From owner-freebsd-pf@FreeBSD.ORG  Sun Oct  5 15:00:59 2008
Return-Path: <owner-freebsd-pf@FreeBSD.ORG>
Delivered-To: freebsd-pf@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 53C7310656A1
	for <freebsd-pf@freebsd.org>; Sun,  5 Oct 2008 15:00:59 +0000 (UTC)
	(envelope-from david.marec@davenulle.org)
Received: from smtp.lamaiziere.net (net.lamaiziere.net [91.121.44.19])
	by mx1.freebsd.org (Postfix) with ESMTP id 186648FC23
	for <freebsd-pf@freebsd.org>; Sun,  5 Oct 2008 15:00:58 +0000 (UTC)
	(envelope-from david.marec@davenulle.org)
Received: from david.dmarec.homeunix.net (84.215.194-77.rev.gaoland.net
	[77.194.215.84])
	by smtp.lamaiziere.net (Postfix) with ESMTPA id B05BA63366E
	for <freebsd-pf@freebsd.org>; Sun,  5 Oct 2008 16:42:46 +0200 (CEST)
From: David Marec <david.marec@davenulle.org>
Organization: LaMienne
To: freebsd-pf@freebsd.org
Date: Sun, 5 Oct 2008 16:42:45 +0200
User-Agent: KMail/1.9.10
MIME-Version: 1.0
Content-Type: text/plain;
  charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Message-Id: <200810051642.45864.david.marec@davenulle.org>
Subject: Pf, ftp-proxy and proftp running into a jail
X-BeenThere: freebsd-pf@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Technical discussion and general questions about packet filter
	\(pf\)" <freebsd-pf.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
	<mailto:freebsd-pf-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-pf>
List-Post: <mailto:freebsd-pf@freebsd.org>
List-Help: <mailto:freebsd-pf-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
	<mailto:freebsd-pf-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 05 Oct 2008 15:00:59 -0000

hi,

I am trying to get protftp running into a jail, avalaible from outside the 
host.

First, i wrote rules to redirect ftp traffic from ext_if to the jail and to 
nat jailled traffic to ext_if.
After login, the data connection keeps being closed in passive mode; the 
active mode is running well.

then, i tried to use ftp-proxy, by adding the following entries into rc.conf:
 ftpproxy_enable="yes"
 ftpproxy_flags="-vv -R ftp.server.address -p 21 -b ext.if"

and followed the tutorial i found on the openbsd website:
http://www.openbsd.org/faq/pf/ftp.html

But, i can't even connect to the ftp server.

What is the right way to use ftp-proxy ?

The pf.conf file could be loaded from here:
http://user.lamaiziere.net/david/pf/pf.conf
-- 
http://www.freebsd.org/fr/			http://www.arcadehits.net/
http://www.diablotins.org/