[pf4freebsd] Re: Problem with ftp-proxy.
Pyun YongHyeon
yongari at kt-is.co.kr
Wed Sep 15 20:57:49 PDT 2004
On Wed, Dec 03, 2003 at 11:32:00AM +0000, Matteo Niccoli wrote:
> Hi,
>
> I'm using pf 2.0 on a FreeBSD 5.1 box. It works fine, but I have
> problem with ftp-proxy.
>
> This is my pf.conf
>
> nat on rl1 from 192.168.5.0/24 to any -> rl1
> rdr on rl0 proto tcp from 192.168.5.0/24 to any port 21 -> 127.0.0.1 8021
>
> pass in all
> pass out all
>
> .
>
> In inetd.conf I've enable ftp-proxy with this row:
>
> ftp-proxy stream tcp nowait root /usr/local/libexec/ftp-proxy ftp-proxy
> -u proxy -D 3
>
> But when i try to connect on a external ftp server from my pc in LAN,
> It doesn't works. Also, if I try to use ftp-proxy with adavanced ftp client,
> like gft, I can connect at ftp-proxy but doesn't work connection on
> another ftp.
>
It's not reproduable here. Both active and passive mode client works
well with ftp-proxy.(I don't know what advanced ftp client means. I
believe lukemftp is more RFC complient and has many useful features.)
rdr on rl0 proto tcp from 192.168.5.0/24 to any port 21 -> 127.0.0.1 8021
^^^^^
The above rule should be read as the following.
rdr on rl0 proto tcp from 192.168.5.0/24 to any port 21 -> 127.0.0.1 port 8021
In case of ftp-proxy errors, both /var/log/messages and /var/log/debug.log
would have recoreded errors. And you should have user 'proxy' and group
'proxy'.
> Bye.
>
Thanks.
Regards,
Pyun YongHyeon
--
Pyun YongHyeon <http://www.kr.freebsd.org/~yongari>
More information about the freebsd-pf
mailing list