Re: ftp-proxy under 3.0 question

[Chris Hedemark <chris@yonderway.com>]

On Friday 01 February 2002 04:01 am, you wrote:

> I am not trying to create a flame or noise for my problem on ftp-proxy
> under openbsd 3.0 pf environment.  First of all, I had checked all the
> email concerning the ftp-proxy anf follow the steps to try to solve
> without any success.  The steps are such as
>  1. 8081 .... /sr/libexec/ftp-proxy ftp-proxy  in inetd.conf
>  2. pass in ... port > 49151 ... in pf.conf

Clarence, I sent you all of the relevant changes in a private message, but I 
noticed you don't have anything in here about your nat configuration.  You 
need to use nat.conf to redirect outbound ftp traffic through ftp-proxy.

Also I added " -n" to the end of the line in /etc/inetd.conf referencing 
ftp-proxy.

> However, one of the email saying the newer version of ftp-proxy that is
> sup cvs will solve the ftp-proxy problem.  

I'm running from the CD ROM version and it is working fine so far.  I've 
downloaded several gigs through this configuration and its working great.

> Please send me your
> pf.conf, nat.conf and the procedure to me (c5666305@hkstar.com) in private
> email as I do not want to make any noise in misc@openbsd.org concerning
> ftp-proxy problem. Thanks.

Oh I don't think this is noise.  This is great stuff.  It needs to get into 
the archives as well as the faq.  Simply posting the solution here will get 
it into the archive.  I'm hoping it gets into the FAQ as well.

I'm also hoping to write an article, maybe for the OpenBSD Journal, on how to 
build a firewall box from the ground up for a cable modem or DSL user, 
including DHCP client on the external adapter, DHCP server for internal 
adapter, DNS server, squid, pf, NAT, ftp-proxy, etc.  I'll post a link 
here and on announce@ whenever I have a chance to write that.