rudolf wrote:
> Pavel Cahyna wrote:
>> On Thu, Apr 20, 2006 at 05:07:45AM +0200, rudolf wrote:
>>> OK, the first time I stumbled over the manual page for ftp-proxy(8) I 
>>> was distracted by the description: ``The proxy uses pf(4) and expects 
>>> to have the FTP control connection as described in services(5) 
>>> redirected to it via a pf(4) rdr command.''; now I see it can also be 
>>> used with ipf, thanks.
>>
>> - have you tried it? does the ftp-proxy work well with ipf?
> 
> Not yet, I'll report the result.
> 

Hi,

I gave up the ftp-proxy thing - all I need is to comment out the first 
line in /etc/ipnat.conf:
#map xennet1 10.0.0.0/24 -> xx.xx.xx.xx/32 proxy port ftp ftp/tcp
map xennet1 10.0.0.0/24 -> xx.xx.xx.xx/32 portmap tcp/udp 10000:20000
map xennet1 10.0.0.0/24 -> xx.xx.xx.xx/32

and then I am able to do passive ftp without problems. The ftp-proxy 
solution is too complex for my needs.

Thanks,

r.