[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: FTP clients behind PF can connect to ftp serves but cannot listfiles why?

> If you have a little bit more complex setup, I found that FTP Sesame
> (google ftpsesame) worked a charm. ftp-proxy wasn't able to handle two
> way active and passive connections in my setup but ftpsesame has been
> going great guns. Handles several hundred inbound and several thousand
> outbound ftp connections a day.
Is this working the same way proxy does? Redirecting ftp connection to
localhost where ftp-proxy is running?
> > > rdr on $int_if proto tcp from any to any port 21 ->
> > stream tcp nowait root /usr/libexec/ftp-proxy
> > ftp-proxy -n
> > pass in on $ext_if inet proto tcp from any to $ext_if \
> > user proxy keep state 
I notcied that with the above rules internal clients can do pasive
ftp fine, but active ftp wont work, pf drops the packets from
the remote host from port 20 to a high port here.
I dont know quickly how to remedy this, any hints?