DaemonForums  

Go Back   DaemonForums > OpenBSD > OpenBSD Security

OpenBSD Security Functionally paranoid!

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 29th April 2010
Simon Simon is offline
Port Guard
 
Join Date: Jan 2010
Posts: 30
Default FTP issue in pf.conf

Hi,

I want to let users to use ftp protocol.
And authorise users from outside to access our ftp server.
So, i wrote that :

In my rc.conf.local, i added these 2 lines
ftpproxy_flags=""
ftpproxy_flags="-R 172.17.2.21 -p 21 -b 10.10.10.10"
Is it good ? (my ftp server is 172.17.2.21 and Ext_IP : 10.10.10.10"
It is an OpenBSD Gateway (4.6)

In my pf.conf i added :
nat-anchor "ftp-proxy/*"
rdr-anchor "ftp-proxy/*"
nat-anchor "ftp-proxy/*"
rdr-anchor "ftp-proxy/*"
rdr on $int_if proto tcp from any to !$ftpserver port 21 -> 127.0.0.1 \
port 8021
anchor "ftp-proxy/*"
pass in on $int proto tcp from $lan:network to any port 8021
pass in on $ext inet proto tcp to $ext_ip port 21 \
flags S/SA keep state
pass out on $int inet proto tcp to $ftpserver port 21 \
user proxy flags S/SA keep state
anchor "ftp-proxy/*"

Is it good ?
thank's for your reply.
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
pf.conf Examples Oko OpenBSD Security 23 25th November 2012 03:22 PM
pf.conf / Which interface ? xinform3n OpenBSD Security 3 8th March 2010 06:23 PM
Pf.conf erict35 OpenBSD Security 1 30th January 2010 10:19 PM
pf.conf lumiwa FreeBSD Security 11 20th September 2008 01:01 AM
difference between rc.conf and loader.conf disappearedng FreeBSD General 5 3rd September 2008 05:54 AM


All times are GMT. The time now is 11:43 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick