Hello.
On Linux there are conntrack "modules" for many protocols available
which:
1. identify related connections and let them go through firewall (like
FTP data is related to FTP control)
2. Let things work through NAT - translate addresses in the FTP control
connections, identify different PPTP connections even if they go to the
same endpoint etc
So the question is: does pf have anything similar? I'm most interested
in FTP, RPC and establishing multiple PPTP connections through NAT to
the same endpoint.
Currently I use ftpsesame for FTP - it does its job great but it is FTP
specific solution obviously, RPC would requirs another application
listening for traffic (bpf) and changing firewall. Is there a more clean
way?
Regards,
Dmitry Andrianov
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-pf
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
