Date: Tue, 28 Mar 2006 14:06:09 -0500 (EST) From: Peter <petermatulis@yahoo.ca> To: Renato Botelho <rbgarga@gmail.com>, freebsd-stable@FreeBSD.org Subject: Re: Problems with pf + ftp-proxy on gateway Message-ID: <20060328190609.28643.qmail@web60013.mail.yahoo.com> In-Reply-To: <747dc8f30603280822g1a2996b8l3027fe3f1e9589ae@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--- Renato Botelho <rbgarga@gmail.com> wrote: > I'm trying to use pf + ftp-proxy n a 6.1-PRERELEASE machine. > > I have this line on inetd.conf: > > ftp-proxy stream tcp nowait root /usr/libexec/ftp-proxy > > ftp-proxy -n > > And this lines on pf.conf: > > rdr on $int_if proto tcp from any to any port ftp -> 127.0.0.1 port > ftp-proxy > pass in quick on $ext_if inet proto tcp from any port ftp-data to > $ext_if:0 user proxy flags S/SA keep state > > When one machine inside my network (e.g. 192.168.x.x) connects to an > external ftp server (e.g. ftp.FreeBSD.org), data connection doesn't > work. > > Connection comes to my firewall and is accepted but connection is not > established and stay like this here: > > self tcp 200.x.x.x:57625 <- 200.x.x.x:20 ESTABLISHED:FIN_WAIT_2 You need to decide whether you are working with passive ftp clients (probably), active, or both. __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060328190609.28643.qmail>