pftpx rules not showing in pfctl

[Michael Weiser]

Hello,

this may sound ridiculous but I've actually managed to set up pftpx and
now can't seem to figure out why it works. :)

I've compiled pftpx on my FreeBSD-CURRENT box with some minor tweaking
because of missing stnvis. I added the required rules to my pf.conf:

nat-anchor "pftpx/*"
rdr-anchor "pftpx/*"
rdr on $intif inet proto tcp from any to any port 21 -> 127.0.0.1  port 8021

and

anchor "pftpx/*" on $dslif
pass out quick on $dslif inet proto tcp from $dslif port $unpriv to any port = ftp modulate state (no-sync) flags S/SA label $dslif-out-ftp

$dslif is xl0 for me. It's present on the anchor because I also have a
$pppif tun0 which is used occasionally and rules for it are defined
further down the filter list.

Anyway. I fired up pftpx -d -D 7 and lo, everything works nicely.

Then I went and said 'pfctl -a pftpx -s r' whilst running an ftp
download. No matter what I do, it says the rule list is empty. When
running it with '-s a' I see that there are entries for the ftp
connections in the state table, but still no rules.

Is it supposed to behave that way or should I be seeing some rule
entries?

Thanks in advance,
-- 
bye, Michael