0      Link encap:Ethernet  HWaddr 00:E0:4C:A1:85:60
          inet addr:10.13.8.0  Bcast:10.13.15.255  Mask:255.255.240.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:165451219 errors:0 dropped:0 overruns:0 frame:0
          TX packets:157568409 errors:0 dropped:0 overruns:1 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:1389540404 (1325.1 Mb)  TX bytes:2878923123 (2745.5 Mb)
          Interrupt:17 Base address:0xe000

eth1      Link encap:Ethernet  HWaddr 00:14:85:59:CC:C9
          inet addr:192.168.0.1  Bcast:192.168.0.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:123047765 errors:0 dropped:0 overruns:0 frame:0
          TX packets:110747314 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:1852975815 (1767.1 Mb)  TX bytes:4161334533 (3968.5 Mb)
          Interrupt:18 Base address:0x2000

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:3934424 errors:0 dropped:0 overruns:0 frame:0
          TX packets:3934424 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:411185422 (392.1 Mb)  TX bytes:411185422 (392.1 Mb)

ppp0      Link encap:Point-to-Point Protocol
          inet addr:10.222.254.18  P-t-P:192.168.250.2  Mask:255.255.255.255
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1250  Metric:1
          RX packets:1902587 errors:0 dropped:0 overruns:0 frame:0
          TX packets:3321999 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:3
          RX bytes:157568057 (150.2 Mb)  TX bytes:3851260532 (3672.8 Mb)

forger_server log # route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
83.102.249.178  10.13.0.1       255.255.255.255 UGH   0      0        0 eth0
85.21.72.83     10.13.0.1       255.255.255.255 UGH   0      0        0 eth0
195.14.50.1     10.13.0.1       255.255.255.255 UGH   0      0        0 eth0
192.168.250.2   0.0.0.0         255.255.255.255 UH    0      0        0 ppp0
195.14.50.21    10.13.0.1       255.255.255.255 UGH   0      0        0 eth0
89.179.135.66   10.13.0.1       255.255.255.255 UGH   0      0        0 eth0
195.14.50.26    10.13.0.1       255.255.255.255 UGH   0      0        0 eth0
89.179.135.67   10.13.0.1       255.255.255.255 UGH   0      0        0 eth0
83.102.248.1    10.13.0.1       255.255.255.255 UGH   0      0        0 eth0
85.21.208.254   10.13.0.1       255.255.255.255 UGH   0      0        0 eth0
195.14.50.93    10.13.0.1       255.255.255.255 UGH   0      0        0 eth0
192.168.0.0     0.0.0.0         255.255.255.0   U     0      0        0 eth1
10.13.0.0       0.0.0.0         255.255.240.0   U     0      0        0 eth0
10.0.0.0        10.13.0.1       255.0.0.0       UG    0      0        0 eth0
127.0.0.0       0.0.0.0         255.0.0.0       U     0      0        0 lo
0.0.0.0         0.0.0.0         0.0.0.0         U     0      0        0 ppp0

Это после подключения клиента:

forger_server log # ifconfig
eth0      Link encap:Ethernet  HWaddr 00:E0:4C:A1:85:60
          inet addr:10.13.8.0  Bcast:10.13.15.255  Mask:255.255.240.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:165452545 errors:0 dropped:0 overruns:0 frame:0
          TX packets:157568471 errors:0 dropped:0 overruns:1 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:1389659408 (1325.2 Mb)  TX bytes:2878928430 (2745.5 Mb)
          Interrupt:17 Base address:0xe000

eth1      Link encap:Ethernet  HWaddr 00:14:85:59:CC:C9
          inet addr:192.168.0.1  Bcast:192.168.0.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:123047899 errors:0 dropped:0 overruns:0 frame:0
          TX packets:110747467 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:1852987315 (1767.1 Mb)  TX bytes:4161361418 (3968.5 Mb)
          Interrupt:18 Base address:0x2000

