Yesterday, I wrote

> Does pf special-case FTP?  I set up a pf firewall (3.0) that's
> supposed to allow anything as long as the connection is opened by the
> inside side.  [...FTP trouble...]

The problem proved to be that the outgoing connections round-robin
among multiple addresses, and the data connection drew a different
address from the control connection, which upset the server.  Obvious,
in retrospect....

But I'm not sure what to do about it.  Based on reading over the
manpage, it doesn't even look as though ftp-proxy will fix this.  (What
I really want is for the control connection address to be selected
normally, same as for any other connection, but all data connections
corresponding to it to use the same address.  It would be acceptable,
albeit not ideal, for all FTP, control and data both, to always use the
same external address.)

Am I crossing into uncharted territory here, or is there something in
ftp-proxy that I missed when reading the manpage?

/~\ The ASCII				der Mouse
\ / Ribbon Campaign
 X  Against HTML	       mouse@rodents.montreal.qc.ca
/ \ Email!	     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B