On Jun 3, 2010, at 11:26 PM, Teemu Rinta-aho wrote: > I call it a day. Or maybe not.
Case closed. I found out that even though I followed the instructions and inserted the required lines to my pf.conf as per ftp-proxy man page, they were in a wrong place. Now when _both_ the anchor and the ftp port redirection rule are the first rules in the ruleset, everything works as expected. The error came when I upgraded from 4.6 and the nat-anchor and rdr-anchor were removed but I didn't move the ftp-proxy anchor before other nat rules. I think the ftp-proxy man page could hint something like "insert these lines into pf.conf before any other translation rules". It could help people like me. Or hopefully they just find this thread with Google. Thanks for your patience and thanks for the pf. Teemu
