Re: ftp-proxy_at_pf not working on recent current and/or RELENG_5

From: Divacky Roman <xdivac02_at_stud.fit.vutbr.cz>
Date: Tue, 7 Sep 2004 13:38:38 +0200
by setting debug level to -D3 I am getting this in /var/log/messages
Sep  7 13:28:50 queeg500 ftp-proxy[845]: getsockname() failed (Socket operation
on non-socket)

so something is obviously wrong...

pls take a look at it - I consider it a serious bug

On Tue, Sep 07, 2004 at 09:57:58AM +0200, Divacky Roman wrote:
> seems like inetd doesnt even try to run ftp-proxy 
> 
> ie. when I issue ftp on nated machine and see what inetd is doing it in S state
> (ie. sleeping for more than 20 seconds)
> 
> On Mon, Sep 06, 2004 at 03:28:13PM +0200, Divacky Roman wrote:
> > Hi,
> > 
> > with this pf.conf and PROPERLY set up inetd I am not able to use ftp-proxy...
> > it simply doesnt work and I am pretty sure it worked before. I see this on
> > RELENG_5 and on -CURRENT too... If I am doing anything wrong pls tell me
> > 
> > pf.conf:
> > 
> > ext_if="vr0"
> > int_if="xl0"
> > 
> > #normalize packets
> > scrub in all
> > 
> > altq on $ext_if bandwidth 256Kb cbq queue {ssh_i web other} 
> > queue ssh_i bandwidth 25% cbq(borrow ecn)
> > queue web bandwidth 25% cbq(borrow ecn)
> > queue other bandwidth 50% cbq(borrow default ecn)
> > 
> > #ftp redirection
> > rdr on $int_if proto tcp from any to any port 21 -> 127.0.0.1 port 8021
> > #nat
> > nat on $ext_if from $int_if:network to any -> ($ext_if)
> > 
> > #rules
> > #default to block all
> > block in on $ext_if all
> > #pass all out while keeping state. and queue it
> > pass out on $ext_if from any to any keep state queue other
> > #queuing
> > pass on $ext_if proto tcp from any to any port ssh keep state queue(ssh_i, other)
> > pass out on $ext_if proto tcp from any to any port http keep state queue web
> > #ftp proxy
> > pass in on $ext_if inet proto tcp from any to $ext_if user proxy keep state queue other
> > #allow icmp
> > pass in on $ext_if inet proto icmp from any to any
> > 
> > _______________________________________________
> > freebsd-current_at_freebsd.org mailing list
> > http://lists.freebsd.org/mailman/listinfo/freebsd-current
> > To unsubscribe, send any mail to "freebsd-current-unsubscribe_at_freebsd.org"
> _______________________________________________
> freebsd-current_at_freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-current
> To unsubscribe, send any mail to "freebsd-current-unsubscribe_at_freebsd.org"
Received on Tue Sep 07 2004 - 09:38:44 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:38:10 UTC