|
OpenBSD Installation and Upgrading Installing and upgrading OpenBSD. |
|
Thread Tools | Display Modes |
|
|||
ftp proxy and pf.conf rules (From The Book of PF, 2nd Ed)
I am updating my primary firewall to 5.0 and taking the opportunity to clean up my ruleset a little at the same time.
I am using The Book of PF 2nd Edition as a guide to setting up the ftp proxy. The book says I'll only need three things in my pf.conf to make the proxy work (after enabling ftpproxy_flags in rc.conf.local): The anchor line - anchor "ftp-proxy/*" A pass in rule - pass in quick proto tcp to port ftp rdr-to 127.0.0.1 port 8021 A pass out rule - pass out proto tcp from $proxy to any port ftp I originally had more restrictive pass rules in place, but pfctl wouldn't load the ruleset because it said the "proxy" macro wasn't defined so I entered the lines as written but get the same warning. Am I supposed to substitute something for $proxy in my rules, or is that pass-out implicit in the proxy? Thanks kmb |
|
||||
You have missed a critical document, the OpenBSD Upgrade Guide 5.0. I'm going to quote from it:
Quote:
|
|
|||
Thanks for that.
I've updated my ruleset to use divert-to and specify inet, so there don't seem to be any errors there. I'm still not sure about that pass out rule - I'll be rereading the ftp and ftp-proxy man pages and doing some more testing. Postscript: The link to the upgrade guides is very appreciated. I don't know if I had ever seen them before. kmb |
|
||||
Quote:
With 4.4, the sysmerge(8) command became available, allowing automatic or semi-automatic updates to files in /etc and /var during upgrades. Prior to 4.4, such as with 4.3, sysutils/mergemaster was available. |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
The Book of PF | anomie | Book reviews | 8 | 19th December 2012 03:10 PM |
Address book | fossala | Programming | 6 | 5th July 2011 05:26 PM |
Rules for the Book reviews forum. | Carpetsmoker | Book reviews | 0 | 1st October 2008 06:15 PM |
difference between rc.conf and loader.conf | disappearedng | FreeBSD General | 5 | 3rd September 2008 05:54 AM |
Book reviews? | ocicat | Feedback and Suggestions | 8 | 2nd May 2008 04:34 AM |