[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

simple ftp-proxy problems.



Hi,
I was trying to make ftp'ing from my inside nw to internet possible.
So in pf.conf (state-policy is floating):
rdr pass on $int_if proto tcp to port ftp -> 127.0.0.1 port 8021
pass in on $ext_if inet proto tcp from any to $ext_if user proxy keep 
state
in inetd.conf
127.0.0.1:8021 stream tcp nowait root /usr/libexec/ftp-proxy ftp-proxy
I do use natting though cause inside i have a 10.x.y.z network.
However, connection cannot be set up succesfully, not passive and not 
active. I dont see any drops either. (as example to ftp.openbsd.org):
I do see this (fstat | grep internet | grep proxy):
proxy ftp-proxy 1300 0* internet stream tcp c19ad9e0 127.0.0.1:8021 <->
10.1.1.12:1316 proxy ftp-proxy 1300 1* internet stream tcp c19ad9e0
127.0.0.1:8021 <-> 10.1.1.12:1316 proxy ftp-proxy 1300 2* internet stream
tcp c19ad9e0 127.0.0.1:8021 <-> 10.1.1.12:1316 proxy ftp-proxy 1300 4*
internet stream tcp c19adc58 82.161.169.153:57731 <-> 129.128.5.191:21
proxy ftp-proxy 1300 5* internet stream tcp c19d627c *:56551 proxy
ftp-proxy 480 0* internet stream tcp c19ad62c 127.0.0.1:8021 <->
10.1.1.12:1298 proxy ftp-proxy 480 1* internet stream tcp c19ad62c
127.0.0.1:8021 <-> 10.1.1.12:1298 proxy ftp-proxy 480 2* internet stream
tcp c19ad62c 127.0.0.1:8021 <-> 10.1.1.12:1298 proxy ftp-proxy 480 4*
internet stream tcp c19add94 82.161.169.153:58786 <-> 129.128.5.191:21
proxy ftp-proxy 480 5* internet stream tcp c19d6004 *:59574 proxy
ftp-proxy 1087 0* internet stream tcp c19ad8a4 127.0.0.1:8021 <->
10.1.1.12:1296 proxy ftp-proxy 1087 1* internet stream tcp c19ad8a4
127.0.0.1:8021 <-> 10.1.1.12:1296 proxy ftp-proxy 1087 2* internet stream
tcp c19ad8a4 127.0.0.1:8021 <-> 10.1.1.12:1296 proxy ftp-proxy 1087 4*
internet stream tcp c19ad768 82.161.169.153:59791 <-> 62.243.72.50:21
proxy ftp-proxy 1087 5* internet stream tcp c19ad4f0 *:57777
What did i configure wrong? How can i fix it?
Bye,
Mipam.