Not sure what you're "answer" is. Yes, tag/tagged is off-tilt and being worked. No, everything with ftp-proxy is fine, it's pilot error in the rule set. Or little from "A" and little from "B."
Shouldn't ftp-proxy set both its control and data channel needs correctly via its anchors. Else-wise if it needs me to do something for it, then isn't tag/tagged the clean why to effect manual rule entries? If so, then why no hits. Which brings us back to doh. /S -----Original Message----- From: Camiel Dobbelaar <[EMAIL PROTECTED]> To: S. Scott Sima, CISA, CISM <[EMAIL PROTECTED]> Subject: Re: openbsd 4.2 + ftp-proxy -T + pf +tag/tagged not working Date: Tue, 11 Dec 2007 10:23:59 +0100 Mailer: Thunderbird 2.0.0.9 (Windows/20071031) The "user proxy" rule should not be hit either, for FTP data connections... Only the FTP control (port 21) connections will be "owned" by user proxy. You always need a rule to allow the proxy to connect out on port 21.