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:3934441 errors:0 dropped:0 overruns:0 frame:0
          TX packets:3934441 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:411187062 (392.1 Mb)  TX bytes:411187062 (392.1 Mb)

ppp0      Link encap:Point-to-Point Protocol
          inet addr:10.222.254.18  P-t-P:192.168.250.2  Mask:255.255.255.255
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1250  Metric:1
          RX packets:1902603 errors:0 dropped:0 overruns:0 frame:0
          TX packets:3322016 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:3
          RX bytes:157570365 (150.2 Mb)  TX bytes:3851261392 (3672.8 Mb)

ppp1      Link encap:Point-to-Point Protocol
          inet addr:192.168.100.1  P-t-P:192.168.100.10  Mask:255.255.255.255
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1250  Metric:1
          RX packets:15 errors:0 dropped:0 overruns:0 frame:0
          TX packets:8 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:3
          RX bytes:1371 (1.3 Kb)  TX bytes:122 (122.0 b)

forger_server log # route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
83.102.249.178  10.13.0.1       255.255.255.255 UGH   0      0        0 eth0
85.21.72.83     10.13.0.1       255.255.255.255 UGH   0      0        0 eth0
195.14.50.1     10.13.0.1       255.255.255.255 UGH   0      0        0 eth0
192.168.250.2   0.0.0.0         255.255.255.255 UH    0      0        0 ppp0
195.14.50.21    10.13.0.1       255.255.255.255 UGH   0      0        0 eth0
89.179.135.66   10.13.0.1       255.255.255.255 UGH   0      0        0 eth0
195.14.50.26    10.13.0.1       255.255.255.255 UGH   0      0        0 eth0
89.179.135.67   10.13.0.1       255.255.255.255 UGH   0      0        0 eth0
192.168.100.10  0.0.0.0         255.255.255.255 UH    0      0        0 ppp1
83.102.248.1    10.13.0.1       255.255.255.255 UGH   0      0        0 eth0
85.21.208.254   10.13.0.1       255.255.255.255 UGH   0      0        0 eth0
195.14.50.93    10.13.0.1       255.255.255.255 UGH   0      0        0 eth0
192.168.0.0     0.0.0.0         255.255.255.0   U     0      0        0 eth1
10.13.0.0       0.0.0.0         255.255.240.0   U     0      0        0 eth0
10.0.0.0        10.13.0.1       255.0.0.0       UG    0      0        0 eth0
127.0.0.0       0.0.0.0         255.0.0.0       U     0      0        0 lo
0.0.0.0         0.0.0.0         0.0.0.0         U     0      0        0 ppp1
0.0.0.0         0.0.0.0         0.0.0.0         U     0      0        0 ppp0

Это логи подключения (пока тестирую коннекчусь с домашней локалки, с одного из компов):

