Passive FTP Issues
Michael K. Smith
mksmith at adhost.com
Sun Oct 12 02:02:34 UTC 2008
Hello All:
We are having issues with a ³standard² configuration and getting passive ftp
to work. Here are our present rules related to one server $liv_ftp_int/ext
nat on $vlan2_if from $liv_ftp_int to any -> $liv_ftp_ext
rdr pass on ! $vlan924_if proto tcp from any to $liv_ftp_ext port { ftp,
990, 49152:65535 } -> $liv_ftp_int
pass in quick on $vlan2_if proto tcp from any to <ftp_servers> port { ftp,
49152:65535 } keep state flags S/SA
When we put a ³block in log on $vlan2_if² rule before everything else, ftp
breaks. When we move the block rule to the end of the pass rules, it works
like a champ.
Am I missing something obvious? Any help would be greatly appreciated.
This is 6.3 Release 1.
Regards,
Mike
More information about the freebsd-pf
mailing list