View Single Post
  #1   (View Single Post)  
Old 29th April 2010
Simon Simon is offline
Port Guard
 
Join Date: Jan 2010
Posts: 30
Default FTP issue in pf.conf

Hi,

I want to let users to use ftp protocol.
And authorise users from outside to access our ftp server.
So, i wrote that :

In my rc.conf.local, i added these 2 lines
ftpproxy_flags=""
ftpproxy_flags="-R 172.17.2.21 -p 21 -b 10.10.10.10"
Is it good ? (my ftp server is 172.17.2.21 and Ext_IP : 10.10.10.10"
It is an OpenBSD Gateway (4.6)

In my pf.conf i added :
nat-anchor "ftp-proxy/*"
rdr-anchor "ftp-proxy/*"
nat-anchor "ftp-proxy/*"
rdr-anchor "ftp-proxy/*"
rdr on $int_if proto tcp from any to !$ftpserver port 21 -> 127.0.0.1 \
port 8021
anchor "ftp-proxy/*"
pass in on $int proto tcp from $lan:network to any port 8021
pass in on $ext inet proto tcp to $ext_ip port 21 \
flags S/SA keep state
pass out on $int inet proto tcp to $ftpserver port 21 \
user proxy flags S/SA keep state
anchor "ftp-proxy/*"

Is it good ?
thank's for your reply.
Reply With Quote