From owner-freebsd-stable@FreeBSD.ORG  Tue Mar 28 17:21:39 2006
Return-Path: <owner-freebsd-stable@FreeBSD.ORG>
X-Original-To: freebsd-stable@FreeBSD.org
Delivered-To: freebsd-stable@FreeBSD.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 424C316A456
	for <freebsd-stable@FreeBSD.org>; Tue, 28 Mar 2006 17:21:39 +0000 (UTC)
	(envelope-from rbgarga@gmail.com)
Received: from zproxy.gmail.com (zproxy.gmail.com [64.233.162.197])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 8E66E4430A
	for <freebsd-stable@FreeBSD.org>; Tue, 28 Mar 2006 16:22:05 +0000 (GMT)
	(envelope-from rbgarga@gmail.com)
Received: by zproxy.gmail.com with SMTP id x3so1562462nzd
	for <freebsd-stable@FreeBSD.org>; Tue, 28 Mar 2006 08:22:04 -0800 (PST)
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com;
	h=received:message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition;
	b=SY44pz5hJf/pAMdJ8vlBxzoT3xpPaZBoBPeo0TFabBtpkA+37c0sxx/CJTt3sOeWbbpgYH/ep9Rg/jyFjNpLKxvQc3U7R1DFk4z6+GI60vkBThIIjqX//QHNIGx2wI2LC19wYm7u0DLxk+6qwxgKDxOsiSVP7IzJ2R8r5haTKZ4=
Received: by 10.36.42.15 with SMTP id p15mr838182nzp;
	Tue, 28 Mar 2006 08:22:04 -0800 (PST)
Received: by 10.37.14.22 with HTTP; Tue, 28 Mar 2006 08:22:04 -0800 (PST)
Message-ID: <747dc8f30603280822g1a2996b8l3027fe3f1e9589ae@mail.gmail.com>
Date: Tue, 28 Mar 2006 13:22:04 -0300
From: "Renato Botelho" <rbgarga@gmail.com>
To: freebsd-stable@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline
Cc: 
Subject: Problems with pf + ftp-proxy on gateway
X-BeenThere: freebsd-stable@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Production branch of FreeBSD source code <freebsd-stable.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>, 
	<mailto:freebsd-stable-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-stable>
List-Post: <mailto:freebsd-stable@freebsd.org>
List-Help: <mailto:freebsd-stable-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>,
	<mailto:freebsd-stable-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 28 Mar 2006 17:21:39 -0000

I'm trying to use pf + ftp-proxy n a 6.1-PRERELEASE machine.

I have this line on inetd.conf:

ftp-proxy      stream  tcp     nowait  root    /usr/libexec/ftp-proxy=20
ftp-proxy -n

And this lines on pf.conf:

rdr on $int_if proto tcp from any to any port ftp -> 127.0.0.1 port ftp-pro=
xy
pass in quick on $ext_if inet proto tcp from any port ftp-data to
$ext_if:0 user proxy flags S/SA keep state

When one machine inside my network (e.g. 192.168.x.x) connects to an
external ftp server (e.g. ftp.FreeBSD.org), data connection doesn't
work.

Connection comes to my firewall and is accepted but connection is not
established and stay like this here:

self tcp 200.x.x.x:57625 <- 200.x.x.x:20       ESTABLISHED:FIN_WAIT_2

Any kind of help will be appreciate

thanks
--
Renato Botelho