I posted a while back about an issue I was having. I have an FTP server on the
DMZ that is a mirror server for some FOS projects.
I want this traffic set to low priority, and limited to a certain rate. I
enabled the penalty IP in the traffic shaping wizard. This worked fine so long
as the other end was using active (PORT) ftp. When the remote user was using
passive FTP the traffic was not showing up in the penalty ip queue, and was not
being limited.
I found that if I turn ON "Disable the userland FTP-Proxy application" for the
DMZ then the traffic is properly traffic shaped. This might mess up some FTP
from the DMZ out, but this is easy enough to work around.
Presumably, with the userland FTP-Proxy turned on the connection was going to
the pfsense box, and then to the real FTP server, and this is why the traffic
was not properly shaped.
So I thought I would post this for anyone with the same issue.
--
Joe Laffey | Visual Effects for Film and Video
LAFFEY Computer Imaging | -------------------------------------
St. Louis, MO | Show Reel http://LAFFEY.tv/?e12208
USA | -------------------------------------
. | -*- Digital Fusion Plugins -*-
--------------------------------------------------------------------------
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
