ftp/ftpproxy Behind NAT

[tuaris]

I have installed ftp/ftpproxy and configured it as a reverse proxy to some FTP servers on my local network. The system (the proxy server) is behind a NAT as shown below.

EXTERNAL CLIENT <--------> NAT <---------> FTP PROXY <-----> FTP SERVER

Due to this setup ftp.proxy it's responding with a non-routable IP address when PASV mode is used.

Command:   PASV
Response:   227 Entering Passive Mode (192,168,0,37,187,214)

According to the (very limited) documentation, it looks like I need to add some additional log to the connection translation program (ctp). Unfortunately there is no hint or examples of how to do this, especially with a dynamic IP address.

Is anyone familiar with how to do this?

 

[lostpacket]

Not sure what firewall you are using, should be matter of starting ftp-proxy in reverse dns:

/usr/sbin/ftp-proxy -p 8021 -R 192.168.1.1 -P 21 -D7 -v

where ip = port to listen on, -R where to forward, -P port to connect to, -D7 debug level, -v set log on pf rules

then in pf.conf:

anchor "ftp-proxy/*"
pass in log on $ExtIf inet proto tcp from any to ($ExtIf) port ftp flags S/SAFR modulate state divert-to lo0 port 8021