pfS ftp-proxy binding to 127.0.0.1
Didier Wiroth
didier.wiroth at mcesr.etat.lu
Tue Dec 21 17:55:09 PST 2004
HI,
I'm still trying openbsd and freebsd.
I'm setting a pppoe router , using pf and ftp-proxy.
On openbsd you can bind ftp-proxy to the localhost address, openbsd's ftp-proxy only listens to 127.0.0.1 like this:
127.0.0.1:8021
On freebsd it listens on all ip addresses, here is the result of sockstat:
root inetd 750 4 tcp4 *:8021 *:*
I do understand that I can explicitly add a pf rule to deny or allow access to the proxy but to enforce security is it possible to bind ftp-proxy so that it only listens to the localhost.
thx
didier
More information about the freebsd-pf
mailing list