ftp-proxy@pf not working on recent current and/or RELENG_5

Tue Sep 7 14:53:49 PDT 2004

[ Sorry for the late reply, I was in Zuerich for SuCon and didn't anticipate 
the long(er) time away from mail (certainly my fault, not the organizer's or 
the like). The conference was great, consider attending next year! ]

to the actual problem: Looks like you missed a serious mergemaster round. At 
least you do not seem to have a:
 ftp-proxy      8021/tcp   # FTP proxy
line in your /etc/services

Did you submit any PR?

On Tuesday 07 September 2004 13:38, Divacky Roman wrote:
> by setting debug level to -D3 I am getting this in /var/log/messages
> Sep  7 13:28:50 queeg500 ftp-proxy[845]: getsockname() failed (Socket
> operation on non-socket)
>
> so something is obviously wrong...
>
> pls take a look at it - I consider it a serious bug
>
> On Tue, Sep 07, 2004 at 09:57:58AM +0200, Divacky Roman wrote:
> > seems like inetd doesnt even try to run ftp-proxy
> >
> > ie. when I issue ftp on nated machine and see what inetd is doing it in S
> > state (ie. sleeping for more than 20 seconds)
> >
> > On Mon, Sep 06, 2004 at 03:28:13PM +0200, Divacky Roman wrote:
> > > Hi,
> > >
> > > with this pf.conf and PROPERLY set up inetd I am not able to use
> > > ftp-proxy... it simply doesnt work and I am pretty sure it worked
> > > before. I see this on RELENG_5 and on -CURRENT too... If I am doing
> > > anything wrong pls tell me
> > >
> > > pf.conf:
> > >
> > > ext_if="vr0"
> > > int_if="xl0"
> > >
> > > #normalize packets
> > > scrub in all
> > >
> > > altq on $ext_if bandwidth 256Kb cbq queue {ssh_i web other}
> > > queue ssh_i bandwidth 25% cbq(borrow ecn)
> > > queue web bandwidth 25% cbq(borrow ecn)
> > > queue other bandwidth 50% cbq(borrow default ecn)
> > >
> > > #ftp redirection
> > > rdr on $int_if proto tcp from any to any port 21 -> 127.0.0.1 port 8021
> > > #nat
> > > nat on $ext_if from $int_if:network to any -> ($ext_if)
> > >
> > > #rules
> > > #default to block all
> > > block in on $ext_if all
> > > #pass all out while keeping state. and queue it
> > > pass out on $ext_if from any to any keep state queue other
> > > #queuing
> > > pass on $ext_if proto tcp from any to any port ssh keep state
> > > queue(ssh_i, other) pass out on $ext_if proto tcp from any to any port
> > > http keep state queue web #ftp proxy
> > > pass in on $ext_if inet proto tcp from any to $ext_if user proxy keep
> > > state queue other #allow icmp
> > > pass in on $ext_if inet proto icmp from any to any

-- 
/"\  Best regards,                      | mlaier at freebsd.org
\ /  Max Laier                          | ICQ #67774661
 X   http://pf4freebsd.love2party.net/  | mlaier at EFnet
/ \  ASCII Ribbon Campaign              | Against HTML Mail and News
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: signature
Url : http://lists.freebsd.org/pipermail/freebsd-current/attachments/20040907/87fdf943/attachment-0001.bin