Date: Tue, 20 Oct 2015 08:56:40 +0300 From: wishmaster <artemrts@ukr.net> To: David Mehler <dave.mehler@gmail.com> Cc: freebsd-pf <freebsd-pf@freebsd.org> Subject: Re: Working pf ftp configurations Message-ID: <1445320261.248562855.wf3ncryq@frv34.fwdcdn.com> In-Reply-To: <CAPORhP6MRQx9hWG5P7jT0-R2_UEP_tJSV1Nbq7v6Hv1MqdBWeA@mail.gmail.com> References: <CAPORhP6MRQx9hWG5P7jT0-R2_UEP_tJSV1Nbq7v6Hv1MqdBWeA@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--- Original message --- From: "David Mehler" <dave.mehler@gmail.com> Date: 20 October 2015, 03:47:52 > Hello, > > If anyone is using freebsd 10 I suppose, pf, and using a system as an > ftp client or using the system to protect jails or other systems on a > network, providing them ftp access to the net, via ftp-proxy can you > share your configurations? What I've got is not working, initially I > had a single system that wouldn't allow an ls ona remote ftp server, I > then added in some jails for other reasons, tried them, and they do > the same, can connect can log in, can not do ls or anything else. The > original system/gateway/jail holding box, does run ftp-proxy it is > showing up on 127.0.0.1 port 8021. My system maintains a lot of jails with VIMAGE. FTP server inside jail. Rules in the base system like below: pass in quick on $ext_if from any to $jail port 39000-40000 keep-state vsftpd inside jail has directives: pasv_min_port=39000 pasv_max_port=40000 This above for the passive ftp. I do not like ftp-proxy ;-) --- Vitaliy
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1445320261.248562855.wf3ncryq>