From owner-freebsd-current@FreeBSD.ORG Wed Nov 24 19:30:59 2004 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C413E16A4CE for ; Wed, 24 Nov 2004 19:30:59 +0000 (GMT) Received: from sage.ts.co.nz (sage.tasman.net [202.49.92.1]) by mx1.FreeBSD.org (Postfix) with ESMTP id F1C4543D48 for ; Wed, 24 Nov 2004 19:30:58 +0000 (GMT) (envelope-from marcos@ThePacific.Net) Received: from sage.ts.co.nz ([172.16.21.1]) by sage.ts.co.nz (8.12.11/8.12.10) with ESMTP id iAOJUvSZ019480 for ; Thu, 25 Nov 2004 08:30:57 +1300 Received: from [172.16.20.10] (203-86-192-98.tasman.net [203.86.192.98]) by sage.ts.co.nz (8.12.11/8.12.10) with ESMTP id iAOJU322018374 for ; Thu, 25 Nov 2004 08:30:03 +1300 Message-ID: <41A597C2.7070005@ThePacific.Net> Date: Thu, 25 Nov 2004 08:28:50 +0000 From: "Marcos Biscaysaqu - ThePacific.net" User-Agent: Mozilla Thunderbird 0.7.3 (X11/20040910) X-Accept-Language: en-us, en MIME-Version: 1.0 To: freebsd-current@freebsd.org Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Subject: PF, FTP problems fixed X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 24 Nov 2004 19:30:59 -0000 Hi there. somebody know how to make this work on freebsd??? ---------------------------------------------------------------------------- Ok, bleeding edge pf people... I wrote a new FTP proxy called "pftpx" and I'd like to solicit some feedback from the community... Why should you try it? What advantages does pftpx offer? 1) it handles all ftp modes: PORT, PASV, EPRT, EPSV 2) it handles ipv6 3) it should scale: one process handles all sessions using libevent 4) it works with "strict" ftp clients (clients that want data connections to the same IP as the control connection) Quick guide: - you need libevent-0.8 (OpenBSD 3.6 has it) - download http://www.sentia.org/downloads/pftpx-0.3.tar.gz - untar, make - add this to pf.conf in the nat section: nat-anchor "pftpx/*" rdr-anchor "pftpx/*" rdr pass on $if proto tcp from any to any port 21 -> 127.0.0.1 port 8021 - add this to pf.conf in the rule section: anchor "pftpx/*" - run the proxy in debug mode: sudo pftpx -d -D7 - ready to go... Sorry, no manpage yet, this is bleeding edge after all. Don't run this in production if your job depends on it. :-) All feedback welcome, also if you want to suggest a better name. :-) Regards, Cam