View Single Post
  #6   (View Single Post)  
Old 24th August 2008
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 4,128
Default

I tried once, but I haven't found a way to trick ftp-proxy to run on a single interface.

You could add the ftp rules to a pf anchor and disable them when you don't need ftp. Remember that the ports use ftp

Another option could be to store the allowed ftp sites in a table and make the ftp rules only applicable to these sites. But if you add software by using the FBSD ports mechanism, this becomes very difficult.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote