On Thu, 8 Apr 2004, Eaton, Andy wrote:
> Quick question for those using ftpsesame on 3.4 that is up to date with
> the stable source:
>
> 1. I was able to make the source but not make install the source.
> I get:
You need ftpsesame 0.9 for make install to work.
> 2. In the ruleset I can't use a line like the following...
> anchor ftpsesame on { $int_if, $ext_if } pfctl issues an error.
It's an example. You have to define int_if and ext_if in your ruleset as
well. (but I guess you need all_ints and all_exts here). But with this
many interfaces you're probably better of with just "anchor ftpsesame".
> I need ftpsesame to listen on each or at least the external vlans,
> right now I have not figured out a way to start ftpsesame so that it
> will
> listen on all the vlans. ftpsesame -i $ext_if will not work. It
> gives the following:
> # ftpsesame -i $all_exts
ftpsesame does not use pf.conf itself so you cannot use macros here.
Another problem is that ftpsesame (like most bpf programs) can only listen
on one interface at a time, so you have to run multiple ftpsesame's, one
for each interface.
It can do that, and memory and performance wise it should not be that bad.
You may run out of bpf devices though (8 in the generic kernel).
--
Cam
