ftp-proxy on jails on lo1

[Christer Solskogen]

I've been setting up my jails on a cloned interface called lo1
(127.0.1.0/24) - and it seems jails are having bit of a problem using
ftp in passive mode even when I think I've set things up correctly.
The only jail that is not on lo1 (192.168.0.4) is not having any
issues connecting to a ftp server.

pf.conf::
int_if="em0"
jif="lo1"
db1="127.0.1.1"
web="127.0.1.2"
proxy="127.0.1.3"
imap="127.0.1.6"
tomcat="127.0.1.8"
ns="192.168.0.4"
postgres="127.0.1.9"

nat on $int_if from $jif:network to any -> ($int_if)

nat-anchor "ftp-proxy/*"
rdr-anchor "ftp-proxy/*"
rdr pass proto tcp from any to any port 21 -> 127.0.0.1 port 8021

#redirects to jails

rdr pass on $int_if proto tcp from any to any port 8180 -> $tomcat
rdr pass on { $int_if, lo0 } proto tcp from any to any port { 80, 443,
993 } -> $proxy
rdr pass on $int_if proto { tcp, udp } from any to ($int_if) port domain -> $ns
rdr pass on $int_if proto tcp from any to ($int_if) port 5432 -> $postgres

anchor "ftp-proxy/*"
pass all keep state


and ftp-proxy is really running:

shine# sockstat -4 | grep ftp
proxy    ftp-proxy  94980 3  tcp4   127.0.0.1:8021        *:*
Any clues?



-- 
chs,