Is ftpsesame working on FreeBSD 5.4? I found ftpsesame webpage a few
days ago, but available downloads is marked as
Download ftpsesame-0.91 for OpenBSD 3.4 and 3.5.
Download ftpsesame-0.95 for OpenBSD 3.6.
Max Laier wrote:
On Wednesday 15 June 2005 08:33, Art Okunev wrote:
Hello freebsd-pf,
I'm in the process of migrating Linux based firewall/router to
FreeBSD (PF).
Firewall supposed to be working in a hosting environment so actually
external interface is connected to uplink router; behind firewall
are couple of class C networks with bunch of web and FTP servers.
The only thing I am missing from Linux is ip_conntrack_ftp kernel
module which monitors the traffic on port 21 and dynamically opens
the higher no (data) ports that the control on port 21 asks for.
Maybe I'm wrong but it seems that ftp-proxy only works for ftp
clients behind ftp-proxy.
Another bad thing about this setup is that networks behind firewall
managed by our clients so it is not possible to know IP addresses of
FTP servers and ephemeral port ranges they are using.
So far I have to put something like:
pass all proto tcp from any port 1024:65535 to any port 1024:65535
in order to allow passive FTP (I hate this idea!).
Is there any "correct" way to configure PF to allow passive mode ftp
connection to FTP servers behind firewall without having to open
higher ports for all network range?
Did you see:
http://www.sentia.org/projects/ftpsesame/ ?
--
Miroslav Lachman
Webapplication Developer
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-pf
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
