FTP Client Proxy Package

doktornotor

The package is for 2.2.x only…

jimp

Note for future posters to this thread:
This thread is for general feedback about the package (commentary, GUI notes, etc) – Problem reports should go into separate threads so they can receive proper/full attention without taking over this thread. Dropping a note here saying it didn't work for you is OK so long as it contains a link to a separate problem thread for further discussion.

Thanks!

kawaider

Hi! Sorry for my bad English.
I use FTP server on port 1221. In PFsense 2.1 I configure ftphelper with option debug.pfftpports. But in PFsense 2.2 I can't confirure packet "FTP client proxy" for work with port differing from 21. Help, please!

jimp

The ftp-proxy(8) daemon seems to only work properly with a server on port 21, so there does not appear be a way to accommodate that scenario at this time.

kejianshi

Whatever you do, don't use a vpn.  That would be too easy…

corotte

Thank you very much for this package !!  ;D

that should do the trick for some of my customers who are stuck with application that use "archaic" FTP Active client to update :)

Will try it in next maintenance  8)

lpandolfini

Thank you very much for this package!

I have a little problem with one WAN and multiple LAN, with different VIPs used for outgoing traffic (one per LAN), the post is this:
https://forum.pfsense.org/index.php?topic=91638.0

Thanks.
Luca

Marlenio

Hi,
is it possible to add more than one ip on bypass list?

jimp

@Marlenio:

is it possible to add more than one ip on bypass list?

Make an alias and put the alias name there.

Marlenio

@jimp:

Make an alias and put the alias name there.

Thanks in advance. :) :)

Marlenio

@Marlenio:

@jimp:

Make an alias and put the alias name there.

Thanks in advance. :) :)

I try. I made an alias with two Ip and put the name in "Proxy Bypass: Destination", restart service, but it doesn't works.

EDIT: alias works if declare IPs like a "/32" network, but not like single host. :)

luckman212

jimp-

Just wanted to thank you wholeheartedly for this package. I know FTP is 'discouraged' but sadly we can't always force these decisions on users when legacy systems are in place and working. This package has saved us a lot of headache.

bravo sir

h.kling

Dear Jimp,

thank you VERY MUCH for this great package!

Is it possible to modify package and GUI to realize an explicit proxy environment?

Best wishes

tmc

Have an issue with 2 in-series PFSense boxes… the 2nd one is on a LAN (Opt1 on PFSense #1 / all traffic in-and-out for that LAN on WAN Virtual IP and NAT'd through to 2nd pfSense) and needs to get out to WAN for Active FTP Session.  If I set the 2nd pfSense FTP Client Proxy to WAN external address it won't connect at all, but if I set it to default (WAN - which is actually LAN going to Opt1 in first pfSense), it connects but will not open data port.

Hope this make sense - any ideas?

jimp

@klingone:

Is it possible to modify package and GUI to realize an explicit proxy environment?

Not that I'm aware of. If you need an explicit proxy, I believe that squid can handle that.

jimp

@tmc:

Have an issue with 2 in-series PFSense boxes… the 2nd one is on a LAN (Opt1 on PFSense #1 / all traffic in-and-out for that LAN on WAN Virtual IP and NAT'd through to 2nd pfSense) and needs to get out to WAN for Active FTP Session.  If I set the 2nd pfSense FTP Client Proxy to WAN external address it won't connect at all, but if I set it to default (WAN - which is actually LAN going to Opt1 in first pfSense), it connects but will not open data port.

I use it here with multiple boxes in series and it's OK but I don't use VIPs or send it out an alternate WAN (just the default WAN at my edge, not my second WAN).

When using load balancing or multi-wan, the FTP traffic (including high data ports) would have to exit the default WAN or the proxy won't work correctly.

rougement

I've been banging my head against a brick wall trying to get an old FTP client to work properly. Thank you so much for your work, I appreciate it.

stavros

Hi, i need some help on configuring FTP Client Proxy Package in order to give ftp access on my network. I have 2 wan (WAN1 & WAN2) and one LAN interface.

Local Interface: I select only LAN ?
Anonymous Only: Not checked
Source Address: I put one of the two public WAN ip address?
Proxy Bypass Source: None
Proxy Bypass Dest: None
Bind Port: None
Maximum Sessions (Default: 100): None
Traffic Shaping Queue: None
Rewrite Source to Port 20 : Not checked
Idle Timeout (Default: 86400) : None
Log Connections : Not Checked

Do i need any other configuration? I use filezilla ftp server.

sorry but my knowledge is very basic on this staff.

doktornotor

@stavros:

Do i need any other configuration? I use filezilla ftp server.

This package is for FTP clients using active mode behind pfSense.

https://doc.pfsense.org/index.php/FTP_without_a_Proxy

svenruben

Many thanks for building this package, install, enable, assign client interfaces ALL DONE. You safed my day! thanks a lot. sven