pfS ftp-proxy binding to 127.0.0.1
Jeremie Le Hen
jeremie at le-hen.org
Wed Dec 22 22:05:15 PST 2004
On Wed, Dec 22, 2004 at 02:55:07AM +0100, Didier Wiroth wrote:
> HI,
> I'm still trying openbsd and freebsd.
>
> I'm setting a pppoe router , using pf and ftp-proxy.
> On openbsd you can bind ftp-proxy to the localhost address, openbsd's
> ftp-proxy only listens to 127.0.0.1 like this:
> 127.0.0.1:8021
>
> On freebsd it listens on all ip addresses, here is the result of sockstat:
> root inetd 750 4 tcp4 *:8021 *:*
>
> I do understand that I can explicitly add a pf rule to deny or allow
> access to the proxy but to enforce security is it possible to bind
> ftp-proxy so that it only listens to the localhost.
This may be a bit off-topic, but you may want to have a look at a new
FTP proxy for pf(4): pftpx
http://marc.theaimsgroup.com/?l=openbsd-misc&m=110129991118018&w=2
Regards,
--
Jeremie Le Hen
jeremie at le-hen.org
More information about the freebsd-pf
mailing list