Date: Sat, 11 Oct 2008 18:46:58 -0700 From: "Michael K. Smith" <mksmith@adhost.com> To: <pf@freebsd.org> Subject: Passive FTP Issues Message-ID: <C516A522.1DE31%mksmith@adhost.com>
next in thread | raw e-mail | index | archive | help
Hello All:
We are having issues with a =B3standard=B2 configuration and getting passive ft=
p
to work. Here are our present rules related to one server $liv_ftp_int/ex=
t
nat on $vlan2_if from $liv_ftp_int to any -> $liv_ftp_ext
rdr pass on ! $vlan924_if proto tcp from any to $liv_ftp_ext port { ftp,
990, 49152:65535 } -> $liv_ftp_int
pass in quick on $vlan2_if proto tcp from any to <ftp_servers> port { ftp,
49152:65535 } keep state flags S/SA
When we put a =B3block in log on $vlan2_if=B2 rule before everything else, ftp
breaks. When we move the block rule to the end of the pass rules, it works
like a champ.
Am I missing something obvious? Any help would be greatly appreciated.
This is 6.3 Release 1.
Regards,
Mike
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?C516A522.1DE31%mksmith>