Mar  8 13:04:09 forger_server pptpd[3083]: MGR: Launching /usr/sbin/pptpctrl to handle client
Mar  8 13:04:09 forger_server pptpd[3083]: CTRL: local address = 192.168.100.1
Mar  8 13:04:09 forger_server pptpd[3083]: CTRL: remote address = 192.168.100.10
Mar  8 13:04:09 forger_server pptpd[3083]: CTRL: pppd options file = /etc/ppp/options.pptpd
Mar  8 13:04:09 forger_server pptpd[3083]: CTRL: Client 192.168.0.3 control connection started
Mar  8 13:04:09 forger_server pptpd[3083]: CTRL: Received PPTP Control Message (type: 1)
Mar  8 13:04:09 forger_server pptpd[3083]: CTRL: Made a START CTRL CONN RPLY packet
Mar  8 13:04:09 forger_server pptpd[3083]: CTRL: I wrote 156 bytes to the client.
Mar  8 13:04:09 forger_server pptpd[3083]: CTRL: Sent packet to client
Mar  8 13:04:09 forger_server pptpd[3083]: CTRL: Received PPTP Control Message (type: 7)
Mar  8 13:04:09 forger_server pptpd[3083]: CTRL: Set parameters to 100000000 maxbps, 64 window size
Mar  8 13:04:09 forger_server pptpd[3083]: CTRL: Made a OUT CALL RPLY packet
Mar  8 13:04:09 forger_server pptpd[3083]: CTRL: Starting call (launching pppd, opening GRE)
Mar  8 13:04:09 forger_server pptpd[3083]: CTRL: pty_fd = 9
Mar  8 13:04:09 forger_server pptpd[3083]: CTRL: tty_fd = 10
Mar  8 13:04:09 forger_server pptpd[3084]: CTRL (PPPD Launcher): program binary = /usr/sbin/pppd
Mar  8 13:04:09 forger_server pptpd[3084]: CTRL (PPPD Launcher): local address = 192.168.100.1
Mar  8 13:04:09 forger_server pptpd[3084]: CTRL (PPPD Launcher): remote address = 192.168.100.10
Mar  8 13:04:09 forger_server pptpd[3083]: CTRL: I wrote 32 bytes to the client.
Mar  8 13:04:09 forger_server pptpd[3083]: CTRL: Sent packet to client
Mar  8 13:04:09 forger_server pptpd[3083]: CTRL: Received PPTP Control Message (type: 15)
Mar  8 13:04:09 forger_server pptpd[3083]: CTRL: Got a SET LINK INFO packet with standard ACCMs
Mar  8 13:04:09 forger_server pppd[3084]: Plugin /usr/lib/pptpd/pptpd-logwtmp.so loaded.
Mar  8 13:04:09 forger_server pppd[3084]: pptpd-logwtmp: $Version$
Mar  8 13:04:09 forger_server pppd[3084]: pppd options in effect:
Mar  8 13:04:09 forger_server pppd[3084]: debug         # (from /etc/ppp/options.pptpd)
Mar  8 13:04:09 forger_server pppd[3084]: nologfd               # (from /etc/ppp/options.pptpd)
Mar  8 13:04:09 forger_server pppd[3084]: dump          # (from /etc/ppp/options.pptpd)
Mar  8 13:04:09 forger_server pppd[3084]: plugin /usr/lib/pptpd/pptpd-logwtmp.so                # (from command line)
Mar  8 13:04:09 forger_server pppd[3084]: require-mschap-v2             # (from /etc/ppp/options.pptpd)
Mar  8 13:04:09 forger_server pppd[3084]: refuse-pap            # (from /etc/ppp/options.pptpd)
Mar  8 13:04:09 forger_server pppd[3084]: refuse-chap           # (from /etc/ppp/options.pptpd)
Mar  8 13:04:09 forger_server pppd[3084]: refuse-mschap         # (from /etc/ppp/options.pptpd)
Mar  8 13:04:09 forger_server pppd[3084]: refuse-eap            # (from /etc/ppp/options.pptpd)
Mar  8 13:04:09 forger_server pppd[3084]: name forger_server            # (from /etc/ppp/options.pptpd)
Mar  8 13:04:09 forger_server pppd[3084]: pptpd-original-ip 192.168.0.3         # (from command line)
