Hi list, I'm trying to get outgoing FTP sessions to work with pf and ftp/ftp-proxy in a NAT environment.
My simple config on a test machine looks like this:
------------------------------------------------------------------
int_if = "rl0"
localnet = "192.168.0.0/24"
tcp_services = "{ ssh, domain, www, https, ftp }"
udp_services = "{ domain }"
nat on $int_if from $localnet to any -> ($int_if)
rdr pass proto tcp from any to any port ftp -> 127.0.0.1 port 8021
block all
pass from $localnet to any keep state
pass proto udp to any port $udp_services keep state
pass out proto tcp to any port $tcp_services keep state
pass in proto tcp from any to any user proxy keep state
pass in proto tcp from any to any port ssh keep state
------------------------------------------------------------------
FTP login works fine. But if I want to do a "ls" on the FTP server I get
the following error on the client (no matter if NAT client or gateway):
425 Failed to establish connection.
Any idea whats wrong with my setup?
Thanks,
Matthias
signature.asc
Description: OpenPGP digital signature
