Subject: Re: misc/35225: there is no automation in rc.d for ftp-proxy(8)
To: None <misc-bug-people@netbsd.org, gnats-admin@netbsd.org,>
From: Juan RP <juan@xtrarom.org>
List: netbsd-bugs
Date: 12/10/2006 04:50:05
The following reply was made to PR misc/35225; it has been noted by GNATS.
From: Juan RP <juan@xtrarom.org>
To: gnats-bugs@netbsd.org
Cc:
Subject: Re: misc/35225: there is no automation in rc.d for ftp-proxy(8)
Date: Sun, 10 Dec 2006 05:46:25 +0100
On Sunday 10 December 2006 05:40, perry@piermont.com wrote:
> >Description:
>
> Our rc.d machinery doesn't include support needed to start the
> ftp-proxy(8) daemon, which is needed for pf based NATs.
ftp-proxy(8) clearly mentions that it needs to be started via
inetd:
ftp-proxy is run from inetd(8) and requires that FTP connections are
redirected to it using a rdr rule. A typical way to do this would be to
use either an ipnat rule such as
int_if = "xl0";
rdr $int_if 0/0 port 21 -> 127.0.0.1 port 8021 tcp
or a pf.conf(5) rule such as
int_if = "xl0"
rdr pass on $int_if proto tcp from any to any port 21 -> 127.0.0.1 port
8021
inetd(8) must then be configured to run ftp-proxy on the port from above
using
127.0.0.1:8021 stream tcp nowait root /usr/libexec/ftp-proxy
ftp-proxy -[ip]
in inetd.conf(5).
I don't see the point of your PR.
--
http://plog.xtrarom.org/
Juan RP's blog - NetBSD/pkgsrc news in Spanish