Hello Gilberto, No, that wouldn't work, there is no sense in adding a nat rule to the internal interface.
I just found out why it didn't work. All this time, I was using active ftp on my ubuntu box. when i switched to passive, it all worked like a charm. found it on some forum archive .. forgot the link. on linux the env setting for passive ftp doesn't work.. .i never knew that.. you have you add -p to the ftp command or start it using pftp.. On 8/14/06, Gilberto Villani Brito <[EMAIL PROTECTED]> wrote:
Try using this rule: nat on $int_if from any to any port 21 -> 127.0.0.1 port 8021 Gilberto 2006/8/13, Ivan Levchenko < [EMAIL PROTECTED]>: > Hi everybody, having some troubles with ftp-proxy on my gateway at home: the darn thing gets me connected to an outside ftp server, but won't let me do anything else with it. the gateway computer is freebsd (it is running pf with nat to share and secure a pppoe connection); the client computer is running kubuntu 6.06. here is what i get when trying to connect to a ftp server behind the nat: $ ftp ftp.freebsd.org Connected to ftp.freebsd.org . 220 ftp.FreeBSD.org NcFTPd Server (licensed copy) ready. Name (ftp.freebsd.org:ivan): ftp 331 Guest login ok, send your complete e-mail address as password. Password: 230-You are user #112 of 1000 simultaneous users allowed. 230- 230 Logged in anonymously. Remote system type is UNIX. Using binary mode to transfer files. ftp> ls 550 Data connection must go to same host as control connection. ftp: bind: Address already in use ftp> or i get this error when connecting to a different ftp server (vsftpd): 500 Illegal PORT command. ftp: bind: Address already in use. i read the ftp-proxy and pf.conf man pages and have google-ed more than my brain can comprehend but still no answer for this. i attached the conf files for pf.conf and inetd.conf any help (the right keyword to google with will be nice too!!!) will be great! -- Best Regards, Ivan Levchenko [EMAIL PROTECTED] _______________________________________________ freebsd-pf@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-pf To unsubscribe, send any mail to " [EMAIL PROTECTED]"
-- Best Regards, Ivan Levchenko [EMAIL PROTECTED] _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
