From owner-freebsd-current@FreeBSD.ORG Tue Sep 7 11:38:44 2004 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 06C8416A4CE; Tue, 7 Sep 2004 11:38:44 +0000 (GMT) Received: from eva.fit.vutbr.cz (eva.fit.vutbr.cz [147.229.10.14]) by mx1.FreeBSD.org (Postfix) with ESMTP id 161D043D4C; Tue, 7 Sep 2004 11:38:43 +0000 (GMT) (envelope-from xdivac02@stud.fit.vutbr.cz) Received-SPF: pass (eva.fit.vutbr.cz: domain of xdivac02@eva.fit.vutbr.cz designates 127.0.0.1 as permitted sender) receiver=eva.fit.vutbr.cz; client_ip=127.0.0.1; envelope-from=xdivac02@eva.fit.vutbr.cz; Received: from eva.fit.vutbr.cz (localhost [127.0.0.1]) by eva.fit.vutbr.cz (8.12.11/8.12.11) with ESMTP id i87BcdDm034412 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO); Tue, 7 Sep 2004 13:38:39 +0200 (CEST) Received: (from xdivac02@localhost) by eva.fit.vutbr.cz (8.12.11/8.12.5/Submit) id i87BccCH034411; Tue, 7 Sep 2004 13:38:38 +0200 (CEST) Date: Tue, 7 Sep 2004 13:38:38 +0200 From: Divacky Roman To: current@freebsd.org Message-ID: <20040907113838.GA34373@stud.fit.vutbr.cz> References: <20040906132813.GA53245@stud.fit.vutbr.cz> <20040907075758.GA19752@stud.fit.vutbr.cz> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20040907075758.GA19752@stud.fit.vutbr.cz> User-Agent: Mutt/1.4.2i X-Scanned-By: MIMEDefang 2.16 (www . roaringpenguin . com / mimedefang) cc: mlaier@freebsd.org Subject: Re: ftp-proxy@pf not working on recent current and/or RELENG_5 X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 07 Sep 2004 11:38:44 -0000 by setting debug level to -D3 I am getting this in /var/log/messages Sep 7 13:28:50 queeg500 ftp-proxy[845]: getsockname() failed (Socket operation on non-socket) so something is obviously wrong... pls take a look at it - I consider it a serious bug On Tue, Sep 07, 2004 at 09:57:58AM +0200, Divacky Roman wrote: > seems like inetd doesnt even try to run ftp-proxy > > ie. when I issue ftp on nated machine and see what inetd is doing it in S state > (ie. sleeping for more than 20 seconds) > > On Mon, Sep 06, 2004 at 03:28:13PM +0200, Divacky Roman wrote: > > Hi, > > > > with this pf.conf and PROPERLY set up inetd I am not able to use ftp-proxy... > > it simply doesnt work and I am pretty sure it worked before. I see this on > > RELENG_5 and on -CURRENT too... If I am doing anything wrong pls tell me > > > > pf.conf: > > > > ext_if="vr0" > > int_if="xl0" > > > > #normalize packets > > scrub in all > > > > altq on $ext_if bandwidth 256Kb cbq queue {ssh_i web other} > > queue ssh_i bandwidth 25% cbq(borrow ecn) > > queue web bandwidth 25% cbq(borrow ecn) > > queue other bandwidth 50% cbq(borrow default ecn) > > > > #ftp redirection > > rdr on $int_if proto tcp from any to any port 21 -> 127.0.0.1 port 8021 > > #nat > > nat on $ext_if from $int_if:network to any -> ($ext_if) > > > > #rules > > #default to block all > > block in on $ext_if all > > #pass all out while keeping state. and queue it > > pass out on $ext_if from any to any keep state queue other > > #queuing > > pass on $ext_if proto tcp from any to any port ssh keep state queue(ssh_i, other) > > pass out on $ext_if proto tcp from any to any port http keep state queue web > > #ftp proxy > > pass in on $ext_if inet proto tcp from any to $ext_if user proxy keep state queue other > > #allow icmp > > pass in on $ext_if inet proto icmp from any to any > > > > _______________________________________________ > > freebsd-current@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-current > > To unsubscribe, send any mail to "freebsd-current-unsubscribe@freebsd.org" > _______________________________________________ > freebsd-current@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-current > To unsubscribe, send any mail to "freebsd-current-unsubscribe@freebsd.org"