Mar  8 13:04:09 forger_server pppd[3084]: 115200                # (from command line)
Mar  8 13:04:09 forger_server pppd[3084]: lock          # (from /etc/ppp/options.pptpd)
Mar  8 13:04:09 forger_server pppd[3084]: local         # (from command line)
Mar  8 13:04:09 forger_server pppd[3084]: mru 1250              # (from /etc/ppp/options.pptpd)
Mar  8 13:04:09 forger_server pppd[3084]: mtu 1250              # (from /etc/ppp/options.pptpd)
Mar  8 13:04:09 forger_server pppd[3084]: lcp-echo-failure 6            # (from /etc/ppp/options.pptpd)
Mar  8 13:04:09 forger_server pppd[3084]: lcp-echo-interval 10          # (from /etc/ppp/options.pptpd)
Mar  8 13:04:09 forger_server pppd[3084]: novj          # (from /etc/ppp/options.pptpd)
Mar  8 13:04:09 forger_server pppd[3084]: novjccomp             # (from /etc/ppp/options.pptpd)
Mar  8 13:04:09 forger_server pppd[3084]: ipparam 192.168.0.3           # (from command line)
Mar  8 13:04:09 forger_server pppd[3084]: ms-dns xxx # [don't know how to print value]          # (from /etc/ppp/options.pptpd)
Mar  8 13:04:09 forger_server pppd[3084]: ms-wins xxx # [don't know how to print value]         # (from /etc/ppp/options.pptpd)
Mar  8 13:04:09 forger_server pppd[3084]: nodefaultroute                # (from /etc/ppp/options.pptpd)
Mar  8 13:04:09 forger_server pppd[3084]: 192.168.100.1:192.168.100.10          # (from command line)
Mar  8 13:04:09 forger_server pppd[3084]: nobsdcomp             # (from /etc/ppp/options.pptpd)
Mar  8 13:04:09 forger_server pppd[3084]: nodeflate             # (from /etc/ppp/options.pptpd)
Mar  8 13:04:09 forger_server pppd[3084]: mppc          # (from /etc/ppp/options.pptpd)
Mar  8 13:04:09 forger_server pppd[3084]: mppe xxx # [don't know how to print value]            # (from /etc/ppp/options.pptpd)
Mar  8 13:04:09 forger_server pppd[3084]: pppd 2.4.4 started by root, uid 0
Mar  8 13:04:09 forger_server pppd[3084]: using channel 613
Mar  8 13:04:09 forger_server pppd[3084]: Using interface ppp1
Mar  8 13:04:09 forger_server pppd[3084]: Connect: ppp1 <--> /dev/pts/15
Mar  8 13:04:09 forger_server pppd[3084]: sent [LCP ConfReq id=0x1 <mru 1250> <asyncmap 0x0> <auth chap MS-v2> <magic 0x1bba555a> <pcomp> <accomp>]
Mar  8 13:04:09 forger_server pppd[3084]: rcvd [LCP ConfReq id=0x0 <mru 1400> <magic 0x25301121> <pcomp> <accomp> <callback CBCP>]
Mar  8 13:04:09 forger_server pppd[3084]: sent [LCP ConfRej id=0x0 <callback CBCP>]
Mar  8 13:04:09 forger_server pppd[3084]: rcvd [LCP ConfAck id=0x1 <mru 1250> <asyncmap 0x0> <auth chap MS-v2> <magic 0x1bba555a> <pcomp> <accomp>]
Mar  8 13:04:09 forger_server pppd[3084]: rcvd [LCP ConfReq id=0x1 <mru 1400> <magic 0x25301121> <pcomp> <accomp>]
Mar  8 13:04:09 forger_server pppd[3084]: sent [LCP ConfAck id=0x1 <mru 1400> <magic 0x25301121> <pcomp> <accomp>]
Mar  8 13:04:09 forger_server pppd[3084]: sent [LCP EchoReq id=0x0 magic=0x1bba555a]
Mar  8 13:04:09 forger_server pptpd[3083]: CTRL: Received PPTP Control Message (type: 15)
Mar  8 13:04:09 forger_server pptpd[3083]: CTRL: Ignored a SET LINK INFO packet with real ACCMs!
Mar  8 13:04:09 forger_server pppd[3084]: sent [CHAP Challenge id=0x3a <4dce994741e91649f06b4fd1fbc49753>, name = "forger_server"]
