From owner-freebsd-pf@FreeBSD.ORG  Tue Feb 22 03:29:46 2005
Return-Path: <owner-freebsd-pf@FreeBSD.ORG>
Delivered-To: freebsd-pf@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 4C54B16A4CE
	for <pf@freebsd.org>; Tue, 22 Feb 2005 03:29:46 +0000 (GMT)
Received: from srv1a-cta.bs2.com.br (srv1a-cta.bs2.com.br [200.203.183.35])
	by mx1.FreeBSD.org (Postfix) with ESMTP id F29BA43D54
	for <pf@freebsd.org>; Tue, 22 Feb 2005 03:29:45 +0000 (GMT)
	(envelope-from gpt@tirloni.org)
Received: from localhost (srv1a-cta.bs2.com.br [200.203.183.35])
	by srv1a-cta.bs2.com.br (Postfix) with ESMTP id 0CB431C6E21
	for <pf@freebsd.org>; Tue, 22 Feb 2005 00:29:57 -0300 (BRST)
Received: from [200.138.70.29]
	(200-138-070-029.mganm7004.dsl.brasiltelecom.net.br [200.138.70.29])
	by srv1a-cta.bs2.com.br (Postfix) with ESMTP id 81F8C1C7003
	for <pf@freebsd.org>; Tue, 22 Feb 2005 00:29:56 -0300 (BRST)
Message-ID: <421AA724.4030807@tirloni.org>
Date: Tue, 22 Feb 2005 00:29:40 -0300
From: "Giovanni P. Tirloni" <gpt@tirloni.org>
User-Agent: Mozilla Thunderbird 1.0 (Windows/20041206)
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: pf@freebsd.org
References: <421A3053.4050904@tirloni.org>
	<f9a240a12152e7201922e11ea064019c@buraglio.com> <421AA011.3020208@tirloni.org>
In-Reply-To: <421AA011.3020208@tirloni.org>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Subject: Re: rdr for ftp-proxy doesn't work
X-BeenThere: freebsd-pf@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Technical discussion and general questions about packet filter (pf)
	<freebsd-pf.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
	<mailto:freebsd-pf-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-pf>
List-Post: <mailto:freebsd-pf@freebsd.org>
List-Help: <mailto:freebsd-pf-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
	<mailto:freebsd-pf-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 22 Feb 2005 03:29:46 -0000

Giovanni P. Tirloni wrote:
> Nick Buraglio wrote:
> 
>> Try adding:
>>
>> pass in from any to any
>> pass out from any to any
>>
>> to the rules section.  I believe you have to tell it to actually 
>> handle the traffic.
> 
> 
>  I tried that but it didn't help. Then I tried changing 127.0.0.1 by 
> another external IP that I knew it had a ftp server running: all packets 
>  were redirected and I could login.
> 
>  There seems to be something locking the redirection to 127.0.0.1 and/or 
> the internal interface address.

  My temporary fix was to use ipfw and ports/ftp/frox but I'd like to 
help to investigate this situation. I've tried to enable transparent ftp 
proxy with pf and ftp-proxy on another 5.3-STABLE and it didn't work 
also. No packet gets redirect to loopback but it redirects for anything 
outside.

--
Giovanni P. Tirloni