Hello, I like the 3.9 ftp-proxy so much I'm thinking "wouldn't it be nice if, in addition to the clients inside my lan, ftp connections from this very openbsd machine went through it also".
Is this just a silly idea? Is this possible, trivial, tricky? Done before? I found nada on google, but a freebsd post attempting something similar which suggested that as the initial packet never goes "in" to the ext_if the obvious rdr won't work. Instead it is necessary to snag it with on a 'pass out' rule and use 'route-to' to pipe it back through localhost. Using this technique I can get tcpdump to prove these packets hit the lo0 (although with their initial addresses)... pass out quick route-to (lo0 127.0.0.1) proto tcp from any to any port 21 Great, that was 6 hours. Now to push them through the proxy I'm expecting an rdr similar to the text book example will lead me home. No luck so far... rdr pass on lo0 proto tcp from any to any port 21 -> 127.0.0.1 port 8021 ... just doesn't seem to catch them. I'm expecting ftp-proxy on full debug would have something to say if it was getting them. The last step would presumably be a 'pass out' for anything ftp from user proxy. I'm betting that some bright spark/anal geek has tried this before, and perhaps hope that they can throw me a bone. Otherwise am I just wasting everyone's time and should follow the tried and true path like a good sheep? Thanks, John.
