View Single Post
  #2   (View Single Post)  
Old 25th November 2008
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 7,975
Default

Without more information, any answer is a guess. We aren't mind readers.

Let us pretend that you wish to use an FTP server on your local LAN, and currently have the following configuration:
/etc/pf.conf:
Code:
.
.
.
nat-anchor "ftp-proxy/*"
.
.
.
rdr-anchor "ftp-proxy/*"
rdr on $int_if proto tcp from any to any port 21 -> 127.0.0.1  port 8021 
.
.
anchor "ftp-proxy/*"
.
.
/etc/rc.conf.local:
Code:
.
.
.
ftpproxy_flags=""
.
.
The easiest way to add an FTP server on the local network is to add a second instance of ftp-proxy, using a different port number.

You cannot add a second instance through /etc/rc.conf or /etc/rc.conf.local, as these just set variables for /etc/rc. Add the second instance in /etc/rc.local, instead.

Your first instance (set up via /etc/rc.conf.local) listens, by default, to the loopback interface port 8021.

The instance you script in /etc/rc.local will listen on port 21, and route the output to the appropriate FTP server on your LAN.

Here's an example (in /etc/rc.local) that listens on an external interface on the 192 network and routes traffic to the server on the 10 network:
Code:
.
.
.
ftp-proxy -R 10.10.10.1 -p 21 -b 192.168.0.1
.
.
I leave the pf.conf changes to you.

Last edited by jggimi; 25th November 2008 at 04:09 PM. Reason: clarification
Reply With Quote