From owner-freebsd-stable Thu Feb 1 22:27:21 2001 Delivered-To: freebsd-stable@freebsd.org Received: from veldy.net (w028.z064001117.msp-mn.dsl.cnc.net [64.1.117.28]) by hub.freebsd.org (Postfix) with ESMTP id B931637B4EC for ; Thu, 1 Feb 2001 22:27:04 -0800 (PST) Received: from cascade (cascade.veldy.net [192.168.0.1]) by veldy.net (Postfix) with SMTP id C5C368C5A for ; Fri, 2 Feb 2001 00:26:39 -0600 (CST) Message-ID: <000f01c08ce0$ff8abfe0$0100a8c0@cascade> From: "Thomas T. Veldhouse" To: Subject: IPFilter 3.4.16? ftp-proxy and bimap broken on 3.4.8? Date: Fri, 2 Feb 2001 00:25:55 -0600 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4133.2400 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400 Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Can anybody lead me to a method of installing ipfilter 3.4.16 onto a FreeBSD 4.2-STABLE (02012000) machine? I am having trouble with 3.4.8 that comes standard with FreeBSD. It seems that the ftp-data port is not properly handled during ftp proxy and bimap does not seem to work either. It seems to translate outgoing packets OK, but incoming packets (setup) do not ever reach the internal machines. The ftp-proxy seems to fail no matter whether I run nat using bimap or map the entire address range to one IP address. Here are the options I am using in /etc/ipnat.rules: -- # allow transparent proxy of ftp map dc1 0.0.0.0/0 -> 0/32 proxy port 21 ftp/tcp # run nat for our internal network #map dc1 192.168.0.0/24 -> 0/32 portmap tcp/udp 30000:50000 bimap dc1 192.168.0.1/32 -> xx.xx.xx.xx/32 bimap dc1 192.168.0.2/32 -> yy.yy.yy.yy/32 bimap dc1 192.168.0.4/32 -> zz.zz.zz.zz/32 -- Thanks in advance, Tom Veldhouse veldy@veldy.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message