On Tue, 16 Mar 2010, Simon Perreault wrote:
>On 03/15/2010 11:49 PM, Dave Anderson wrote:
>> I'm configuring a notebook which will use PF to protect itself from the
>> environments in which I use it, and would like to have FTP 'just work'
>> on it -- whether it's from an explicit FTP command, from a browser, or
>> embedded in some other program or script.
>
>I see two options:
>
>1. pass out
This can work for passive FTP if one is willing to allow outbound
connections to all non-privileged ports, but is useless for active FTP.
>2. ftp-proxy(8)
Unless I've missed something, this is useless when the FTP connection
originates on the system where ftp-proxy is running -- the control
connection packets must traverse some interface in the inbound direction
for PF to be able to redirect them to ftp-proxy.
Thanks anyway,
Dave
--
Dave Anderson
<[email protected]>
