Mam nastepujacy problem
Postawilem openBSD 3.5 z prosta konfiguracja
Blokuje wszystko co wchodzi
Mam problem z polaczeniem do serwera ftp
Po skonfigurowaniu pf i uruchomieniu ftp-proxy problem znikl i moglem sie
podlaczyc do ftp w trybie passive.
Niestety musze polaczyc sie z pewnym ftp z ktorego kozysta aplikacja i tu
juz jest problem.
Open wyzuca blad:
Jun 9 15:23:56 tygrysek ftp-proxy[16081]: connect() failed (No route to
host)
A klient ftp pokazuje mi adres z przecinkami !!! a nie z kropkami.
Niewiem juz o co chodzi poradzcie.
Przesylam konfiguracje pf i inetd
##### pf
Net="xl0"
Lan="xl1"
Informatycy="{ 172.17.70.7 }"
LetHere="{ 22 }"
moj=217.153.216.22
#table <spamd> persist
#table <spamd-white> persist
scrub in all
nat on xl0 from 172.17.70.0/24 to any -> 217.153.216.22
#######################FTP
#rdr on $Lan proto tcp from any to any port 21 -> 127.0.0.1 port 8021
rdr on $Lan proto tcp from 172.17.70.7 to 172.17.70.250 port 21 ->
195.205.71.20 port 21
#pass out on $Net proto tcp from 217.153.216.22 port { 55000 >< 55050 } to
any port 21 keep state
#pass out on $Net proto tcp from 217.153.216.22 port { 55000 >< 55050 } to
any port > 1024 keep state
#pass in on $Lan proto tcp from 172.17.70.0/24 port > 1024 to 217.153.216.22
port { 55000 >< 55050 } keep state
#pass in on $Lan proto tcp from 172.17.70.0/24 port > 1024 to 127.0.0.1 port
8021 keep state
#rdr pass on $ext_if proto tcp from <spamd> to port smtp \
# -> 127.0.0.1 port spamd
#rdr pass on $ext_if proto tcp from !<spamd-white> to port smtp \
# -> 127.0.0.1 port spamd
block in on $Net all
block in on $Net proto icmp all
block in on $Net proto { tcp, udp, icmp } from any to 217.153.216.22
block in on $Lan proto { tcp, udp } from 172.17.70.0/24 to 172.17.70.250/32
pass in on $Lan proto { tcp, udp } from $Informatycy to 172.17.70.250 port
$LetHere
pass out on $Net inet proto { udp, icmp } all keep state
pass out on $Net inet proto tcp all flags S/SA keep state
### inetd
127.0.0.1:8021 stream tcp nowait root /usr/libexec/ftp-proxy
ftp-proxy
reszta bez zmian