From owner-freebsd-current@FreeBSD.ORG Wed Nov 24 21:15:33 2004 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 84CD916A4CE for ; Wed, 24 Nov 2004 21:15:33 +0000 (GMT) Received: from moutng.kundenserver.de (moutng.kundenserver.de [212.227.126.188]) by mx1.FreeBSD.org (Postfix) with ESMTP id D12F343D39 for ; Wed, 24 Nov 2004 21:15:32 +0000 (GMT) (envelope-from max@love2party.net) Received: from [212.227.126.160] (helo=mrelayng.kundenserver.de) by moutng.kundenserver.de with esmtp (Exim 3.35 #1) id 1CX4U6-0000kI-00; Wed, 24 Nov 2004 22:15:30 +0100 Received: from [84.128.135.252] (helo=donor.laier.local) by mrelayng.kundenserver.de with asmtp (TLSv1:RC4-MD5:128) (Exim 3.35 #1) id 1CX4U6-0000qa-00; Wed, 24 Nov 2004 22:15:31 +0100 From: Max Laier To: freebsd-current@freebsd.org Date: Wed, 24 Nov 2004 22:15:52 +0100 User-Agent: KMail/1.7.1 References: <41A597C2.7070005@ThePacific.Net> In-Reply-To: <41A597C2.7070005@ThePacific.Net> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="nextPart1601960.ZaoofOrBhB"; protocol="application/pgp-signature"; micalg=pgp-sha1 Content-Transfer-Encoding: 7bit Message-Id: <200411242216.00848.max@love2party.net> X-Provags-ID: kundenserver.de abuse@kundenserver.de auth:61c499deaeeba3ba5be80f48ecc83056 cc: "Marcos Biscaysaqu - ThePacific.net" Subject: Re: PF, FTP problems fixed X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 24 Nov 2004 21:15:33 -0000 --nextPart1601960.ZaoofOrBhB Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline [Please fix your systemtime or timezone] On Thursday 25 November 2004 09:28, Marcos Biscaysaqu - ThePacific.net wrot= e: > Hi there. > somebody know how to make this work on freebsd??? > -------------------------------------------------------------------------= =2D- > > Ok, bleeding edge pf people... I wrote a new FTP proxy called "pftpx" and > I'd like to solicit some feedback from the community... > > Why should you try it? What advantages does pftpx offer? > 1) it handles all ftp modes: PORT, PASV, EPRT, EPSV > 2) it handles ipv6 > 3) it should scale: one process handles all sessions using libevent > 4) it works with "strict" ftp clients (clients that want data connections > to the same IP as the control connection) > > > Quick guide: > - you need libevent-0.8 (OpenBSD 3.6 has it) Libevent is in ports (devel/libevent - version 0.9). > - download http://www.sentia.org/downloads/pftpx-0.3.tar.gz > - untar, make > - add this to pf.conf in the nat section: > > nat-anchor "pftpx/*" > rdr-anchor "pftpx/*" That looks not so good. ".../*" anchors are a 3.6 thing, while FreeBSD is=20 en-par with 3.5. From a first look and common sense, I don't think it's a=20 requirement, but you might have to change some code to make it work. > rdr pass on $if proto tcp from any to any port 21 -> 127.0.0.1 port 8021 > > - add this to pf.conf in the rule section: > > anchor "pftpx/*" Same here. > - run the proxy in debug mode: sudo pftpx -d -D7 > - ready to go... > > Sorry, no manpage yet, this is bleeding edge after all. Don't run this in > production if your job depends on it. :-) > > All feedback welcome, also if you want to suggest a better name. :-) I'd be more than happy to see this ported, looks useful! =2D-=20 /"\ Best regards, | mlaier@freebsd.org \ / Max Laier | ICQ #67774661 X http://pf4freebsd.love2party.net/ | mlaier@EFnet / \ ASCII Ribbon Campaign | Against HTML Mail and News --nextPart1601960.ZaoofOrBhB Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (FreeBSD) iD8DBQBBpPoQXyyEoT62BG0RAqdFAJ9AVAxXiP749U/pKeO36k7FmhBLWgCfZxmp fSMZHil6lZQoVFcj6xS4ycU= =gfIy -----END PGP SIGNATURE----- --nextPart1601960.ZaoofOrBhB--