DaemonForums  

Go Back   DaemonForums > OpenBSD > OpenBSD Security

OpenBSD Security Functionally paranoid!

 
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #1   (View Single Post)  
Old 1st July 2008
mswall mswall is offline
New User
 
Join Date: Jul 2008
Posts: 2
Thanked 0 Times in 0 Posts
Default ftp-proxy on transparent bridge

I am a relatively inexperienced user. I have used ftp-proxy on a routing firewall and it seems to work quite well. I am trying to get the ftp-proxy working on a transparent bridge firewall but I am not having any luck, which I believe is related to the bridge. I have the following set up running on OpenBSD 4.2 PF

ext_if = rl0
int_if = rl1
The bridge is running on those two NIC's. I have a third NIC, rl2, that has been assigned an ip address. I can SSH to the firewall on that address.

I have the standard rules in the NAT section:

nat-anchor "ftp-proxy/*"
rdr-anchor "ftp-proxy/*"
rdr pass on $int_if proto tcp from any to any port 21 -> 127.0.0.1 port 8021

In the rule section, I have:

anchor "ftp-proxy/*"
pass out proto tcp from 127.0.0.1 to any port 21 keep flags S/SA keep state
pass out on ext_if proto tcp from any to any port 21 flags S/SA modulate state

What do I need to change to get this working with the bridge?
Reply With Quote
 

Tags
bridge, ftp-proxy, transparent bridge

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Transparent bridge performance with PF northwoods FreeBSD General 3 30th January 2009 09:48 AM
PPPoE -> ADSL Router (Bridge) - Slow connect? DraconianTimes OpenBSD General 0 31st December 2008 01:07 PM
squid transparent questions toolbox FreeBSD Ports and Packages 0 20th December 2008 04:01 AM
Bridge VLAN + Catalyst espenfjo FreeBSD General 2 6th June 2008 05:16 PM
pf and ftp-proxy clinty OpenBSD Security 5 7th May 2008 10:36 PM


All times are GMT. The time now is 08:12 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick