2009/5/17 Patrick Lamaizière <patf...@davenulle.org>: > Le Sun, 17 May 2009 16:16:51 -0400, > alexus <ale...@gmail.com>: > >> i dont see how things are obvious for you as they not so obvious for >> me. first of all my ipf default policy to allow everything. >> >> so the original question is for ipnat and not for ipf >> >> now for non-passive (active) i put in these rules >> >> rdr bce0 0/0 port ftp-data -> lama port ftp-data tcp >> rdr bce0 0/0 port ftp -> lama port ftp tcp >> >> and for pasv i still dont know what to do >> >> i've tried >> >> rdr bce0 0/0 port 49152-65534 -> lama port 65534 >> >> and in my ftp i said that this is range for pasv connections > > I don't think there is a way to redirect a ports ranges to a ports > range with ipnat. For my ftp server I redirect each port (I use 30000 > to 30039 for FTP) with a rule: > rdr vr0 0.0.0.0/0 port 21 -> 192.168.1.4 port 21 > rdr vr0 0.0.0.0/0 port 30000 -> 192.168.1.4 port 30000 > rdr vr0 0.0.0.0/0 port 30001 -> 192.168.1.4 port 30001 > ... > rdr vr0 0.0.0.0/0 port 30038 -> 192.168.1.4 port 30038 > rdr vr0 0.0.0.0/0 port 30039 -> 192.168.1.4 port 30039 > > For ipnat see > http://www.westworks.ch/~chris/netbsd/NetBSD-NAT-FTP-server.html > > Regards. >
i've spoke with Chris, he suggest i use rdr bce0 0/0 port 49152-65534 -> lama port 49152 tcp or use openbsd's pf with rdr on bce0 proto tcp from any to any port 49152:65534 -> lama port 49152:* for now and i'm still testing, i was able to get where i want with rdr bce0 0/0 -> lama proxy port ftp ftp/tcp so far seems to be working... if not i'll try chris suggestion -- http://alexus.org/ _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"