proxies
Dmitry Andrianov
dimas at dataart.com
Sat Jul 8 19:41:41 UTC 2006
> we do it a bit different way.
> man ftp-proxy
Well, it is _completely_ different way. It is only applicable on the
gateway router (which performs NAT) but can not be used on our internal
router because this way FTP server does not see client's real IP.
There are two different things:
a) punching holes in the firewall to accept related connections
b) "patching" traffic to translate Ips contained in the application
level data
On the NAT-less router I obviously only need first. The approach you
suggesting always do both and there is no way of avoiding second.
> that's for FTP, but a similar program can be constructed for different
protocolls
Actually, my question was if PPTP, H323 etc modules _already_ available.
>From your anwser I guess no...
Thanks
Regards,
Dmitry Andrianov
More information about the freebsd-pf
mailing list