port-sparc: Re: ipf and FTP

Subject: Re: ipf and FTP
To: port-sparc@netbsd.org <port-sparc@netbsd.org>
From: Ingolf Koch <ingolf@knuut.de>
List: port-sparc
Date: 02/27/2000 16:02:38

On Sun, Feb 27, 2000 at 12:46:43AM -0600, Jonathan Eisch wrote:
> Does anyone know how to allow passive and active FTP clients to get out
> through the same gateway with 'ipf' (ipfilter)?

You probably mean ipnat, don't you? If so, try the following:

map isp0 192.168.2.0/24 -> 0/32 proxy port ftp ftp/tcp
map isp0 192.168.2.0/24 -> 0/32 portmap tcp/udp 20000:30000
map isp0 192.168.2.0/24 -> 0/32

isp0 is my ISDN interface, 192.168.2.0 is my local network.

Put the ftp line _before_ the tcp/udp line.

    Ingolf
-- 

Ingolf Koch     ICQ#60829470     Beste Kneipe in Jena-Ost
PGP: 0x7B3B5661  213C 828E 0C92 16B5  05D0 4D5B A324 EC04