Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 7 Sep 2004 09:57:58 +0200
From:      Divacky Roman <xdivac02@stud.fit.vutbr.cz>
To:        current@freebsd.org
Subject:   Re: ftp-proxy@pf not working on recent current and/or RELENG_5
Message-ID:  <20040907075758.GA19752@stud.fit.vutbr.cz>
In-Reply-To: <20040906132813.GA53245@stud.fit.vutbr.cz>
References:  <20040906132813.GA53245@stud.fit.vutbr.cz>
next in thread | previous in thread | raw e-mail | index | archive | help 
seems like inetd doesnt even try to run ftp-proxy 

ie. when I issue ftp on nated machine and see what inetd is doing it in S state
(ie. sleeping for more than 20 seconds)

On Mon, Sep 06, 2004 at 03:28:13PM +0200, Divacky Roman wrote:
> Hi,
> 
> with this pf.conf and PROPERLY set up inetd I am not able to use ftp-proxy...
> it simply doesnt work and I am pretty sure it worked before. I see this on
> RELENG_5 and on -CURRENT too... If I am doing anything wrong pls tell me
> 
> pf.conf:
> 
> ext_if="vr0"
> int_if="xl0"
> 
> #normalize packets
> scrub in all
> 
> altq on $ext_if bandwidth 256Kb cbq queue {ssh_i web other} 
> queue ssh_i bandwidth 25% cbq(borrow ecn)
> queue web bandwidth 25% cbq(borrow ecn)
> queue other bandwidth 50% cbq(borrow default ecn)
> 
> #ftp redirection
> rdr on $int_if proto tcp from any to any port 21 -> 127.0.0.1 port 8021
> #nat
> nat on $ext_if from $int_if:network to any -> ($ext_if)
> 
> #rules
> #default to block all
> block in on $ext_if all
> #pass all out while keeping state. and queue it
> pass out on $ext_if from any to any keep state queue other
> #queuing
> pass on $ext_if proto tcp from any to any port ssh keep state queue(ssh_i, other)
> pass out on $ext_if proto tcp from any to any port http keep state queue web
> #ftp proxy
> pass in on $ext_if inet proto tcp from any to $ext_if user proxy keep state queue other
> #allow icmp
> pass in on $ext_if inet proto icmp from any to any
> 
> _______________________________________________
> freebsd-current@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-current
> To unsubscribe, send any mail to "freebsd-current-unsubscribe@freebsd.org"

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040907075758.GA19752>