View Single Post
  #4   (View Single Post)  
Old 23rd October 2009
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 4,128
Default

RE: starting ftp-proxy and passing -v option to

You can enable ftp-proxy in /etc/rc.conf.local by adding
Code:
ftpproxyflags="-v -D7"
RE: your logging rule

Depending on what exactly you want to log, you many not need to make a rule with logging. ftp-proxy dynamically attaches rules to the NAT and RDR anchors.
Please refer to http://www.openbsd.dk/faq/pf/ftp.html#natserver for an example.
See http://www.openbsd.dk/faq/pf/anchors.html for more info about anchors.

RE: table defined logging

I don't think you can do that with the pre-fabricated rules that ftp-proxy attaches to the anchors.

Because of a house move my network lab is still unpacked in the garage, else I would try to figure it out for you
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote