On 7/20/05, Josh Tolley <[EMAIL PROTECTED]> wrote: > So I have an FTP server behind a pf firewall running generic 3.6, and > am trying to run ftp-proxy in reverse mode. Active transfers work, but > passive ones don't. <snip> > So I found out about the -S option, which I understand is supposed to > change the 127,0,0,1 in the 227 response above to xxx.xxx.xxx.xxx. So > I added that to inetd.conf, HUP'd inetd, and got exactly the same > response. Any suggestions?
Not to reply to my own post, but since I didn't get any other replies, I dove into the code. I'd like to know what the -S option is really supposed to do, 'cause I think I've misunderstood it. I added the following change just after drop_privs() 1108a1109,1111 > if ((src_addr.s_addr != 0) && ReverseMode) > proxy_sa.sin_addr = src_addr; > I've no idea if the change would be good for "general purpose" use, but it seems to work for me. Now, I get the proper response to the PASV command -- the server IP transmitted to PASV is the one I passed to the -S parameter. -Josh Tolley