| Firewalling with OpenBSD's PF packet filter: EuroBSDCon 2007, København, September 12th 2007 | ||
|---|---|---|
| Prev | Next | |
Runs as a deamon, independent of inetd
/etc/rc.conf[.local]
ftpproxy_flags=""
/etc/pf.conf
NAT section anchors
nat-anchor "ftp-proxy/*" rdr-anchor "ftp-proxy/*"
the redirection (you may have this already)
rdr pass on $int_if proto tcp from any to any port ftp -> 127.0.0.1 \
port 8021in your filtering section
anchor "ftp-proxy/*"
pass out proto tcp from $proxy to any port 21 keep state