PF, FTP problems fixed
Max Laier
max at love2party.net
Wed Nov 24 13:15:33 PST 2004
[Please fix your systemtime or timezone]
On Thursday 25 November 2004 09:28, Marcos Biscaysaqu - ThePacific.net wrote:
> Hi there.
> somebody know how to make this work on freebsd???
> ---------------------------------------------------------------------------
>
> Ok, bleeding edge pf people... I wrote a new FTP proxy called "pftpx" and
> I'd like to solicit some feedback from the community...
>
> Why should you try it? What advantages does pftpx offer?
> 1) it handles all ftp modes: PORT, PASV, EPRT, EPSV
> 2) it handles ipv6
> 3) it should scale: one process handles all sessions using libevent
> 4) it works with "strict" ftp clients (clients that want data connections
> to the same IP as the control connection)
>
>
> Quick guide:
> - you need libevent-0.8 (OpenBSD 3.6 has it)
Libevent is in ports (devel/libevent - version 0.9).
> - download http://www.sentia.org/downloads/pftpx-0.3.tar.gz
> - untar, make
> - add this to pf.conf in the nat section:
>
> nat-anchor "pftpx/*"
> rdr-anchor "pftpx/*"
That looks not so good. ".../*" anchors are a 3.6 thing, while FreeBSD is
en-par with 3.5. From a first look and common sense, I don't think it's a
requirement, but you might have to change some code to make it work.
> rdr pass on $if proto tcp from any to any port 21 -> 127.0.0.1 port 8021
>
> - add this to pf.conf in the rule section:
>
> anchor "pftpx/*"
Same here.
> - run the proxy in debug mode: sudo pftpx -d -D7
> - ready to go...
>
> Sorry, no manpage yet, this is bleeding edge after all. Don't run this in
> production if your job depends on it. :-)
>
> All feedback welcome, also if you want to suggest a better name. :-)
I'd be more than happy to see this ported, looks useful!
--
/"\ Best regards, | mlaier at freebsd.org
\ / Max Laier | ICQ #67774661
X http://pf4freebsd.love2party.net/ | mlaier at EFnet
/ \ ASCII Ribbon Campaign | Against HTML Mail and News
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-current/attachments/20041124/efbb2229/attachment.bin
More information about the freebsd-current
mailing list