Hi.
I set up a firewall with openbsd and pf. i activated ftp-proxy in
inetd.conf as follows:
127.0.0.1:8021 stream tcp nowait root /usr/libexec/ftp-proxy
ftp-proxy
my pf-rules regarding the ftp-proxy are looking like this:
rdr pass on sis0 inet proto tcp from any to any port = ftp -> 127.0.0.1
port 8021
pass in on tun0 proto tcp from any to (tun0) port > 49151 user = 71 keep
state
when i try to ftp everything is working fine. but when i try to connect
to a host, which is running proftpd with TLS activated, ftp-proxy cuts
off when TLS begins to work (IIRC after submitting the username the
engine starts).
/var/log/daemon has this in it:
Aug 18 23:47:46 losraidonos ftp-proxy[15467]: accepted connection from
XXX.XXX.XXX.XXX:34817 to XXX.XXX.XXX.XXX:21
Aug 18 23:47:51 losraidonos ftp-proxy[15467]: got NUL byte from client -
bye!
i tested this with a linux-client from the internal-net, which is
capable of ftps.
is ftp-proxy capable of this too? do i need any options in inetd to
start ftp-proxy with? i looked through the man page, but didn't found
anything.
i know from squid, that it just lets the traffic through without
touching it, if it recognizes a encrypted link (SSL for instance).
TIA,
marc