Mar  8 13:04:09 forger_server pppd[3084]: rcvd [LCP Ident id=0x2 magic=0x25301121 "MSRASV5.10"]
Mar  8 13:04:09 forger_server pppd[3084]: rcvd [LCP Ident id=0x3 magic=0x25301121 "MSRAS-1-FORGER"]
Mar  8 13:04:09 forger_server pppd[3084]: rcvd [LCP EchoRep id=0x0 magic=0x25301121]
Mar  8 13:04:09 forger_server pppd[3084]: rcvd [CHAP Response id=0x3a <4023e32c3f671dcc5bc2ddef7bc53f35000000000000000072ad3fe5fa0f5d91e1ab7d35629f2cc0c48fe6acc00af29100>, name = "forger"]
Mar  8 13:04:09 forger_server pppd[3084]: sent [CHAP Success id=0x3a "S=7368DE95A597230B5A7952761B6BFB29D993CBAF M=Access granted"]
Mar  8 13:04:09 forger_server pppd[3084]: sent [CCP ConfReq id=0x1 <mppe +H +M +S +L -D -C>]
Mar  8 13:04:09 forger_server pppd[3084]: rcvd [CCP ConfReq id=0x4 <mppe +H +M +S +L -D +C>]
Mar  8 13:04:09 forger_server pppd[3084]: sent [CCP ConfNak id=0x4 <mppe +H -M +S -L -D -C>]
Mar  8 13:04:09 forger_server pppd[3084]: rcvd [IPCP ConfReq id=0x5 <addr 0.0.0.0> <ms-dns1 0.0.0.0> <ms-wins 0.0.0.0> <ms-dns3 0.0.0.0> <ms-wins 0.0.0.0>]
Mar  8 13:04:09 forger_server pppd[3084]: sent [IPCP TermAck id=0x5]
Mar  8 13:04:09 forger_server pppd[3084]: rcvd [CCP ConfNak id=0x1 <mppe +H -M +S -L -D -C>]
Mar  8 13:04:09 forger_server pppd[3084]: sent [CCP ConfReq id=0x2 <mppe +H -M +S -L -D -C>]
Mar  8 13:04:09 forger_server pppd[3084]: rcvd [CCP ConfReq id=0x6 <mppe +H -M +S -L -D -C>]
Mar  8 13:04:09 forger_server pppd[3084]: sent [CCP ConfAck id=0x6 <mppe +H -M +S -L -D -C>]
Mar  8 13:04:09 forger_server pppd[3084]: rcvd [CCP ConfAck id=0x2 <mppe +H -M +S -L -D -C>]
Mar  8 13:04:09 forger_server pppd[3084]: MPPE 128-bit stateless compression enabled
Mar  8 13:04:09 forger_server pppd[3084]: sent [IPCP ConfReq id=0x1 <addr 192.168.100.1>]
Mar  8 13:04:09 forger_server pppd[3084]: rcvd [IPCP ConfAck id=0x1 <addr 192.168.100.1>]
Mar  8 13:04:11 forger_server pppd[3084]: rcvd [IPCP ConfReq id=0x7 <addr 0.0.0.0> <ms-dns1 0.0.0.0> <ms-wins 0.0.0.0> <ms-dns3 0.0.0.0> <ms-wins 0.0.0.0>]
Mar  8 13:04:11 forger_server pppd[3084]: sent [IPCP ConfNak id=0x7 <addr 192.168.100.10> <ms-dns1 192.168.100.1> <ms-wins 192.168.100.1> <ms-dns3 192.168.100.1> <ms-wins 192.168.100.1>]
Mar  8 13:04:11 forger_server pppd[3084]: rcvd [IPCP ConfReq id=0x8 <addr 192.168.100.10> <ms-dns1 192.168.100.1> <ms-wins 192.168.100.1> <ms-dns3 192.168.100.1> <ms-wins 192.168.100.1>]
Mar  8 13:04:11 forger_server pppd[3084]: sent [IPCP ConfAck id=0x8 <addr 192.168.100.10> <ms-dns1 192.168.100.1> <ms-wins 192.168.100.1> <ms-dns3 192.168.100.1> <ms-wins 192.168.100.1>]
Mar  8 13:04:11 forger_server pppd[3084]: local  IP address 192.168.100.1
Mar  8 13:04:11 forger_server pppd[3084]: remote IP address 192.168.100.10
Mar  8 13:04:11 forger_server pppd[3084]: pptpd-logwtmp.so ip-up ppp1 forger 192.168.0.3
Mar  8 13:04:11 forger_server pppd[3084]: Script /etc/ppp/ip-up started (pid 3087)
Mar  8 13:04:11 forger_server pppd[3084]: Script /etc/ppp/ip-up finished (pid 3087), status = 0x0

2) Есть такая опция для pppd как unit n, для того, чтобы номер интерфейсу назначать... Так вот, можно ли как нибудь сделать так, чтобы этот параметр n менялся... например чтобы он равнялся последнему октету выдаваемого клиенту айпишника?