Subject: Re: ipnat ftp proxy fix yet? (ever?)
To: None <>
From: Sean Davis <>
List: tech-net
Date: 10/29/2004 00:54:09
On Fri, 29 Oct 2004 04:10:05 +0000 (UTC), Geoff Wing
<> wrote:
> Sean Davis <> typed:
> : Okay. Lets assume for a moment that the bug *is not* in the FTP proxy code
> : at all. Why, then, does commenting out the ftp proxy line in my ipnat.conf
> : enable passive FTP to work just fine through the NAT?
> How far back do you have to go to get working sources?  I had a problem late
> August (or early Sep) which broke IPSEC proxy (my pr #27084) but no IPF files
> were touched at that time, just other IP code.  Maybe you've been hit by the
> same change.

I haven't tried backtracking since the machine in question kinda needs
to be up for my LAN to have internet access, but it's never worked
right on that box. I don't have the exact date of the sources that
machine's install was built with when I first switched to it as the
NAT box, but it was somewhere around 20040829; according to my cvs
logs, that is when I pulled ipfilter out of the kernel on the old NAT
box. It has always run -current (due to the fact that when I got the
machine, netbsd-2-0 hit the sleep sleeps forever bug on it rather
reliably when doing just about anything), so it's safe to say that
it's been broken at least since -current as of 20040829.

Right now it's running 2.99.9 built on or around october third. I can
post ident output from the kernel if you're interested.