I have a multiple ISP router/firewall running 4.2. To make FTP work
properly over both gateways, I found and applied the following patch to
ftp-proxy **see link below** and it's working great (apparently pftpx is
very similar to ftp-proxy). Without this fix, my second ftp-proxy process
(for ISP2) allows the incoming data connection but incorrectly tries to
respond over the firewall's default gateway (ISP1). This fix adds a
"reply-to" argument to the dynamic inbound rule and makes everything work.
I believe it also adds "route-to" when using passive FTP. I have an
explicit pf route-to rule to handle the initial outbound FTP connection
coming from the ftp-proxy.
Is there any chance that this feature could be added to the OpenBSD code?
Or is there some other way to properly route FTP over multiple gateways
with the existing ftp-proxy? Seems like something that others may find to
be useful.
http://cvstrac.pfsense.com/dirview?d=tools/pfPorts/pftpx-routeto/files&;
Thanks,
Bryan
