I don't want to have to install SQUID on my firewall box. I don't necessarily need or want a full-blown proxy.
I wonder how dificult it would be to patch ftp-proxy to support specifying an IP address VIA the command line..
Guess I'll have to investigate
Daniel Corbe wrote:
Hey,
I'm having difficulty getting ftp-proxy working right with very simple settings. Is there any way to tell ftp-proxy whay IP address to use for outgoing connections? Because in my setup it's using the wrong IP address (146.82.194.227) as opposed to my NAT IP (208.178.226.254)
Any help would be appriciated
Thanks
inetd.conf entry:
# FTP proxy
208.178.226.254:8021 stream tcp nowait root /usr/libexec/ftp-proxy -D 3 ftp-proxy
Firewall rules: int = "fxp0"
# scrub in on $int all
# Don't want to translate private
no nat on $int from any to { 10/8, 172.16/12, 192.168/16, 208.178.226.254/29, 146.82.194.224/27 }
rdr proto tcp from any to any port 21 -> 208.178.226.254 port 8021
nat on $int from 10.64.14.0/24 to any -> 208.178.226.254
# Packet Filter pass in all pass out all pass in proto ospf all pass out proto ospf all
Here's the interface config: fxp0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 address: 00:0b:cd:4d:5c:e9 media: Ethernet autoselect (100baseTX full-duplex) status: active inet6 fe80::20b:cdff:fe4d:5ce9%fxp0 prefixlen 64 scopeid 0x1 inet 146.82.194.227 netmask 0xfffffff0 broadcast 146.82.194.239 inet 10.64.14.1 netmask 0xffffff00 broadcast 10.64.14.255 inet 146.82.194.231 netmask 0xfffffff0 broadcast 146.82.194.239 inet6 2001:450:b:0:20b:cdff:fe4d:5ce9 prefixlen 64 inet6 2001:450:b::beef prefixlen 64 inet 10.64.14.40 netmask 0xffffff00 broadcast 10.64.14.255 inet 208.178.226.254 netmask 0xfffffff8 broadcast 208.178.226.255
