Re: FTP proxy

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

From: Peter N. M. Hansteen

Date: Friday, May 25, 2007 - 3:54 am

"Alberich de megres" <alberich2k5@gmail.com> writes:

quoted text> But i got this on my rc.local.conf yet.. Are the pass in and out
> rules for ftp and ftp-data ports right?

your nat rule looks a bit strange, I have 

nat on $ext_if from $int_if:network to any -> ($ext_if) static-port

The ftp related rules I have are essentially pasted from the ftp-proxy
man page, yours differ somewhat.

I have 

# [...]
nat-anchor "ftp-proxy/*"
rdr-anchor "ftp-proxy/*"

# [...]

rdr pass on $int_if proto tcp from $lan to any port ftp -> 127.0.0.1 port 8021

# [...]
anchor "ftp-proxy/*"

pass out proto tcp from $proxy to any port ftp

quoted text> I add them at my own risk.. none in openbsd ftp and pf issues page
> and google tell nothing about this.  Any help?  Thanks

I don't want to appear rude, but there are the ftp-proxy man pages,
the PF faq and a certain tutorial out there at least.  A bit odd if
you couln't find any info.

Hope this helps,
-- 
Peter N. M. Hansteen, member of the first RFC 1149 implementation team
http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/
"First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales"
delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

Messages in current thread:

FTP proxy, Alberich de megres, (Fri May 25, 2:33 am)

Re: FTP proxy, Peter N. M. Hansteen, (Fri May 25, 2:46 am)

Re: FTP proxy, Alberich de megres, (Fri May 25, 3:42 am)

Re: FTP proxy, Peter N. M. Hansteen, (Fri May 25, 3:54 am)

Re: FTP proxy, Alberich de megres, (Fri May 25, 4:30 am)

Re: FTP proxy, Peter N. M. Hansteen, (Fri May 25, 4:41 am)

Re: FTP proxy, Alberich de megres, (Fri May 25, 4:51 am)

Re: FTP proxy, Peter N. M. Hansteen, (Fri May 25, 4:55 am)


linux-kernel:
Ken Chen	[patch] sched: fix inconsistency when redistribute per-cpu tg->cfs_rq shares.
Ingo Molnar	Re: [PATCH v3] x86: merge the simple bitops and move them to bitops.h
Andi Kleen	Re: - romsignature-checksum-cleanup-2.patch removed from -mm tree
Axel Lin	[PATCH] tc6393xb: fix wrong goto labels for error handling
Matthew Wilcox	Re: 2.6.22-rc3-mm1
git:
Johannes Schindelin	Re: [PATCH 05/21] Make parse_tag_buffer_internal() handle item == NULL
Johannes Sixt	Re: [PATCH] Fix handle leak in builtin-pack-objects
Linus Torvalds	Re: [PATCH, take 1] Linear-time/space rename logic (exact renames only)
Alex Riesen	Re: [PATCH] fmt-merge-msg: avoid open "-\|" list form for Perl 5.6
Nicolas Pitre	Re: [PATCH 2/2] Implement a simple delta_base cache
git-commits-head:
Linux Kernel Mailing List	V4L/DVB (8018): Add em2860 chip ID
Linux Kernel Mailing List	PCI: fix kernel oops on bridge removal
Linux Kernel Mailing List	rtl8187: use DMA-aware buffers with usb_control_msg
Linux Kernel Mailing List	Blackfin: use KERN_ALERT in all kgdb_test output
Linux Kernel Mailing List	MIPS: Bonito64: Make Loongson independent from Bonito64 code.
linux-netdev:
Richard Cochran	Re: [PATCH v3 3/3] ptp: Added a clock that uses the eTSEC found on the MPC85xx.
David Miller	Re: [RFC] bridge: STP timer management range checking
Herbert Xu	Re: [RFC PATCH 00/17] virtual-bus
Lennert Buytenhek	Re: [PATCH 3/6] [NET] dsa: add support for original DSA tagging format
Herbert Xu	Re: [2/2] igb: Replace LRO with GRO
freebsd-current:
Boris Samorodov	Re: twa + dump = sbwait
Andrey	Re: RELENG_7 and HEAD: bge causes system hang
韓家標 Bill Hacker	Re: ZFS honesty
samira	sata atapi on ich9r
JoaoBR	Re: I like my rc.d boot messages :(