Hello.
I can't execute the dir command on external ftp servers from my nat clients. It stays and does nothing. My system: FreeBSD 8.2, GENERIC kernel. Tried it with custom kernel too. On FreeBSD 7.2 these pf rules work fine. In 8.2 they sometimes work, but just at first time after restart of pf i.e. I can dir just one time.
My pf.conf:
I tried just with:
And with included statements in rules for pf.
And much more.
But it works on FreeBSD 7.2. It does not work on 8.2.
Where am I wrong?
I can't execute the dir command on external ftp servers from my nat clients. It stays and does nothing. My system: FreeBSD 8.2, GENERIC kernel. Tried it with custom kernel too. On FreeBSD 7.2 these pf rules work fine. In 8.2 they sometimes work, but just at first time after restart of pf i.e. I can dir just one time.
My pf.conf:
Code:
ext_if = "bge0"
int_if = "bge1"
ext_addr = "x.y.w.z"
nat_network = "10.0.0.0/24"
table <trusted_hosts> const persist { $host1, $host2 }
set skip on lo0
scrub in all
nat pass on $ext_if from $nat_network to any -> ($ext_if)
block log all
pass from $nat_network to any
pass out on $ext_if from $ext_if to any
pass on $ext_if proto icmp from any to $ext_addr icmp-type echoreq
pass quick from <trusted_hosts> to any
block proto tcp from any to any port ssh
pass in on $int_if all
pass out on $int_if allI tried just with:
Code:
nat pass on $ext_if from $nat_network to any -> ($ext_if)
pass in all
pass out allAnd with included statements in rules for pf.
Code:
pass proto tcp from any to any port 21 keep stateBut it works on FreeBSD 7.2. It does not work on 8.2.
Where am I wrong?
