On Sat, Jan 03, 2004 at 10:04:32AM -0500, stan wrote:
> >
> > http://www.deadly.org/article.php3?sid=20020130012631
> >
> Thanks, taht's a very useful document!
but outdated. Why dont you just start with _the_ reference. The pf faq
has a whole section dedicated to ftp:
http://www.openbsd.org/faq/pf/ftp.html
> I'm working my way throuhg it at the moment, and i have a few questions.
> I want to set up to use active ftp, that's what I think I had with ipf.
yes, ipf handles active ftp in the kernel, which is actullya bad idea,
so pf uses ftp-proxy.
> I added teh entry to /ect/services that it discuses. Then it talks about
> etc.inetd.conf. I found this entry in mine, which was installed by
> default, but commented out, and I had uncomented in an atempt to make
> things work.
>
> 127.0.0.1:8021 stream tcp nowait root /usr/libexec/ftp-proxy ftp-proxy
so, you already had the correct entry, and no need to mess with /etc/services
too.
> So, I comented it back out, and added this:
>
> ftp-proxy stream tcp nowait root /usr/libexec/ftp-proxy \
> ftp-proxy -n -V -D3 -u ftp-proxy -m 55000 -M 57000 -t 300
no need, remove those and put the original entry back in.
> And this is when I started to get puzzled. The next refernce is to a
> /etc/nat.conf file. I thought this file was obsoleted with teh move from
> ifp to pf. Am I wrong? I don't have one, and man nat.conf doesn't show any
> entries for it.
yes, what you are reading is an _old_ document. Please use the pf-faq.
and you will find that the sample pf.conf already have the rules
you need for ftp-proxy there, commented out.
Perhaps you need to give a thought to how things work instead of
blindly following arbitrary instructions? OpenBSD documentation
(FAQ and manual pages) contain everything you need. Just learn to
read and understand them.
