Hello! I managed to get ftp through PF working either without ftp-proxy ...
match in inet proto tcp from any to $external port = ftp rdr-to $internal port 21 match in inet proto tcp from any port = ftp-data to $external port 1024:65535 rdr-to $internal port 1024:65535 match in inet proto tcp from any to $external port = ftp-data rdr-to $internal port 20 or with ftp-proxy... pass in quick on vlan5 inet proto tcp from any to $external port ftp divert-to 127.0.0.1 port 8021 /etc/rc.local: /usr/sbin/ftp-proxy -p 8021 -R $internal -P 21 -D7 -v I asked question is it possible to use multiple intances of ftp-proxy and it turned out that several people are running reverse ftp-proxy in production. so... can anybody help me to choose between two above options ? with ftp-proxy or without ftp-proxy ? Cheers, Ilya Shipitsin
