cheers
paul
Tiago Aug wrote:
Does anyone have success with MS (iis 5) ftp behind pf/nat?
my pf.conf: --- ext_if = "ppp0" dmz_if = "xl1" int_if = "xl2" ext_ip = "200.x.x.x" internal_net = "192.168.0.0/24" webserv_int = "192.168.0.254" tcp_options = "flags S/SA modulate state" udp_options = "keep state"
set loginterface $ext_if set optimization aggressive
scrub in on $ext_if fragment reassemble scrub out on $ext_if max-mss 1420 no-df random-id
nat on $ext_if inet from $internal_net to any -> ($ext_if)
rdr on $ext_if proto tcp from any to any port 2222 -> $webserv_int port 21 rdr on $int_if proto tcp from $internal_net to any port ftp -> 127.0.0.1 port 8021
pass out on $ext_if proto udp all $udp_options pass out on $ext_if proto tcp all $tcp_options
#no block rules for while
--- kern.version = OpenBSD 3.4-stable (OPENBSD) #1: Mon Mar 22 15:30:57 BRT 2004 [EMAIL PROTECTED]:/sys/arch/i386/compile/OPENBSD ---
ftp 200.x.x.x 2222 Connected to 200.x.x.x (200.x.x.x). 220 webserver Microsoft FTP Service (Version 5.0). Name (200.x.x.x:user): anonymous 331 Anonymous access allowed, send identity (e-mail name) as password. Password: 230 Anonymous user logged in. Remote system type is Windows_NT. ftp> ls 227 Entering Passive Mode (192,168,0,254,12,181). ftp: connect: No route to host
ftp 200.x.x.x 2222 Connected to 200.x.x.x (200.x.x.x). 220 webserver Microsoft FTP Service (Version 5.0). Name (200.x.x.x:user): anonymous 331 Anonymous access allowed, send identity (e-mail name) as password. Password: 230 Anonymous user logged in. Remote system type is Windows_NT. ftp> passive Passive mode off. ftp> ls 500 Invalid PORT Command. ftp: bind: Address already in use
______________________________________________________________________
Yahoo! Mail - O melhor e-mail do Brasil! Abra sua conta agora: http://br.yahoo.com/info/mail.html
