Date: Tue, 22 Feb 2005 08:03:55 +0100 From: Hexren <me@hexren.net> To: "Giovanni P. Tirloni" <gpt@tirloni.org> Cc: pf@freebsd.org Subject: Re[2]: rdr for ftp-proxy doesn't work Message-ID: <1761371051.20050222080355@hexren.net> In-Reply-To: <421AA724.4030807@tirloni.org> References: <421A3053.4050904@tirloni.org> <421AA011.3020208@tirloni.org> <421AA724.4030807@tirloni.org>
next in thread | previous in thread | raw e-mail | index | archive | help
GPT> Giovanni P. Tirloni wrote: >> Nick Buraglio wrote: >> >>> Try adding: >>> >>> pass in from any to any >>> pass out from any to any >>> >>> to the rules section. I believe you have to tell it to actually >>> handle the traffic. >> >> >> I tried that but it didn't help. Then I tried changing 127.0.0.1 by >> another external IP that I knew it had a ftp server running: all packets >> were redirected and I could login. >> >> There seems to be something locking the redirection to 127.0.0.1 and/or >> the internal interface address. GPT> My temporary fix was to use ipfw and ports/ftp/frox but I'd like to GPT> help to investigate this situation. I've tried to enable transparent ftp GPT> proxy with pf and ftp-proxy on another 5.3-STABLE and it didn't work GPT> also. No packet gets redirect to loopback but it redirects for anything GPT> outside. GPT> -- GPT> Giovanni P. Tirloni GPT> _______________________________________________ GPT> freebsd-pf@freebsd.org mailing list GPT> http://lists.freebsd.org/mailman/listinfo/freebsd-pf GPT> To unsubscribe, send any mail to "freebsd-pf-unsubscribe@freebsd.org" --------------------------------------------- I would guess that it would be wiser to use not the loopback address but a "normal" address of the proxy you want to use in the redirection. Only a guess. Hexren
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1761371051.20050222080355>