Date: Mon, 21 Feb 2005 16:02:43 -0300 From: "Giovanni P. Tirloni" <gpt@tirloni.org> To: pf@freebsd.org Subject: rdr for ftp-proxy doesn't work Message-ID: <421A3053.4050904@tirloni.org>
next in thread | raw e-mail | index | archive | help
Hi,
I've a pf.conf without any filter rules, only this one and nat:
rdr on sk0 inet proto tcp from any to any port = ftp -> 127.0.0.1
port 8021
And ftp-proxy is listening through inetd on that port:
sockstat -4l:
USER COMMAND PID FD PROTO LOCAL ADDRESS FOREIGN ADDRESS
root inetd 5470 4 tcp4 *:8021 *:*
inetd.conf:
ftp-proxy stream tcp nowait root /usr/libexec/ftp-proxy
ftp-proxy -n
pfctl -s nat -v:
rdr on sk0 inet proto tcp from any to any port = ftp -> 127.0.0.1 port 8021
[ Evaluations: 28723 Packets: 2 Bytes: 96
States: 1 ]
uname:
FreeBSD 5.3-STABLE #0: Fri Feb 18 07:24:35 BRST 2005
When I run tcpdump on sk0 (internal interface) I see the host trying
to connect to port 21 (syn) but no packets go to the loopback interface
or any other place.
If I remove the rdr rule it client connects and authenticates but is
unable to start a active connection, of course.
Any idea about what is causing this? Strange enough I've the same set of
rules on another 6 machines and it works. The
Thanks in advance,
--
Giovanni P. Tirloni
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?421A3053.4050904>