Hello All: We are running the following: - FreeBSD 6.3 Release #1 - PF - pftpx for our ftp proxy
We have several ftp servers of different flavors behind the PF firewalls and we
are getting a lot of the following when users are trying to connect using
passive mode.
"Server sent passive reply with unroutable address"
We're running pftpx as a daemon with no specific flags. From a ps:
proxy 4845 0.0 0.0 1452 1100 ?? Is 27Sep08 0:02.13
/usr/local/sbin/pftpx
Here is a sample of the rules we are using to allow traffic and to proxy. The
server macros are defined and working correctly. Any help would be greatly
appreciated.
nat-anchor "pftpx/*"
rdr-anchor "pftpx/*"
rdr on ! $vlan10_if proto { udp tcp } from any to $f1_cps01_ext0 port { 80 443
2087 2083 ftp 49152:65535 } -> $f1_cps01_int0 sticky-address
rdr on ! $vlan10_if proto { udp tcp } from any to $f1_cps01_ext1 port { 80 443
ftp 49152:65535 } -> $f1_cps01_int1 sticky-address
--
Michael K. Smith - CISSP, GISP
Chief Technical Officer - Adhost Internet LLC
[EMAIL PROTECTED]
w: +1 (206) 404-9500 f: +1 (206) 404-9050
PGP: B49A DDF5 8611 27F3 08B9 84BB E61E 38C0 (Key ID: 0x9A96777D)
PGP.sig
Description: PGP signature
