Most useful pppd active-filter string for Linux

If a (RH) linux pppd daemon is set up to "dial on demand" and hold the
line open while legitimate/solicited packets are passed across it; given
the number of unsloicited packets comming across a dialup link:
P2P (KaZaA edonkey etc), Microsft servers ports (137 etc), unsolicited
pings (icmp[0]=8), etc,etc;

What is the most useful string to put in the active-filter line of the
/etc/ppp/options file so that the line only stays up for genuine
connections (including FTP (none passive) client sessions and
outgoing pings)?

NB This is a posting of a question about the packets keeping a
linux PPP link up, it is NOT about firewalls (ipconfig/iptables).

pbs wrote:

> Hum, I suppose that if icmp echo is not firewalled off, echo reply
> "or (icmp[0] = 0 )" would need to be included in the list to stop a
> remote machine holding the line open with pings.
>

LOL - yes, they weren't a problem back then - getting loads at the moment.

firewall + outbound is the way to go.

Andy.