Date: Mon, 14 Aug 2006 22:27:25 +0300 From: "Ivan Levchenko" <levchenko.i@gmail.com> To: "Gilberto Villani Brito" <linux@giboia.org>, freebsd-questions@freebsd.org Subject: Re: ftp-proxy with pf Message-ID: <e39dd5bb0608141227i61a53232gf4bbc1022f6565dd@mail.gmail.com> In-Reply-To: <6e6841490608141219u5ef60960n8731717da00b5785@mail.gmail.com> References: <e39dd5bb0608131235j774f24adnb96d7d8dd1414eca@mail.gmail.com> <6e6841490608141219u5ef60960n8731717da00b5785@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hello Gilberto, No, that wouldn't work, there is no sense in adding a nat rule to the internal interface. I just found out why it didn't work. All this time, I was using active ftp on my ubuntu box. when i switched to passive, it all worked like a charm. found it on some forum archive .. forgot the link. on linux the env setting for passive ftp doesn't work.. .i never knew that.. you have you add -p to the ftp command or start it using pftp.. On 8/14/06, Gilberto Villani Brito <linux@giboia.org> wrote: > Try using this rule: > nat on $int_if from any to any port 21 -> 127.0.0.1 port 8021 > > > Gilberto > > > 2006/8/13, Ivan Levchenko < levchenko.i@gmail.com>: > > > Hi everybody, > > having some troubles with ftp-proxy on my gateway at home: the darn > thing gets me connected to an outside ftp server, but won't let me do > anything else with it. > > the gateway computer is freebsd (it is running pf with nat to share > and secure a pppoe connection); the client computer is running kubuntu > 6.06. > > here is what i get when trying to connect to a ftp server behind the nat: > > $ ftp ftp.freebsd.org > Connected to ftp.freebsd.org . > 220 ftp.FreeBSD.org NcFTPd Server (licensed copy) ready. > Name (ftp.freebsd.org:ivan): ftp > 331 Guest login ok, send your complete e-mail address as password. > Password: > 230-You are user #112 of 1000 simultaneous users allowed. > 230- > 230 Logged in anonymously. > Remote system type is UNIX. > Using binary mode to transfer files. > ftp> ls > 550 Data connection must go to same host as control connection. > ftp: bind: Address already in use > ftp> > > or i get this error when connecting to a different ftp server (vsftpd): > 500 Illegal PORT command. > ftp: bind: Address already in use. > > i read the ftp-proxy and pf.conf man pages and have google-ed more > than my brain can comprehend but still no answer for this. > > i attached the conf files for pf.conf and inetd.conf > > any help (the right keyword to google with will be nice too!!!) will be > great! > > -- > Best Regards, > > Ivan Levchenko > levchenko.i@gmail.com > > > _______________________________________________ > freebsd-pf@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-pf > To unsubscribe, send any mail to " > freebsd-pf-unsubscribe@freebsd.org" > > > > > -- Best Regards, Ivan Levchenko levchenko.i@gmail.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?e39dd5bb0608141227i61a53232gf4bbc1022f6565dd>