FTP Client Proxy Package

kejianshi

Whatever you do, don't use a vpn.  That would be too easy…

corotte

Thank you very much for this package !!  ;D

that should do the trick for some of my customers who are stuck with application that use "archaic" FTP Active client to update :)

Will try it in next maintenance  8)

lpandolfini

Thank you very much for this package!

I have a little problem with one WAN and multiple LAN, with different VIPs used for outgoing traffic (one per LAN), the post is this:
https://forum.pfsense.org/index.php?topic=91638.0

Thanks.
Luca

Marlenio

Hi,
is it possible to add more than one ip on bypass list?

jimp

@Marlenio:

is it possible to add more than one ip on bypass list?

Make an alias and put the alias name there.

Marlenio

@jimp:

Make an alias and put the alias name there.

Thanks in advance. :) :)

Marlenio

@Marlenio:

@jimp:

Make an alias and put the alias name there.

Thanks in advance. :) :)

I try. I made an alias with two Ip and put the name in "Proxy Bypass: Destination", restart service, but it doesn't works.

EDIT: alias works if declare IPs like a "/32" network, but not like single host. :)

luckman212

jimp-

Just wanted to thank you wholeheartedly for this package. I know FTP is 'discouraged' but sadly we can't always force these decisions on users when legacy systems are in place and working. This package has saved us a lot of headache.

bravo sir

h.kling

Dear Jimp,

thank you VERY MUCH for this great package!

Is it possible to modify package and GUI to realize an explicit proxy environment?

Best wishes

tmc

Have an issue with 2 in-series PFSense boxes… the 2nd one is on a LAN (Opt1 on PFSense #1 / all traffic in-and-out for that LAN on WAN Virtual IP and NAT'd through to 2nd pfSense) and needs to get out to WAN for Active FTP Session.  If I set the 2nd pfSense FTP Client Proxy to WAN external address it won't connect at all, but if I set it to default (WAN - which is actually LAN going to Opt1 in first pfSense), it connects but will not open data port.

Hope this make sense - any ideas?

jimp

@klingone:

Is it possible to modify package and GUI to realize an explicit proxy environment?

Not that I'm aware of. If you need an explicit proxy, I believe that squid can handle that.

jimp

@tmc:

Have an issue with 2 in-series PFSense boxes… the 2nd one is on a LAN (Opt1 on PFSense #1 / all traffic in-and-out for that LAN on WAN Virtual IP and NAT'd through to 2nd pfSense) and needs to get out to WAN for Active FTP Session.  If I set the 2nd pfSense FTP Client Proxy to WAN external address it won't connect at all, but if I set it to default (WAN - which is actually LAN going to Opt1 in first pfSense), it connects but will not open data port.

I use it here with multiple boxes in series and it's OK but I don't use VIPs or send it out an alternate WAN (just the default WAN at my edge, not my second WAN).

When using load balancing or multi-wan, the FTP traffic (including high data ports) would have to exit the default WAN or the proxy won't work correctly.

rougement

I've been banging my head against a brick wall trying to get an old FTP client to work properly. Thank you so much for your work, I appreciate it.

stavros

Hi, i need some help on configuring FTP Client Proxy Package in order to give ftp access on my network. I have 2 wan (WAN1 & WAN2) and one LAN interface.

Local Interface: I select only LAN ?
Anonymous Only: Not checked
Source Address: I put one of the two public WAN ip address?
Proxy Bypass Source: None
Proxy Bypass Dest: None
Bind Port: None
Maximum Sessions (Default: 100): None
Traffic Shaping Queue: None
Rewrite Source to Port 20 : Not checked
Idle Timeout (Default: 86400) : None
Log Connections : Not Checked

Do i need any other configuration? I use filezilla ftp server.

sorry but my knowledge is very basic on this staff.

doktornotor

@stavros:

Do i need any other configuration? I use filezilla ftp server.

This package is for FTP clients using active mode behind pfSense.

https://doc.pfsense.org/index.php/FTP_without_a_Proxy

svenruben

Many thanks for building this package, install, enable, assign client interfaces ALL DONE. You safed my day! thanks a lot. sven

dlawley

Is this suppose to add rules needed to make it work? Or do I need to the config manually as listed here?

http://www.freebsd.org/cgi/man.cgi?query=ftp-proxy&sektion=8

I ask as it appears that none are added…

using 2.2.4-RELEASE (amd64) FTP Client Proxy 0.2.1

jimp

There is no need to add anything manually. Install the package and pick the settings. If you have a problem, please start a new thread for assistance.

jkramp

Why oh why doesn't pfSense bundle with this plug-in, I have been trouble shooting in the other end and then it was pfSense the entire time.

Thanks a bunch for this jimp - it working absolutly perfect and finally my Check Point has stopped yelling "Unable to Parse FTP PORT/227 command - header IP different from command IP".

akong

I have installed FTP Client Proxy Package 0.3 Beta and setup on LAN.But filezilla can't connect it.The filezilla message is follow:

Status: Resolving address of ftp.aspa.idv.tw
Status: Connecting to 219.85.218.78:21…
Status: Connection established, waiting for welcome message...
Status: Insecure server, it does not support FTP over TLS.
Status: Connected
Status: Retrieving directory listing...
Status: Server sent passive reply with unroutable address. Using server address instead.

In older version can use it.How to fix it?My ftp server is used passive mode.