ftp proxy and pf.conf rules (From The Book of PF, 2nd Ed)
I am updating my primary firewall to 5.0 and taking the opportunity to clean up my ruleset a little at the same time.
I am using The Book of PF 2nd Edition as a guide to setting up the ftp proxy.
The book says I'll only need three things in my pf.conf to make the proxy work (after enabling ftpproxy_flags in rc.conf.local):
The anchor line - anchor "ftp-proxy/*"
A pass in rule - pass in quick proto tcp to port ftp rdr-to 127.0.0.1 port 8021
A pass out rule - pass out proto tcp from $proxy to any port ftp
I originally had more restrictive pass rules in place, but pfctl wouldn't load the ruleset because it said the "proxy" macro wasn't defined so I entered the lines as written but get the same warning.
Am I supposed to substitute something for $proxy in my rules, or is that pass-out implicit in the proxy?
|Thread||Thread Starter||Forum||Replies||Last Post|
|The Book of PF||anomie||Book reviews||8||19th December 2012 03:10 PM|
|Address book||fossala||Programming||6||5th July 2011 06:26 PM|
|Rules for the Book reviews forum.||Carpetsmoker||Book reviews||0||1st October 2008 07:15 PM|
|difference between rc.conf and loader.conf||disappearedng||FreeBSD General||5||3rd September 2008 06:54 AM|
|Book reviews?||ocicat||Feedback and Suggestions||8||2nd May 2008 05:34 AM|