Gerard Lally <[email protected]> writes:
> System: OpenBSD 4-9 i386
>
> I am pasting a link to the entire PF ruleset.
>
> http://pastebin.com/vdbidqAL
>
> I would be grateful if someone more knowledgeable about PF would
> explain to me why I can't browse an FTP server (eg., ftp.heanet.ie)
> from a client (eg., Firefox) behind the firewall with the rules as they
> stand.
I'd try moving
# FTP proxy anchor
anchor "ftp-proxy/*"
# Redirect outbound FTP connections through ftp-proxy
pass in quick on $if_lan inet proto tcp to port ftp \
rdr-to 127.0.0.1 port 8021
to somewhere after
# Block everything unless we say otherwise
block log all
and see if that changes anything
- P
--
Peter N. M. Hansteen, member of the first RFC 1149 implementation team
http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/
"Remember to set the evil bit on all malicious network traffic"
delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
