Date: Tue, 4 Feb 1997 09:02:32 -0600 (CST) From: Mark Tinguely <tinguely@plains.nodak.edu> To: chris@mail.bb.cc.wa.us Cc: hackers@FreeBSD.org Subject: Re: IPFILTER Message-ID: <199702041502.JAA12296@plains.nodak.edu>
next in thread | raw e-mail | index | archive | help
I used the ftp proxy that comes with the FireWall Tool Kit (FWTK). The FWTK's ftp proxy does not allow for local ftp connections, so I placed the proxy at port 1026 and left the standard ftpd at port 21. I added to /etc/services: ftp-gw 1026/tcp #File Transfer [Control] ftp-gw 1026/udp #File Transfer [Control] I changed the NAT rules to: # file known as /etc/nat_rule # map ppp0 10.1.0.0/24 -> XXXXXXXX/32 portmap tcpudp 1027:20000 # # Redirection is triggered for input packets. # For example, to redirect FTP connections through this box, to the local ftp # port, forcing them to connect through a proxy, you would use: # rdr ed0 0.0.0.0/0 port ftp -> 127.0.0.1 port 1026 in this way, I can ftp to the NAT machine from the internet all the time and from the hidden net whenever NAT is not active. to get the FWTK: echo "send" | mail fwtk-request@tis.com this will respond with a time sensitive ftp directory from which you can download the software. --mark.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199702041502.JAA12296>