Date: Sat, 4 Oct 2008 12:24:09 +0200 From: "Redd Vinylene" <reddvinylene@gmail.com> To: "Max Laier" <max@love2party.net> Cc: jail@freebsd.org, questions@freebsd.org, pf@freebsd.org Subject: Re: Jail, pf and ftpd: Connection refused Message-ID: <f1019d520810040324o586ce24bi8f43a3a0ec4f716d@mail.gmail.com> In-Reply-To: <200810031156.07623.max@love2party.net> References: <f1019d520810030211u29325345r2e389718ba987892@mail.gmail.com> <200810031156.07623.max@love2party.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Oct 3, 2008 at 11:56 AM, Max Laier <max@love2party.net> wrote: > > See ftp-proxy(8). > > Note that active works with the ruleset you provided (due to the "pass out > keep state"-rule), but there is obviously a firewall problem on the client > preventing that. > Are you sure I need ftp-proxy? I opened the datarange 49152:65535 and now I no longer get a connection refused. I seem to be able to list, download, you know the usual stuff. I still get the "getpeername(control_sock): Transport endpoint is not connected" though. If I do need ftp-proxy, I take it it's the "FTP Server Protected by an External PF Firewall Running NAT" at http://www.openbsd.org/faq/pf/ftp.html that applies to my setup? I can't quite comprehend the nat/rdr rules in that example, as I ain't really got an int_if. As I stated earlier, I have a FreeBSD server running pf and two jails, and I'm trying to get ftpd running smoothly inside one of those jails. Thank you so much. -- http://www.home.no/reddvinylene
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?f1019d520810040324o586ce24bi8f43a3a0ec4f716d>