Date: Sat, 23 Oct 2004 12:10:47 +1300 From: "Marcos Biscaysaqu - ThePacific.net" <marcos@ThePacific.Net> To: freebsd-current@freebsd.org Subject: Re: ftp-proxy, PF not working with FTP traffic Message-ID: <41799377.9020301@ThePacific.Net> In-Reply-To: <41798D8C.9080803@ThePacific.Net> References: <20041022073733.B412468834@gunfright.epcdirect.co.uk> <41798D8C.9080803@ThePacific.Net>
next in thread | previous in thread | raw e-mail | index | archive | help
Marcos Biscaysaqu - ThePacific.net wrote:
> Lawrence Farr wrote:
>
>>> somebody know how fix this, or if it another option to make work ftp
>>> clients no PF?
>>>
>>> thanks
>>> Marcos
>>>
>>
>>
>> In inetd.conf I'm using:
>>
>> ftp-proxy stream tcp nowait root /usr/libexec/ftp-proxy
>> ftp-proxy -a 1.2.3.4 -m 55000 -M 57000 -t 180
>>
>> Where 1.2.3.4 is my external IP
>>
>> And my PF rule is:
>>
>> pass quick proto tcp from <inets> to any port { ftp, ftp-data, > 49151 }
>>
>> Where <inets> is my internal network range.
>>
>> _______________________________________________
>> freebsd-current@freebsd.org mailing list
>> http://lists.freebsd.org/mailman/listinfo/freebsd-current
>> To unsubscribe, send any mail to
>> "freebsd-current-unsubscribe@freebsd.org"
>>
>>
>>
>>
> Hi there,
>
> are you missing the redirection? "rdr on $int_if proto tcp from any
> to any port 21 -> 127.0.0.1 port 8021", anyway I tried this and still
> doesn't work, the problem it is some ftp clients are waiting the data
> connection from the IP of the ftp server, but the data it is coming
> back from my external ip number which make the ftp client drop the
> connections..
> Only work for ftp clients who accept data from a different ip
> number than the control ftp connection which it is very wrong. try
> with NCFTP as client with "passive mode of"
>
> thanks
> Marcos
>
>
>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?41799377.9020301>