From owner-freebsd-current@FreeBSD.ORG Fri Oct 22 23:16:18 2004 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B437316A534 for ; Fri, 22 Oct 2004 23:16:18 +0000 (GMT) Received: from sage.ts.co.nz (sage.tasman.net [202.49.92.1]) by mx1.FreeBSD.org (Postfix) with ESMTP id 019BA43D5D for ; Fri, 22 Oct 2004 23:16:18 +0000 (GMT) (envelope-from marcos@ThePacific.Net) Received: from sage.ts.co.nz ([172.16.21.1]) by sage.ts.co.nz (8.12.11/8.12.10) with ESMTP id i9MNGG35021707 for ; Sat, 23 Oct 2004 12:16:16 +1300 Received: from [172.16.20.10] (gateway-nelson.thepacific.net [202.49.95.33]) by sage.ts.co.nz (8.12.11/8.12.10) with ESMTP id i9MNDQMR021103 for ; Sat, 23 Oct 2004 12:13:26 +1300 Message-ID: <41799377.9020301@ThePacific.Net> Date: Sat, 23 Oct 2004 12:10:47 +1300 From: "Marcos Biscaysaqu - ThePacific.net" User-Agent: Mozilla Thunderbird 0.7.3 (X11/20040910) X-Accept-Language: en-us, en MIME-Version: 1.0 To: freebsd-current@freebsd.org References: <20041022073733.B412468834@gunfright.epcdirect.co.uk> <41798D8C.9080803@ThePacific.Net> In-Reply-To: <41798D8C.9080803@ThePacific.Net> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: Re: ftp-proxy, PF not working with FTP traffic X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 22 Oct 2004 23:16:18 -0000 Marcos Biscaysaqu - ThePacific.net wrote: > Lawrence Farr wrote: > >>> somebody know how fix this, or if it another option to make work ftp >>> clients no PF? >>> >>> thanks >>> Marcos >>> >> >> >> In inetd.conf I'm using: >> >> ftp-proxy stream tcp nowait root /usr/libexec/ftp-proxy >> ftp-proxy -a 1.2.3.4 -m 55000 -M 57000 -t 180 >> >> Where 1.2.3.4 is my external IP >> >> And my PF rule is: >> >> pass quick proto tcp from to any port { ftp, ftp-data, > 49151 } >> >> Where is my internal network range. >> >> _______________________________________________ >> freebsd-current@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-current >> To unsubscribe, send any mail to >> "freebsd-current-unsubscribe@freebsd.org" >> >> >> >> > Hi there, > > are you missing the redirection? "rdr on $int_if proto tcp from any > to any port 21 -> 127.0.0.1 port 8021", anyway I tried this and still > doesn't work, the problem it is some ftp clients are waiting the data > connection from the IP of the ftp server, but the data it is coming > back from my external ip number which make the ftp client drop the > connections.. > Only work for ftp clients who accept data from a different ip > number than the control ftp connection which it is very wrong. try > with NCFTP as client with "passive mode of" > > thanks > Marcos > > >