Problems with pf + ftp-proxy on gateway
Peter
petermatulis at yahoo.ca
Tue Mar 28 19:06:11 UTC 2006
--- Renato Botelho <rbgarga at gmail.com> wrote:
> I'm trying to use pf + ftp-proxy n a 6.1-PRERELEASE machine.
>
> I have this line on inetd.conf:
>
> ftp-proxy stream tcp nowait root /usr/libexec/ftp-proxy
>
> ftp-proxy -n
>
> And this lines on pf.conf:
>
> rdr on $int_if proto tcp from any to any port ftp -> 127.0.0.1 port
> ftp-proxy
> pass in quick on $ext_if inet proto tcp from any port ftp-data to
> $ext_if:0 user proxy flags S/SA keep state
>
> When one machine inside my network (e.g. 192.168.x.x) connects to an
> external ftp server (e.g. ftp.FreeBSD.org), data connection doesn't
> work.
>
> Connection comes to my firewall and is accepted but connection is not
> established and stay like this here:
>
> self tcp 200.x.x.x:57625 <- 200.x.x.x:20 ESTABLISHED:FIN_WAIT_2
You need to decide whether you are working with passive ftp clients
(probably), active, or both.
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
More information about the freebsd-stable
mailing list