Date: Wed, 18 May 2005 10:01:02 -0500 From: Matthew Grooms <mgrooms@seton.org> To: freebsd-pf@freebsd.org Subject: ftp-proxy question Message-ID: <428B58AE.9000807@seton.org>
next in thread | raw e-mail | index | archive | help
I am having problems passing passive ftp traffic via ftp-proxy. Active connection work fine. I tried using the -n flag the control connection doesn't translate the server address so the client attempts to make the control channel connection itself. Unfortunately I cant open up blanket access outbound for whatever random port the ftp server chooses. Does ftp-proxy only handle active connections??? Here are the rules from pf.conf ... rdr on $if_int proto tcp from any to any port 21 -> lo0 port 8021 pass in quick log on $if_int proto tcp from any to lo0 port 8021 keep state pass in quick log on $if_ext proto tcp from any to $if_ext port > 49152 keep state And here is my entry in inetd.conf .... ftp-proxy stream tcp nowait root /usr/libexec/ftp-proxy ftp-proxy -V -D 3 BTW : I haven't seen a single entry in /var/log/messages even with the -D and -V options specified. Did I not specify this correctly or is ftp-proxy just broke in the regard? Thanks in advance, -Matthew
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?428B58AE.9000807>