PF - ftp passive mode.
Gilberto Villani Brito
linux at giboia.org
Fri May 12 12:20:47 UTC 2006
Hello,
I have a ftp server in a DMZ and this is not accepting passive conections.
I tryed ipfw + natd and it works.
I am using this rules:
# rdr on em0 proto tcp from any to 200.250.23.1 port 21 -> 192.168.0.2 port 21
# rdr on em0 proto tcp from any to 200.250.23.1 port 49152:65535 -> 192.168.0.2 port 49152:65535
# pass in on em1 from 192.168.0.0/24 to any keep state
# pass out on em1 from any to 192.168.0.0/24 keep state
http://www.openbsd.org/faq/pf/ftp.html#natserver
What is the problem??? Don't PF make nat for passive ftp??
Gilberto
More information about the freebsd-pf
mailing list