On 11/8/07, Jake Conk <[EMAIL PROTECTED]> wrote: > Ok I understand I'm supposed to have another instance of ftp-proxy > running so that it can open up ports on my router to allow data > connections to be established from remote hosts but I'm not sure how I > should configured ftp-proxy for that and my pf... Lets start with > ftp-proxy first then handle pf... > > Since I got 1 instance of ftp-proxy already running to redirect > incominng ftp traffic to a local server in my network I must have > another one on a different port so for that I'm starting with... > > `ftp-proxy -p 8022` > > Ok and I think I have to tell ftp-proxy to only listen on its local IP > because we are trying to connect our local servers to public servers > so I would add that to the command: > > `ftp-proxy -p 8022 -a 192.168.10.1`
you need 127.0.0.1 in any case, because of the rdr in pf.conf > > I wasn't sure to use -a or -b so if I'm doing this wrong someone > please correct me. > > 1) So now on the ftp-proxy configuration is there anything else I need > to add? 2) Where's a good place to look on how to configure my packet > filtering (pf) to work with the second instance of ftp-proxy and allow > me to connect to outside (public) ftp servers look at your pf.conf, you have commented out the line. you should change it to about this: rdr pass on $int_if proto tcp from any to !$ftp_server port ftp -> 127.0.0.1 port 8022 of course i didn#t test this, but you get the idea --knitti