From owner-freebsd-stable@FreeBSD.ORG Fri Nov 21 13:03:53 2008 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B52401065679 for ; Fri, 21 Nov 2008 13:03:53 +0000 (UTC) (envelope-from admin@kkip.pl) Received: from mainframe.kkip.pl (kkip.pl [87.105.164.78]) by mx1.freebsd.org (Postfix) with ESMTP id 67A3F8FC17 for ; Fri, 21 Nov 2008 13:03:53 +0000 (UTC) (envelope-from admin@kkip.pl) Received: from admin.admin.lan.kkip.pl ([10.66.3.254]) by mainframe.kkip.pl with esmtpsa (TLSv1:AES256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1L3Vfq-000NQo-JR; Fri, 21 Nov 2008 14:03:52 +0100 Message-ID: <4926B1B8.8000707@kkip.pl> Date: Fri, 21 Nov 2008 14:03:52 +0100 From: Bartosz Stec User-Agent: Thunderbird 2.0.0.18 (Windows/20081105) MIME-Version: 1.0 To: sclark46@earthlink.net References: <4926B03E.6020108@earthlink.net> In-Reply-To: <4926B03E.6020108@earthlink.net> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit X-Authenticated-User: admin@kkip.pl X-Authenticator: plain X-Sender-Verify: SUCCEEDED (sender exists & accepts mail) X-Spam-Score: -8.9 X-Spam-Score-Int: -88 X-Exim-Version: 4.69 (build at 01-Nov-2008 10:39:57) X-Date: 2008-11-21 14:03:52 X-Connected-IP: 10.66.3.254:3107 X-Message-Linecount: 43 X-Body-Linecount: 29 X-Message-Size: 1218 X-Body-Size: 664 X-Received-Count: 1 X-Recipient-Count: 2 X-Local-Recipient-Count: 2 X-Local-Recipient-Defer-Count: 0 X-Local-Recipient-Fail-Count: 0 Cc: FreeBSD Stable Subject: Re: support for natted ftp server and passive mode X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 21 Nov 2008 13:03:53 -0000 Stephen Clark pisze: > Do any of the firewall products on FreeBSD provide support > for a natted ftp server sitting behind the FreeBSD FW. > > Without having the ftp server advertise the external address > in its passive mode packet, in other words have the firewall > product look inside the packet and change the internal address > in the data portion of the packet to the external address. > > Thanks, > Steve > pf + ftp-proxy http://www.openbsd.org/cgi-bin/man.cgi?query=ftp-proxy&sektion=8&manpath=OpenBSD+4.4 -- Bartosz Stec AUXILIA Spółka z o.o. ul. Wałbrzyska 43/2 52-314 Wrocław tel. (71) 79 99 760 w. 69 GSM: 662171775 E-Mail: admin@kkip.pl