DaemonForums  

Go Back   DaemonForums > OpenBSD > OpenBSD Installation and Upgrading

OpenBSD Installation and Upgrading Installing and upgrading OpenBSD.

 
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #1   (View Single Post)  
Old 15th February 2012
kbeaucha kbeaucha is offline
Port Guard
 
Join Date: May 2008
Posts: 36
Default ftp proxy and pf.conf rules (From The Book of PF, 2nd Ed)

I am updating my primary firewall to 5.0 and taking the opportunity to clean up my ruleset a little at the same time.

I am using The Book of PF 2nd Edition as a guide to setting up the ftp proxy.

The book says I'll only need three things in my pf.conf to make the proxy work (after enabling ftpproxy_flags in rc.conf.local):

The anchor line - anchor "ftp-proxy/*"
A pass in rule - pass in quick proto tcp to port ftp rdr-to 127.0.0.1 port 8021
A pass out rule - pass out proto tcp from $proxy to any port ftp

I originally had more restrictive pass rules in place, but pfctl wouldn't load the ruleset because it said the "proxy" macro wasn't defined so I entered the lines as written but get the same warning.

Am I supposed to substitute something for $proxy in my rules, or is that pass-out implicit in the proxy?

Thanks
kmb
Reply With Quote
 

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
The Book of PF anomie Book reviews 8 19th December 2012 03:10 PM
Address book fossala Programming 6 5th July 2011 05:26 PM
Rules for the Book reviews forum. Carpetsmoker Book reviews 0 1st October 2008 06:15 PM
difference between rc.conf and loader.conf disappearedng FreeBSD General 5 3rd September 2008 05:54 AM
Book reviews? ocicat Feedback and Suggestions 8 2nd May 2008 04:34 AM


All times are GMT. The time now is 12:24 PM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick