Thank you very much for your reply! I did configured ftp proxy as reverse: /usr/sbin/ftp-proxy -p 8021 -R 192.168.8.17 -P 21 -D7 -v
Pf.conf ext="bnx0" int="bnx1" ext_net="10.1.10.0/24" web_server="192.168.8.17" sap_server="192.168.8.10" mail_server="192.168.8.22" # Default block all block in all #**** loop interface **# set skip on lo #****************ENABLE NAT *********************# match out on $ext from 192.168.8.0/24 to any nat-to 10.1.10.8 ### RULES FOR FTP anchor "ftp-proxy/*" pass in quick proto tcp to port ftp rdr-to 127.0.0.1 port 8021 pass in quick on $ext proto tcp from any to 10.1.10.8 port ftp rdr-to $web_server port ftp ### ICMP RULES pass in on $ext inet proto icmp all keep state pass out on $ext inet proto icmp all keep state ## PASS OUT ALL pass in on $int pass out on $int pass out on $ext pass out keep state pass out all The error I get: Response: 200 Type set to I. Command: PASV Response: 227 Entering Passive Mode (1,2,3,4,228,236) Command: LIST Error: Connection timed out Error: Failed to retrieve directory listing please advise! Thanks, _Motty On 10/23/2015 06:44 AM, Giancarlo Razzolini wrote: > Em 22-10-2015 19:49, Motty escreveu: >> I am trying to configure pf.conf (OpenBSD 5.6) > I know it is a beaten and old argument, but please upgrade your OpenBSD. > 5.6 isn't supported anymore. That being said, I don't think your problem > has anything to do with your OpenBSD version. > >> when I use pasive command FTP server does not >> respond. I enabled ftp-proxy (please see relevant information below) > You need to configure your ftp-proxy server as a reverse proxy. I > believe you attached the information, but this list uses demime, so > you'll need to paste the information as text here. Without it, it's > difficult to help you. > > Cheers, > Giancarlo Razzolini
