On 17 March 2010 c. 00:43:34 Simon Perreault wrote:
J.C. Roberts wrote:
match out on ? proto tcp from ? to any port ftp \
rdr-to 127.0.0.1 port 8021
You can't do that. rdr-to only works on input.
Without testing it, I don't know how the potential loop can be
avoided, or if it
On Thu, 18 Mar 2010, Vadim Zhukov wrote:
On 17 March 2010 c. 00:43:34 Simon Perreault wrote:
J.C. Roberts wrote:
match out on ? proto tcp from ? to any port ftp \
rdr-to 127.0.0.1 port 8021
You can't do that. rdr-to only works on input.
Without testing it, I don't know how the
From the FAQ, read:
http://www.openbsd.org/faq/pf/ftp.html
Regards,
Dani
El 16/03/2010 4:49, Dave Anderson escribis:
I'm configuring a notebook which will use PF to protect itself from the
environments in which I use it, and would like to have FTP 'just work'
on it -- whether it's from an
On 03/15/2010 11:49 PM, Dave Anderson wrote:
I'm configuring a notebook which will use PF to protect itself from the
environments in which I use it, and would like to have FTP 'just work'
on it -- whether it's from an explicit FTP command, from a browser, or
embedded in some other program or
On Tue, 16 Mar 2010, Simon Perreault wrote:
On 03/15/2010 11:49 PM, Dave Anderson wrote:
I'm configuring a notebook which will use PF to protect itself from the
environments in which I use it, and would like to have FTP 'just work'
on it -- whether it's from an explicit FTP command, from a
On Tue, 16 Mar 2010 12:39:01 -0400 (EDT) Dave Anderson
d...@daveanderson.com wrote:
I see two options:
1. pass out
This can work for passive FTP if one is willing to allow outbound
connections to all non-privileged ports, but is useless for active
FTP.
Yes.
2. ftp-proxy(8)
Unless
On Tue, 16 Mar 2010, Dave Anderson wrote:
On Tue, 16 Mar 2010, Simon Perreault wrote:
On 03/15/2010 11:49 PM, Dave Anderson wrote:
I'm configuring a notebook which will use PF to protect itself from the
environments in which I use it, and would like to have FTP 'just work'
on it -- whether
On 16 Mar 2010, at 17:24, Dave Anderson wrote:
I'm configuring a notebook which will use PF to protect itself from the
environments in which I use it, and would like to have FTP 'just work'
on it -- whether it's from an explicit FTP command, from a browser, or
embedded in some other program
On Tue, 16 Mar 2010 13:24:21 -0400 (EDT) Dave Anderson
d...@daveanderson.com wrote:
A clarification: I do know that ftp-proxy can be used as an explicit
proxy as well as transparently via PF redirection, and that the
FTP_PROXY environment variable can be set to specify an explict proxy
for
On 2010-03-16, J.C. Roberts list-...@designtools.org wrote:
On Tue, 16 Mar 2010 12:39:01 -0400 (EDT) Dave Anderson
d...@daveanderson.com wrote:
I see two options:
1. pass out
This can work for passive FTP if one is willing to allow outbound
connections to all non-privileged ports, but is
On 2010-03-16, Dave Anderson d...@daveanderson.com wrote:
I do notice that 4.7 has a new divert-to-userland ability that looks
like it could be used to solve this problem properly
I think the proxy code involved with this would be considerably
more complicated than the current method (even
On Tue, 16 Mar 2010, Gaby Vanhegan wrote:
On 16 Mar 2010, at 17:24, Dave Anderson wrote:
I'm configuring a notebook which will use PF to protect itself from the
environments in which I use it, and would like to have FTP 'just work'
on it -- whether it's from an explicit FTP command, from a
On 2010-03-16, Stuart Henderson s...@spacehopper.org wrote:
On 2010-03-16, Dave Anderson d...@daveanderson.com wrote:
I do notice that 4.7 has a new divert-to-userland ability that looks
like it could be used to solve this problem properly
I think the proxy code involved with this would be
On Tue, 16 Mar 2010, Stuart Henderson wrote:
On 2010-03-16, J.C. Roberts list-...@designtools.org wrote:
On Tue, 16 Mar 2010 12:39:01 -0400 (EDT) Dave Anderson
d...@daveanderson.com wrote:
I see two options:
1. pass out
This can work for passive FTP if one is willing to allow outbound
J.C. Roberts wrote:
match out on ? proto tcp from ? to any port ftp \
rdr-to 127.0.0.1 port 8021
You can't do that. rdr-to only works on input.
Without testing it, I don't know how the potential loop can be avoided,
or if it even needs to be avoided (note the match out
On Tue, 16 Mar 2010, Stuart Henderson wrote:
On 2010-03-16, Stuart Henderson s...@spacehopper.org wrote:
On 2010-03-16, Dave Anderson d...@daveanderson.com wrote:
I do notice that 4.7 has a new divert-to-userland ability that looks
like it could be used to solve this problem properly
I think
On Tue, Mar 16, 2010 at 4:49 AM, Dave Anderson d...@daveanderson.com wrote:
I'm configuring a notebook which will use PF to protect itself from the
environments in which I use it, and would like to have FTP 'just work'
on it -- whether it's from an explicit FTP command, from a browser, or
I'm configuring a notebook which will use PF to protect itself from the
environments in which I use it, and would like to have FTP 'just work'
on it -- whether it's from an explicit FTP command, from a browser, or
embedded in some other program or script. Unfortunatly there doesn't
seem to be any
18 matches
Mail list logo