From owner-freebsd-current@FreeBSD.ORG  Tue Sep  7 21:53:48 2004
Return-Path: <owner-freebsd-current@FreeBSD.ORG>
Delivered-To: freebsd-current@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id CC7CD16A4CE
	for <current@freebsd.org>; Tue,  7 Sep 2004 21:53:48 +0000 (GMT)
Received: from moutng.kundenserver.de (moutng.kundenserver.de
	[212.227.126.185])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 3263543D2F
	for <current@freebsd.org>; Tue,  7 Sep 2004 21:53:48 +0000 (GMT)
	(envelope-from max@love2party.net)
Received: from [212.227.126.206] (helo=mrelayng.kundenserver.de)
	by moutng.kundenserver.de with esmtp (Exim 3.35 #1)
	id 1C4nuJ-0008JQ-00; Tue, 07 Sep 2004 23:53:43 +0200
Received: from [84.128.134.134] (helo=donor.laier.local)
	by mrelayng.kundenserver.de with asmtp (TLSv1:RC4-MD5:128)
	(Exim 3.35 #1)
	id 1C4nuI-0000TN-00; Tue, 07 Sep 2004 23:53:43 +0200
From: Max Laier <max@love2party.net>
To: Divacky Roman <xdivac02@stud.fit.vutbr.cz>
Date: Tue, 7 Sep 2004 23:52:06 +0200
User-Agent: KMail/1.6.2
References: <20040906132813.GA53245@stud.fit.vutbr.cz>
	<20040907075758.GA19752@stud.fit.vutbr.cz>
	<20040907113838.GA34373@stud.fit.vutbr.cz>
In-Reply-To: <20040907113838.GA34373@stud.fit.vutbr.cz>
MIME-Version: 1.0
Content-Type: multipart/signed;
  protocol="application/pgp-signature";
  micalg=pgp-sha1;
  boundary="Boundary-02=_N2iPBHF5KJYHvTL";
  charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Message-Id: <200409072352.13676.max@love2party.net>
X-Provags-ID: kundenserver.de abuse@kundenserver.de
	auth:61c499deaeeba3ba5be80f48ecc83056
cc: current@freebsd.org
Subject: Re: ftp-proxy@pf not working on recent current and/or RELENG_5
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Discussions about the use of FreeBSD-current
	<freebsd-current.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 07 Sep 2004 21:53:49 -0000


--Boundary-02=_N2iPBHF5KJYHvTL
Content-Type: text/plain;
  charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline

[ Sorry for the late reply, I was in Zuerich for SuCon and didn't anticipat=
e=20
the long(er) time away from mail (certainly my fault, not the organizer's o=
r=20
the like). The conference was great, consider attending next year! ]

to the actual problem: Looks like you missed a serious mergemaster round. A=
t=20
least you do not seem to have a:
 ftp-proxy      8021/tcp   # FTP proxy
line in your /etc/services

Did you submit any PR?

On Tuesday 07 September 2004 13:38, Divacky Roman wrote:
> by setting debug level to -D3 I am getting this in /var/log/messages
> Sep  7 13:28:50 queeg500 ftp-proxy[845]: getsockname() failed (Socket
> operation on non-socket)
>
> so something is obviously wrong...
>
> pls take a look at it - I consider it a serious bug
>
> On Tue, Sep 07, 2004 at 09:57:58AM +0200, Divacky Roman wrote:
> > seems like inetd doesnt even try to run ftp-proxy
> >
> > ie. when I issue ftp on nated machine and see what inetd is doing it in=
 S
> > state (ie. sleeping for more than 20 seconds)
> >
> > On Mon, Sep 06, 2004 at 03:28:13PM +0200, Divacky Roman wrote:
> > > Hi,
> > >
> > > with this pf.conf and PROPERLY set up inetd I am not able to use
> > > ftp-proxy... it simply doesnt work and I am pretty sure it worked
> > > before. I see this on RELENG_5 and on -CURRENT too... If I am doing
> > > anything wrong pls tell me
> > >
> > > pf.conf:
> > >
> > > ext_if=3D"vr0"
> > > int_if=3D"xl0"
> > >
> > > #normalize packets
> > > scrub in all
> > >
> > > altq on $ext_if bandwidth 256Kb cbq queue {ssh_i web other}
> > > queue ssh_i bandwidth 25% cbq(borrow ecn)
> > > queue web bandwidth 25% cbq(borrow ecn)
> > > queue other bandwidth 50% cbq(borrow default ecn)
> > >
> > > #ftp redirection
> > > rdr on $int_if proto tcp from any to any port 21 -> 127.0.0.1 port 80=
21
> > > #nat
> > > nat on $ext_if from $int_if:network to any -> ($ext_if)
> > >
> > > #rules
> > > #default to block all
> > > block in on $ext_if all
> > > #pass all out while keeping state. and queue it
> > > pass out on $ext_if from any to any keep state queue other
> > > #queuing
> > > pass on $ext_if proto tcp from any to any port ssh keep state
> > > queue(ssh_i, other) pass out on $ext_if proto tcp from any to any port
> > > http keep state queue web #ftp proxy
> > > pass in on $ext_if inet proto tcp from any to $ext_if user proxy keep
> > > state queue other #allow icmp
> > > pass in on $ext_if inet proto icmp from any to any

=2D-=20
/"\  Best regards,                      | mlaier@freebsd.org
\ /  Max Laier                          | ICQ #67774661
 X   http://pf4freebsd.love2party.net/  | mlaier@EFnet
/ \  ASCII Ribbon Campaign              | Against HTML Mail and News

--Boundary-02=_N2iPBHF5KJYHvTL
Content-Type: application/pgp-signature
Content-Description: signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (FreeBSD)

iD8DBQBBPi2NXyyEoT62BG0RAvtNAJ9ToKbpmm4QE2ZM/r00etdw1Zgl8QCdGnoe
XVCDSueDcCyHDolNgnL707E=
=082d
-----END PGP SIGNATURE-----

--Boundary-02=_N2iPBHF5KJYHvTL--