Date: Fri, 2 Feb 2001 13:56:37 +0100 From: "Schmalzbauer, Harald" <H.Schmalzbauer@belenus.com> To: freebsd-stable@FreeBSD.ORG Subject: AW: IPFilter 3.4.16? ftp-proxy and bimap broken on 3.4.8? Message-ID: <B14AF62CDA08D4118B8C00508B44A0B5154F3C@server02.belenus.com>
next in thread | raw e-mail | index | archive | help
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello, there is a problem with ftp-proxy in IPF versions prior to 3.4.14. I hope that the newer version will get as soon as possible to -stable. 1. Do a make freebsd4, make install-bsd Take care that you don't have two different versions of the binaries. I can remember that the install-bsd puts some of them in different directories and doesn't override all the FreeBSD standard files. 2. In FreeBSD-4.0/ copy the IPv6-pathc-4.1 to IPv6-patch-4.2 (I haven't tried 3.4.16 yet, but you had to do so for 3.4.14) Also for 3.4.14 you have to edit ip_log.c and ip_compat.c. Find "osreldate.h" (once per file) and change it to "sys/osreldate.h" Then run kinstall. This should work but as mentioned I haven't tried 3.4.16 yet but I think Darren didn't change anything since 3.4.14 considering FreeBSD-install. - -Harry belenus GmbH Harald Schmalzbauer Sys/Net Admin Tel: +49 (89) 21979-120 Fax: +49 (89) 21979-111 www.belenus.com > -----Ursprüngliche Nachricht----- > Von: Thomas T. Veldhouse [mailto:veldy@veldy.net] > Gesendet: Freitag, 2. Februar 2001 07:26 > An: freebsd-stable@FreeBSD.ORG > Betreff: IPFilter 3.4.16? ftp-proxy and bimap broken on 3.4.8? > > > Can anybody lead me to a method of installing ipfilter 3.4.16 > onto a FreeBSD > 4.2-STABLE (02012000) machine? I am having trouble with > 3.4.8 that comes > standard with FreeBSD. It seems that the ftp-data port is > not properly > handled during ftp proxy and bimap does not seem to work > either. It seems > to translate outgoing packets OK, but incoming packets > (setup) do not ever > reach the internal machines. The ftp-proxy seems to fail no > matter whether > I run nat using bimap or map the entire address range to one > IP address. > > Here are the options I am using in /etc/ipnat.rules: > > -- > # allow transparent proxy of ftp > map dc1 0.0.0.0/0 -> 0/32 proxy port 21 ftp/tcp > > # run nat for our internal network > #map dc1 192.168.0.0/24 -> 0/32 portmap tcp/udp 30000:50000 > bimap dc1 192.168.0.1/32 -> xx.xx.xx.xx/32 > bimap dc1 192.168.0.2/32 -> yy.yy.yy.yy/32 > bimap dc1 192.168.0.4/32 -> zz.zz.zz.zz/32 > -- > > Thanks in advance, > > Tom Veldhouse > veldy@veldy.net > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-stable" in the body of the message > -----BEGIN PGP SIGNATURE----- Version: PGP 6.5.2 iQA/AwUBOnqgdlXEptsBus8cEQITMACfY6TimOpoOT+FoiJOa8rjcPRx300An3JS rFE91lxUWACTWjnMdmD1Y29j =Ea+0 -----END PGP SIGNATURE----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?B14AF62CDA08D4118B8C00508B44A0B5154F3C>