[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

new ftp proxy: pftpx

Ok, bleeding edge pf people...  I wrote a new FTP proxy called "pftpx" and 
I'd like to solicit some feedback from the community...
Why should you try it?  What advantages does pftpx offer?
1) it handles all ftp modes: PORT, PASV, EPRT, EPSV
2) it handles ipv6
3) it should scale: one process handles all sessions using libevent
4) it works with "strict" ftp clients (clients that want data connections 
   to the same IP as the control connection)
Quick guide:
- you need libevent-0.8 (OpenBSD 3.6 has it)
- download http://www.sentia.org/downloads/pftpx-0.3.tar.gz
- untar, make
- add this to pf.conf in the nat section:
nat-anchor "pftpx/*"
rdr-anchor "pftpx/*"
rdr pass on $if proto tcp from any to any port 21 -> port 8021 
- add this to pf.conf in the rule section:
anchor "pftpx/*"
- run the proxy in debug mode: sudo pftpx -d -D7
- ready to go...
Sorry, no manpage yet, this is bleeding edge after all.  Don't run this in 
production if your job depends on it.  :-)
All feedback welcome, also if you want to suggest a better name.  :-)