ftp-proxy, PF not working with FTP traffic
Marcos Biscaysaqu - ThePacific.net
marcos at ThePacific.Net
Fri Oct 22 16:16:18 PDT 2004
Marcos Biscaysaqu - ThePacific.net wrote:
> Lawrence Farr wrote:
>
>>> somebody know how fix this, or if it another option to make work ftp
>>> clients no PF?
>>>
>>> thanks
>>> Marcos
>>>
>>
>>
>> In inetd.conf I'm using:
>>
>> ftp-proxy stream tcp nowait root /usr/libexec/ftp-proxy
>> ftp-proxy -a 1.2.3.4 -m 55000 -M 57000 -t 180
>>
>> Where 1.2.3.4 is my external IP
>>
>> And my PF rule is:
>>
>> pass quick proto tcp from <inets> to any port { ftp, ftp-data, > 49151 }
>>
>> Where <inets> is my internal network range.
>>
>> _______________________________________________
>> freebsd-current at freebsd.org mailing list
>> http://lists.freebsd.org/mailman/listinfo/freebsd-current
>> To unsubscribe, send any mail to
>> "freebsd-current-unsubscribe at freebsd.org"
>>
>>
>>
>>
> Hi there,
>
> are you missing the redirection? "rdr on $int_if proto tcp from any
> to any port 21 -> 127.0.0.1 port 8021", anyway I tried this and still
> doesn't work, the problem it is some ftp clients are waiting the data
> connection from the IP of the ftp server, but the data it is coming
> back from my external ip number which make the ftp client drop the
> connections..
> Only work for ftp clients who accept data from a different ip
> number than the control ftp connection which it is very wrong. try
> with NCFTP as client with "passive mode of"
>
> thanks
> Marcos
>
>
>
More information about the freebsd-current
mailing list