Getting ftp-proxy to work

mariourk · May 20, 2014

I can't set[]up any outgoing passive FTP connections. From what I've read, I need ftp-proxy for this. But no matter what I try, I can't get it working. I've added the rules to my firewall (pf), as described in the many, many, tutorials, howto's, docs, you-name-it. But nothing. I've tried to log the pf rules, but still nothing. Finally I started ftp-proxy with ftp-proxy -D 7 -d -vv. But no output, whatsoever. It seems ftp-proxy isn't receiving a single bit. And I don't know why.

Something else I'm not sure of: does ftp-proxy bind to port 21? Because I'm running vsftp on the same server.

Any help would be most welcome

SirDice · May 20, 2014

mariourk said:
Something else I'm not sure of: does ftp-proxy bind to port 21? Because I'm running vsftp on the same server.

I haven't used it much but I do believe ftp-proxy needs to bind to the external IP address. You then have vsftp running on 127.0.0.1 and PF, in combination with ftp-proxy, will forward the requests to it.

mariourk · May 20, 2014

The problem was that one of our employees needed to connect to an FTP server that supported only active FTP connections. I fixed it by forwarding a block of ports to his PC. Not really the elegant solution I was hoping for. But at least it's working.

Code:

rdr pass on $ext_if proto tcp from any to any port 50001:50100 -> 10.0.0.13

Getting ftp-proxy to work

mariourk

SirDice

Administrator

mariourk