tsg12...@gmx.de wrote:
A rule like: pass in on $client_if proto { tcp udp } from $client \ to 127.0.0.1 port ftpdoes not do the trick, I still have to use something like: pass in on $client_if proto { tcp udp } from $client \ to 127.0.0.1 (opening everything up for the ftp data connection myself) Any clue sticks, so I get at least a direction for my search?
You're passing the traffic in, but are you passing it back out? Try enabling logging on your default block rule (you do block by default, right?) and see what's being blocked and where.
-- -RSM http://www.erratic.ca
