On Sat, 16 Jul 2005, Michael Weiser wrote: > Unfortunately this only catches connections coming in via the internal > interface bound for the internet. FTP connections originating on the > machine itself don't work. They never get redirected but leave directly > via the external interface. So pftpx doesn't see them to add the proper > firewall rules. Consequently the return connections for active ftp and > high port data connections for passive ftp bounce at the firewall. > > Is there a workaround or proper solution for this (possibly including a > rant about my braindamage ;) ?
Nope, there is no way to rdr connections originating on the local box, hence no way for pftpx to get involved. Why are you doing ftp from the firewall anyway? ;-) Seriously, my other ftp proxy ftpsesame does handle this situation but might be racy with connections from the local box. See http://www.sentia.org/projects/ftpsesame -- Cam
