Buki <dev_at_null.cz> writes: > Dag-Erling Smørgrav <des_at_des.no> writes: > > "Julian H. Stacey" <jhs_at_tower.berklix.net> writes: > > > I've never been sure which ftpd to run on my gateway (with IPFW, with no NAT) > > > to provide proxy, so internal hosts could cd /usr/ports; make fetch > > You don't need a proxy. Do the following on each internal host: > > > > # echo 'FTP_PASSIVE_MODE=YES' >>/etc/profile > actually, if the internal hosts use RFC1918 addresses this wouldn't > suffice. He really needs either ftp proxy (and redirect all ftp traffic > to it) or NAT. He specifically said "no NAT", so I assumed his internal hosts had routable addresses. If they don't, he should set up Squid and define FTP_PROXY and HTTP_PROXY in the internal hosts' environments; see fetch(3) for details. Better yet, define ftp_proxy and http_proxy as some third-party software (wget, w3m) obey the lower-case variables but not the upper-case ones. OpenBSD has transparent FTP and TFTP proxies written specifically for use with pf(4), but we haven't imported them (yet). As for non-transparent FTP proxies, there are several unformalized and mostly undocumented protocols. The most common one seems to be to send the server name as part of the login name (user_at_server:port) when logging on to the proxy; libfetch supports that protocol and will use it if the method part of FTP_PROXY (or ftp_proxy) is either "ftp" or unspecified. One open source proxy I know of which supports this is ftp/ftpproxy in ports. DES -- Dag-Erling Smørgrav - des_at_des.noReceived on Wed May 16 2007 - 16:39:09 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:39:10 UTC