View Single Post
  #3   (View Single Post)  
Old 24th December 2011
mikygee mikygee is offline
Port Guard
 
Join Date: Oct 2011
Posts: 15
Default

Hello,

Thank you for pointing out the right direction. I will no longer try to search towards ftp-proxy.

I have written these two rules
PHP Code:
pass out quick on $int_if inet proto tcp from $int_add to any port 21
pass out log quick on $int_if inet proto tcp from $int_add to any port 1024
:65535 
as you adviced me and it works. But I didn't want to do this in the first place because I want to filter things tightly.

I have read the faq about anchors but I don't get how to use it.
I think it starts like this.
PHP Code:
anchor "myftp" pass out quick on $int_if inet proto tcp from $int_add to any port 21 
The desired effect is: if a connexion for a specific host is opened on port 21 then create a dynamic rule to open ports > 1024 for that host.

Do you know how to do this ?
Reply With Quote