Hi all I'm writing the pf rules.. Now I'm stucking with the ftp rules..
my client need to use ftp from private net to dmz (192.168.1.0/24 to 192.168.202.0/24) and my dmz need to ftp to public net on both Passive and Active mode.. After test the pf rules.. the active connection worked fine with using ftp-proxy.. But the passive connection is failed my private net always failed to list the file on ftp server on dmz.. (also public net) I've read from many article and found that they let me choose to use one of passive or active mode.. but not both.. So how can I handle on both connection (acvtive and passive..)?? Thanks.. My rules: ######################################################## # macros net_if = "em0" inh_if = "em1" stg_if = "em2
