[pf4freebsd] Re: Problem with ftp-proxy.
Gregory P. Smith
greg at electricrain.com
Wed Sep 15 20:57:54 PDT 2004
These are my rules that work for ftp proxy on my nat+firewall system.
Are you missing a 'port' between 127.0.0.1 and 8021? (or is that implied
in pf?)
.........
nat on $ext_if from $int_if:network to any -> ($ext_if)
# This redirection is for a local ftp proxy so that FTP clients on the
# local network can connect to FTP servers on the int-uh-net without
# requiring PASV ftp:
rdr on $int_if proto tcp from any to any port ftp -> 127.0.0.1 port ftp-proxy
### ftp-proxy is run as user 'proxy' to open inbound data connection sockets
pass in on $ext_if inet proto tcp from any to $ext_if \
user proxy keep state
.........
On Wed, Dec 03, 2003 at 11:32:00AM +0000, Matteo Niccoli wrote:
> Hi,
>
> I'm using pf 2.0 on a FreeBSD 5.1 box. It works fine, but I have
> problem with ftp-proxy.
>
> This is my pf.conf
>
> nat on rl1 from 192.168.5.0/24 to any -> rl1
> rdr on rl0 proto tcp from 192.168.5.0/24 to any port 21 -> 127.0.0.1 8021
>
> pass in all
> pass out all
>
> .
>
> In inetd.conf I've enable ftp-proxy with this row:
>
> ftp-proxy stream tcp nowait root /usr/local/libexec/ftp-proxy ftp-proxy
> -u proxy -D 3
>
> But when i try to connect on a external ftp server from my pc in LAN,
> It doesn't works. Also, if I try to use ftp-proxy with adavanced ftp client,
> like gft, I can connect at ftp-proxy but doesn't work connection on
> another ftp.
>
> Bye.
>
More information about the freebsd-pf
mailing list