proxies
Dmitry Andrianov
dimas at dataart.com
Sat Jul 8 08:35:00 UTC 2006
Hello.
On Linux there are conntrack "modules" for many protocols available
which:
1. identify related connections and let them go through firewall (like
FTP data is related to FTP control)
2. Let things work through NAT - translate addresses in the FTP control
connections, identify different PPTP connections even if they go to the
same endpoint etc
So the question is: does pf have anything similar? I'm most interested
in FTP, RPC and establishing multiple PPTP connections through NAT to
the same endpoint.
Currently I use ftpsesame for FTP - it does its job great but it is FTP
specific solution obviously, RPC would requirs another application
listening for traffic (bpf) and changing firewall. Is there a more clean
way?
Regards,
Dmitry Andrianov
More information about the freebsd-pf
mailing list