> If you have a little bit more complex setup, I found that FTP Sesame > (google ftpsesame) worked a charm. ftp-proxy wasn't able to handle two > way active and passive connections in my setup but ftpsesame has been > going great guns. Handles several hundred inbound and several thousand > outbound ftp connections a day.
Is this working the same way proxy does? Redirecting ftp connection to localhost where ftp-proxy is running? > > > rdr on $int_if proto tcp from any to any port 21 -> 127.0.0.1:8021 > > 127.0.0.1:8021 stream tcp nowait root /usr/libexec/ftp-proxy > > ftp-proxy -n > > pass in on $ext_if inet proto tcp from any to $ext_if \ > > user proxy keep state I notcied that with the above rules internal clients can do pasive ftp fine, but active ftp wont work, pf drops the packets from the remote host from port 20 to a high port here. I dont know quickly how to remedy this, any hints? Bye, Mipam.
