From owner-freebsd-current@FreeBSD.ORG Wed May 16 18:39:09 2007 Return-Path: X-Original-To: freebsd-current@freebsd.org Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 2105816A414 for ; Wed, 16 May 2007 18:39:09 +0000 (UTC) (envelope-from des@des.no) Received: from tim.des.no (tim.des.no [194.63.250.121]) by mx1.freebsd.org (Postfix) with ESMTP id D0FEF13C45B for ; Wed, 16 May 2007 18:39:08 +0000 (UTC) (envelope-from des@des.no) Received: from tim.des.no (localhost [127.0.0.1]) by spam.des.no (Postfix) with ESMTP id 18C4220A7; Wed, 16 May 2007 20:39:05 +0200 (CEST) X-Spam-Tests: AWL X-Spam-Learn: disabled X-Spam-Score: 0.0/3.0 X-Spam-Checker-Version: SpamAssassin 3.1.7 (2006-10-05) on tim.des.no Received: from dwp.des.no (des.no [80.203.243.180]) by smtp.des.no (Postfix) with ESMTP id 8DBAC2088; Wed, 16 May 2007 20:39:04 +0200 (CEST) Received: by dwp.des.no (Postfix, from userid 1001) id 741AE5305; Wed, 16 May 2007 20:39:04 +0200 (CEST) From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= To: Buki References: <200705101342.l4ADgCgg007728@lurza.secnetix.de> <20070510221221.GA44910@FreeBSD.czest.pl> <464392EC.5090203@elischer.org> <20070510223739.GA66016@lor.one-eyed-alien.net> <4643C90D.9040906@elischer.org> <20070511015204.GA66910@lor.one-eyed-alien.net> <1178935327.1786.6.camel@localhost> <200705151030.l4FAUbEE063594@fire.jhs.private> <86d5125fxo.fsf@dwp.des.no> <20070516152319.GG378@dev.null.cz> Date: Wed, 16 May 2007 20:39:04 +0200 In-Reply-To: <20070516152319.GG378@dev.null.cz> (dev@null.cz's message of "Wed\, 16 May 2007 17\:23\:19 +0200") Message-ID: <86bqgkk3zr.fsf@dwp.des.no> User-Agent: Gnus/5.110006 (No Gnus v0.6) Emacs/21.3 (berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Cc: Tom McLaughlin , jhs@berklix.com, freebsd-current@freebsd.org, "Julian H. Stacey" Subject: Re: We don't really need two FTP daemons X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 16 May 2007 18:39:09 -0000 Buki writes: > Dag-Erling Sm=C3=B8rgrav writes: > > "Julian H. Stacey" writes: > > > I've never been sure which ftpd to run on my gateway (with IPFW, with= no NAT) > > > to provide proxy, so internal hosts could cd /usr/ports; make fetch > > You don't need a proxy. Do the following on each internal host: > > > > # echo 'FTP_PASSIVE_MODE=3DYES' >>/etc/profile > actually, if the internal hosts use RFC1918 addresses this wouldn't > suffice. He really needs either ftp proxy (and redirect all ftp traffic > to it) or NAT. He specifically said "no NAT", so I assumed his internal hosts had routable addresses. If they don't, he should set up Squid and define FTP_PROXY and HTTP_PROXY in the internal hosts' environments; see fetch(3) for details. Better yet, define ftp_proxy and http_proxy as some third-party software (wget, w3m) obey the lower-case variables but not the upper-case ones. OpenBSD has transparent FTP and TFTP proxies written specifically for use with pf(4), but we haven't imported them (yet). As for non-transparent FTP proxies, there are several unformalized and mostly undocumented protocols. The most common one seems to be to send the server name as part of the login name (user@server:port) when logging on to the proxy; libfetch supports that protocol and will use it if the method part of FTP_PROXY (or ftp_proxy) is either "ftp" or unspecified. One open source proxy I know of which supports this is ftp/ftpproxy in ports. DES --=20 Dag-Erling Sm=C3=B8rgrav - des@des.no