On 10/3/06, Peter Allgeyer <[EMAIL PROTECTED]> wrote:
Am Montag, den 02.10.2006, 19:10 -0400 schrieb Scott Ullrich:
> You want to use:
>
> o afterfilterchangeshellcmd
>
> http://pfsense.blogspot.com/2005/06/new-xml-system-tag-introduced.html
No, since system_start_ftp_helpers() is launched _after_
filter_configure_sync in /etc/rc.bootup.
Scott, beside that it's really ugly hacking around a problem in
principle. Shouldn't we discuss how to solve it problem-oriented instead
of hacking around with "*shellcmd"? Where, if not here, is the best
place to talk about it? I invite all devs to make proposals to the
everlasting FTP problem.
I am telling you how to solve your problem now, not long term. I
agree that the FTP system is a mess.
What do we need?
1) FTP-Server on the inside:
is it behind NAT? ---- no
| |
yes |
| |
use pftpx, see 2) use ftpsesame
2) FTP-Server on the outside:
is your public IP on WAN interface? --- no
| |
yes what public reachable IP to use as source IP?
| |
pftpx -c xxxx -g xxxx ifaceIP pftpx -c xxxx -g xxxx -p pubIP ifaceIP
3) A way to mix these possibilities:
what to do, if someone has an FTP-Server in DMZ with public reachable
IPs and also one FTP-Server internally with a private IP?
Sounds good. If you want to submit patches, feel free. I am focused
on getting on 1.0 out the door then I plan on taking a vacation for a
bit but will be happy to review a patch.
Scott
