From owner-freebsd-pf@FreeBSD.ORG  Thu Jun  8 14:00:18 2006
Return-Path: <owner-freebsd-pf@FreeBSD.ORG>
X-Original-To: freebsd-pf@freebsd.org
Delivered-To: freebsd-pf@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id A1D0016C0FF
	for <freebsd-pf@freebsd.org>; Thu,  8 Jun 2006 11:44:51 +0000 (UTC)
	(envelope-from dimas@dataart.com)
Received: from relay1.dataart.com (fobos.marketsite.ru [62.152.84.30])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 27DB243D49
	for <freebsd-pf@freebsd.org>; Thu,  8 Jun 2006 11:44:50 +0000 (GMT)
	(envelope-from dimas@dataart.com)
Received: from e1.universe.dart.spb ([192.168.10.44])
	by relay1.dataart.com with esmtp (Exim 4.62)
	(envelope-from <dimas@dataart.com>) id 1FoIwT-0001iF-7b
	for freebsd-pf@freebsd.org; Thu, 08 Jun 2006 15:44:49 +0400
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Date: Thu, 8 Jun 2006 15:42:47 +0400
Message-ID: <D5972F49810A69449A9EA72A4B360DC2D0A22C@e1.universe.dart.spb>
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
Thread-Topic: Rules in anchor
Thread-Index: AcaK8PJajLZJqVffSl2/vynP4wqdQw==
From: "Dmitry Andrianov" <dimas@dataart.com>
To: <freebsd-pf@freebsd.org>
Content-Type: text/plain;
	charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
X-Content-Filtered-By: Mailman/MimeDel 2.1.5
Subject: Rules in anchor
X-BeenThere: freebsd-pf@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Technical discussion and general questions about packet filter
	\(pf\)" <freebsd-pf.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
	<mailto:freebsd-pf-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-pf>
List-Post: <mailto:freebsd-pf@freebsd.org>
List-Help: <mailto:freebsd-pf-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
	<mailto:freebsd-pf-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 08 Jun 2006 14:00:19 -0000

Hi.
I just installed ftpsesame ( http://www.sentia.org/projects/ftpsesame/ )
It watches FTP control connections for PORS/PASV commands and creates
rules to allow corresponding data connections.=20
=20
I start long file transfer, ftpsesame console output says it is allowing
incoming connection to my machine, transfer really starts but pfctl does
not show any rules in the corresponding anchor. Or I'm using it
improperly...
=20
root@host <mailto:root@host> # pfctl -s Anchors          =20
  ftpsesame
root@host <mailto:root@spb-gw1> # pfctl -a ftpsesame -s rules
root@host <mailto:root@spb-gw1> #=20
=20
>From the other hand I know for sure the rule is really created because
otherwise FTP active mode would not work. (And yes, if I stop ftpsesame,
active mode stops working). So either it is some kind of bug in pf/pfctl
or I am missing something...
=20
Regards,
Dmitry Andrianov
=20
PS: FreeBSD 6.0-RELEASE #0