Subject: new FTP proxy
To: None <>
From: der Mouse <mouse@Rodents.Montreal.QC.CA>
List: tech-net
Date: 02/28/2006 12:01:06
NetBSD comes with ftp-proxy, an FTP proxy designed for use with pf, to
try to make FTP work through NAT (to the extent that it can).  This
proxy was not suitable for my needs; I needed a proxy that better
handled the case of multiple world-facing addresses.

So I wrote one.  I'm told modern OpenBSD has a new ftp-proxy that, from
the brief description I heard, sounds somewhat similar to mine; for
various reasons, it looked as though it would be less pain to build my
own than try to lift OpenBSD's.

I'm mentioning it here in case anyone would like to pick mine up,
either to use or to roll back into some distribution.  Mine is thought
to handle all four styles of data connection (PORT, PASV, EPRT, EPSV)
correctly, though I've not been able to test them all as thoroughly as
I'd like.  I did cheat in one respect: when I looked at adding rdr
rules programmatically, I found no documentation, and the existing code
was convoluted enough that sussing out how to use the API from it
seemed Hard.  So I just fork pfctl and feed it the rules in text form. for them as wants.
You'll probably want lcs-cvt as well, since the code uses its
facilities; see /mouseware/, the README and PACKAGES files in
particular, for where to find that.

/~\ The ASCII				der Mouse
\ / Ribbon Campaign
 X  Against HTML
/ \ Email!	     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B