Ok, i ran ftp-proxy command and ftp access started working again for
the clients, that solves the rebooting part :)
my pf.conf:
# macros
ext_if="fxp0"
int_if="xl0"
int_if2="bge0"
both="{xl0 bge0}"
tcp_services="{ 22 80 113 }"
icmp_types="echoreq"
# options
set block-policy return
set loginterface $ext_if
set skip on lo
# scrub
scrub in
# nat/rdr
nat on $ext_if from !($ext_if) -> ($ext_if:0)
nat-anchor "ftp-proxy/*"
rdr-anchor "ftp-proxy/*"
rdr pass on $both proto tcp to port ftp -> 127.0.0.1 port 8021
# filter rules
block in
pass out keep state
anchor "ftp-proxy/*"
antispoof quick for { lo $int_if $int_if2}
pass in on $ext_if inet proto tcp from any to ($ext_if) \
port $tcp_services flags S/SA keep state
pass in on $ext_if inet proto tcp from any to $comp3 port 80 \
flags S/SA synproxy state
pass in inet proto icmp all icmp-type $icmp_types keep state
pass quick on $int_if
pass quick on $int_if2
On 11/3/06, Tito Mari Francis Escaqo <[EMAIL PROTECTED]> wrote:
Maybe you should show your pf.conf so you can be given more accurate
advise. Thanks!
On 11/4/06, Der Engel <[EMAIL PROTECTED]> wrote:
> Hi,
>
> Having this ftp problem with a 3.9 box, the box has one external
> interface and two internal interfaces each one for different subnets,
> the PF conf is very simple, my problem is after a while clients can't
> access ftp, in either subnet, rebooting the box fixes the problem but
> then after a while happens again, have no idea on how to fix without
> rebooting, was wondering if anyone has had this problem? Maybe some
> issue in the new ftp-proxy? Is there a way to restart ftp-proxy
> without rebooting the box?
>
> Thanks.
>
>
--
Tito Mari Francis H. Escaqo
Computer Engineer and Free Software Proponent
