Either switch to passive ftp, or open your ftp-data port. That should solve some of your problems.
On 10/16/08, Kendall Shaw <[EMAIL PROTECTED]> wrote: > I get no reply when I try to subscribe to the pf mailing list, so I'll > ask here. I'm running OpenBSD 4.3 stable on amd64. I use what is in the > pf faq to allow ftp from my internal lan via nat, which works, but I > can't ftp from the computer that is running pf unless I use ftp -AaE as > I read about in a post on this list I think. And, I am unable to > retrieve or query package or install ports. > > If I simply use ftp without arguments, I can login but I can't list > directories. It hangs after printing 200 EPRT command successful. > > I tried setting FETCH_CMD to '/usr/bin/ftp -AaE' but I still can not use > pkg_add, and I can't use pkg_info. If I try to build a port, it can't > retrieve the files. I would prefer to fix my pf rules. What do I need to > do to allow ftp, package tools and ports to work from the machine > running pf? > > Also, my filtering rules start with "block log all", which I hoped would > log anything that is blocked, but I don't see anything that looks like > ftp being blocked in pflog. If I disable pf, package tools work. Is > there a way to log everything that is blocked? > > Kendall
