Date: Sun, 14 Mar 2010 09:40:53 +0100 From: Christer Solskogen <christer.solskogen@gmail.com> To: freebsd-jail@freebsd.org Subject: ftp-proxy on jails on lo1 Message-ID: <c1a0d1561003140040s48795c2dq74ebe276dd736adc@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
I've been setting up my jails on a cloned interface called lo1
(127.0.1.0/24) - and it seems jails are having bit of a problem using
ftp in passive mode even when I think I've set things up correctly.
The only jail that is not on lo1 (192.168.0.4) is not having any
issues connecting to a ftp server.
pf.conf::
int_if="em0"
jif="lo1"
db1="127.0.1.1"
web="127.0.1.2"
proxy="127.0.1.3"
imap="127.0.1.6"
tomcat="127.0.1.8"
ns="192.168.0.4"
postgres="127.0.1.9"
nat on $int_if from $jif:network to any -> ($int_if)
nat-anchor "ftp-proxy/*"
rdr-anchor "ftp-proxy/*"
rdr pass proto tcp from any to any port 21 -> 127.0.0.1 port 8021
#redirects to jails
rdr pass on $int_if proto tcp from any to any port 8180 -> $tomcat
rdr pass on { $int_if, lo0 } proto tcp from any to any port { 80, 443,
993 } -> $proxy
rdr pass on $int_if proto { tcp, udp } from any to ($int_if) port domain -> $ns
rdr pass on $int_if proto tcp from any to ($int_if) port 5432 -> $postgres
anchor "ftp-proxy/*"
pass all keep state
and ftp-proxy is really running:
shine# sockstat -4 | grep ftp
proxy ftp-proxy 94980 3 tcp4 127.0.0.1:8021 *:*
Any clues?
--
chs,
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?c1a0d1561003140040s48795c2dq74ebe276dd736adc>