I get no reply when I try to subscribe to the pf mailing list, so I'll ask here. I'm running OpenBSD 4.3 stable on amd64. I use what is in the pf faq to allow ftp from my internal lan via nat, which works, but I can't ftp from the computer that is running pf unless I use ftp -AaE as I read about in a post on this list I think. And, I am unable to retrieve or query package or install ports.
If I simply use ftp without arguments, I can login but I can't list directories. It hangs after printing 200 EPRT command successful. I tried setting FETCH_CMD to '/usr/bin/ftp -AaE' but I still can not use pkg_add, and I can't use pkg_info. If I try to build a port, it can't retrieve the files. I would prefer to fix my pf rules. What do I need to do to allow ftp, package tools and ports to work from the machine running pf? Also, my filtering rules start with "block log all", which I hoped would log anything that is blocked, but I don't see anything that looks like ftp being blocked in pflog. If I disable pf, package tools work. Is there a way to log everything that is blocked? Kendall
