Solved (was: Re: pf rdr (for ftp-proxy) problem)
Joerg Sonnenberger
joerg at britannica.bec.de
Wed May 11 04:30:10 PDT 2005
On Wed, May 11, 2005 at 01:47:27PM +0300, Yiorgos Adamopoulos wrote:
> Regarding pf's problems with ftp-proxy and rdr:
>
> The default /etc/pf.conf suggests:
>
> rdr pass on $int_if proto tcp to port ftp -> 127.0.0.1 port 8021
>
> which does not work (at least for me). Instead using:
>
> rdr pass on $int_if proto tcp to port ftp -> int_if_ip_adress port 8021
>
> works fine!
That's what Simon suggested earlier. We trigger an internal consistence
check somewhere in if_loop, which drops the packets.
Joerg
More information about the Bugs
mailing list