Thank you very much! ### RULES FOR FTP
anchor "ftp-proxy/*" pass in quick inet proto tcp to port ftp divert-to 127.0.0.1 port 8021 pass out inet proto tcp from $ext to any port ftp worked for me! On 10/23/2015 11:09 AM, Giancarlo Razzolini wrote: > Em 23-10-2015 12:58, Motty escreveu: >> ### RULES FOR FTP >> anchor "ftp-proxy/*" >> pass in quick proto tcp to port ftp rdr-to 127.0.0.1 port 8021 >> pass in quick on $ext proto tcp from any to 10.1.10.8 port ftp rdr-to >> $web_server port ftp > I believe you need a nat instead of rdr. From ftp-proxy(8) man page: > > In case of passive mode (PASV or EPSV): > > pass in from $client to $orig_server port $proxy_port \ > rdr-to $server port $port > pass out from $client to $server port $port nat-to $proxy > > p.s.: Please let FTP run its course and die! I beg you. Every time an > admin starts a ftp server, a puppy dies. Consider using SSH. Or, if > you must, DAV. > > Cheers, > Giancarlo Razzolini
