SEO

Hello every one ...

I've install OpenBSD 3,5 as a replacemnent for Cisco router

But I've problem with ftp client connection from inside.
I've done everything what i s in ftp faq - > ftp-proxy and pf configuration
Now I can connect to any ftp server in passive mode, except one server


Thats what happening..., open is sending may Lan adress but it should sent
my outside adress
"
227 Entering Passive Mode (195,205,71,20,39,22).
PORT 172,17,70,7,18,143
500 Illegal PORT command
"
/var/log/messages
"
Jun 9 15:23:56 tygrysek ftp-proxy[16081]: connect() failed (No route to
host)
"
But I can connect to this server from Open console

I don't now what to do with this. I'm sending my pf and inetd

##### pf
Net="xl0"
Lan="xl1"
Informatycy="{ 172.17.70.7 }"
LetHere="{ 22 }"
myadress=...
#table <spamd> persist
#table <spamd-white> persist

scrub in all

nat on xl0 from 172.17.70.0/24 to any -> $myadress
#######################FTP
rdr on $Lan proto tcp from any to any port 21 -> 127.0.0.1 port 8021

#With this is still not working
#pass out on $Net proto tcp from $myadress port { 55000 >< 55050 } to
any port 21 keep state
#pass out on $Net proto tcp from $myadress port { 55000 >< 55050 } to
any port > 1024 keep state
#pass in on $Lan proto tcp from 172.17.70.0/24 port > 1024 to $myadress
port { 55000 >< 55050 } keep state
#pass in on $Lan proto tcp from 172.17.70.0/24 port > 1024 to 127.0.0.1 port
8021 keep state
#rdr pass on $ext_if proto tcp from <spamd> to port smtp \
# -> 127.0.0.1 port spamd
#rdr pass on $ext_if proto tcp from !<spamd-white> to port smtp \
# -> 127.0.0.1 port spamd

block in on $Net all
block in on $Net proto icmp all

block in on $Net proto { tcp, udp, icmp } from any to $myadress
block in on $Lan proto { tcp, udp } from 172.17.70.0/24 to 172.17.70.250/32

pass in on $Lan proto { tcp, udp } from $Informatycy to 172.17.70.250 port
$LetHere

pass out on $Net inet proto { udp, icmp } all keep state
pass out on $Net inet proto tcp all flags S/SA keep state


### inetd
127.0.0.1:8021 stream tcp nowait root /usr/libexec/ftp-proxy
ftp-proxy
....no more changes

Please help... I must connect to this ftp nearly everyday

Morty...