We already run ftp-sesame for bridged interfaces. Scott
On 10/1/06, Peter Allgeyer <[EMAIL PROTECTED]> wrote:
Hi Scott! No, CARP isn't the answer (I saw your posting in the FAQ already). We are using CARP for HA already (and that IMHO should be the only reason for anyone to use CARP at all). The right answer is: use ftpsesame >From http://www.sentia.org/projects/ftpsesame/: ---< schnipp>--- In general, ftpsesame is a good choice to run on a firewall in front of multiple FTP servers, where no NAT is involved. ftp-proxy(8) is usually the best choice when users behind NAT need to access FTP servers on the Internet. [...] ---< schnapp>--- The solution is to use ftpsesame where NAT isn't needed. Is there any good way to find out when this is the case? Would drop down list with an explanation -- like the one from above? -- on interfaces_wan.php be enough? We could call it: ---< schnipp>--- FTP Helper [x] Enable userland FTP-Proxy application | use ftpsesame v use ftp-proxy Note: In general, ftpsesame is a good choice to run on a firewall in front of (multiple) FTP server(s), where no NAT is involved. ftp-proxy is usually the best choice when the FTP server lies behind a NAT device. You'll need to configure port forwarding for that. ---< schnapp>--- I'll take some time tomorrow to test ftpsesame on our productive system. BR, PIT --------------------------------------------------------------------------- copyleft(c) by | _-_ "World domination. Fast" (By Linus Torvalds) Peter Allgeyer | 0(o_o)0 ---------------oOO--(_)--OOo-----------------------------------------------
