4. Enabling Userland FTP Proxy doesn't make it into rules.debug

Enabling Userland FTP Proxy doesn't make it into rules.debug

  • S

    OK, some background,

    I have a LAN on an OPT interface (bce2) and I have a DMZ on an OPT interface (bce3)
    The DMZ is manually outbound NAT
    When I make sure that the 'Disable the userland FTP-Proxy application' checkbox is unchecked on the LAN port (bce2) the rdr rule does not show up in rules.debug

    Active FTP does not work from LAN to DMZ, however if I add the rdr rule to rules.debug: "rdr on bce2 proto tcp from any to any port 21 -> 127.0.0.1 port 8022" and run "pfctl -f /tmp/rules.debug" then Active FTP works.

    Is there a way I can make this change permanent? Or is there something I am forgetting? Any time I make a change through the webgui that rule is obviously lost.

    Thanks,

    Matt

    0
  • Rebel Alliance Developer Netgate

    Placing of those rules depends somewhat on the firewall and nat rules involved between segments.

    You might also try killing all processes that match pftpx and ftpsesame and then re-saving any firewall rule to trigger a change. See if it restarts properly after that.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy