Hello,

I did this by running the first instance of ftp-proxy on rc.conf.local 
via: ftpproxy_flags="" and the other instance of ftp-proxy on rc.local 
with the extra flags.

HTH

openbsd@e-solutions.re wrote:
quoted text
> Hi,
>
> I want to let users to use ftp protocol.
> And authorise users from outside to access our ftp server.
> So, i wrote that :
>
> In my rc.conf.local, i added these 2 lines
> ftpproxy_flags=""
> ftpproxy_flags="-R 172.17.2.21 -p 21 -b 10.10.10.10"
> Is it good ? (my ftp server is 172.17.2.21 and Ext_IP : 10.10.10.10")
> At reboot, i have only 1 ftp-proxy started, is it normal ?
> It is an OpenBSD Gateway (4.6)
>
> In my pf.conf i added:
>
> (i have already "forward out" rule lines for egress in tcp/udp)
> nat-anchor "ftp-proxy/*"
> rdr-anchor "ftp-proxy/*"
> nat-anchor "ftp-proxy/*"
> rdr-anchor "ftp-proxy/*"
> rdr on $int_if proto tcp from any to !$ftpserver port 21 -> 127.0.0.1 \
> port 8021 
> anchor "ftp-proxy/*" 
> pass in on $int proto tcp from $lan:network to any port 8021
>
> pass in on $ext inet proto tcp to $ext_ip port 21 \
> flags S/SA keep state
> pass out on $int inet proto tcp to $ftpserver port 21 \
> user proxy flags S/SA keep state
> anchor "ftp-proxy/*" 
>
> Is it good ? 
> thank's for your reply.