On Mon, Jan 07, 2002 at 11:41:34PM -0800, Bob Miller wrote: > Bob Miller wrote: > > > Has anyone here ever set a *nix box up as a transparent HTTP proxy? > > Okay, I have the transparent HTTP proxy working. It's good. > Thanks, Jake.
Cool. I might set one up for myself, just for sh*ts and giggles :) > > Now, what about transparent FTP proxying? Long (short) answer: $ man 8 ftp-proxy Short (long) answer: in /etc/nat.conf: rdr on $ext_if from any to any port 21 -> 127.0.0.1 port $chosen_port in inetd.conf: $chosen_port stream tcp nowait root /usr/libexec/ftp-proxy ftp-proxy You can of course use tcpd if you like, and you will probably want to replace "from any" with something more restricted (or portscans will report that you have 21 open). You can also bind it to your internal IP by prepending "$int_ip:" to the inetd.conf line. I have noticed that it is definitely functional, but not 100% perfect. (It misses a few packets now and then ... good thing ftp is a TCP servicce.) -- <[EMAIL PROTECTED]> <[EMAIL PROTECTED]> <[EMAIL PROTECTED]>
