Gateway Openbsd,

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

Gateway Openbsd,

Ahmed Majed LABABIDI
Hello,

I need some help, I am a bit lost. I have a gateway on OpenBSD for a network
of about 400 computers. I have the same type of network as in the example.

  [ COMP1 ]    [ COMP3 ]

      |            |                              

   ---+------+-----+------- me_if [ OpenBSD ] net_if -------- ( Internet )

             |

         [ COMP2 ]

 

However, since the new installation of open bsd I can't connect to an ftp
server from a computer :

That is a tcpdump when I try to open a folder of an ftp server
(webeleves.toto.fr.ftp) :

03:21:22.339949 comp1.me.toto.fr.57526 > webeleves.toto.fr.ftp: S
2170901005:2170901005(0) win 8192 <mss 1460,nop,wscale 2,nop,nop,sackOK>
(DF)

03:21:22.801066 comp1.me.toto.fr.57526 > webeleves.toto.fr.ftp: . ack
2164733286 win 16378 (DF)

 

Those lines were on my pf.conf on the 4.6 version which worked :

 

#ftp-proxy

nat-anchor "ftp-proxy/*"

rdr-anchor "ftp-proxy/*"

rdr pass on $me_if proto tcp from $me_if:network to any  port ftp ->
127.0.0.1 port 8021

 

 

When I install the 4.8 version, I changed those lines and  I put instead :

 

#ftp-proxy

anchor "ftp-proxy/*"

pass in log quick on $me_if proto tcp to !$me_if port ftp rdr-to lo0 port
8021

..then all the rules match.

 

And since this new installation, I can't open a folder in a ftp server.

Can you help me ?

Thank you

Reply | Threaded
Open this post in threaded view
|

Re: Gateway Openbsd,

matteo filippetto
2010/11/23 Ahmed Majed LABABIDI <[hidden email]>:
> Hello,
>
> I need some help, I am a bit lost. I have a gateway on OpenBSD for a
network

> of about 400 computers. I have the same type of network as in the example.
>
> B [ COMP1 ] B  B [ COMP3 ]
>
> B  B  B | B  B  B  B  B  B |
>
> B  ---+------+-----+------- me_if [ OpenBSD ] net_if -------- ( Internet )
>
> B  B  B  B  B  B  |
>
> B  B  B  B  [ COMP2 ]
>
>
>
> However, since the new installation of open bsd I can't connect to an ftp
> server from a computer :
>
> That is a tcpdump when I try to open a folder of an ftp server
> (webeleves.toto.fr.ftp) :
>
> 03:21:22.339949 comp1.me.toto.fr.57526 > webeleves.toto.fr.ftp: S
> 2170901005:2170901005(0) win 8192 <mss 1460,nop,wscale 2,nop,nop,sackOK>
> (DF)
>
> 03:21:22.801066 comp1.me.toto.fr.57526 > webeleves.toto.fr.ftp: . ack
> 2164733286 win 16378 (DF)
>
>
>
> Those lines were on my pf.conf on the 4.6 version which worked :
>
>
>
> #ftp-proxy
>
> nat-anchor "ftp-proxy/*"
>
> rdr-anchor "ftp-proxy/*"
>
> rdr pass on $me_if proto tcp from $me_if:network to any B port ftp ->
> 127.0.0.1 port 8021
>
>
>
>
>
> When I install the 4.8 version, I changed those lines and B I put instead :
>
>
>
> #ftp-proxy
>
> anchor "ftp-proxy/*"
>
> pass in log quick on $me_if proto tcp to !$me_if port ftp rdr-to lo0 port
> 8021
>
> ..then all the rules match.
>
>
>
> And since this new installation, I can't open a folder in a ftp server.
>
> Can you help me ?
>
> Thank you
>
>

Hi,

you are missing a line like this

pass out proto tcp from $proxy to port ftp

Best regards

--
Matteo Filippetto
http://op83.blogspot.com

Reply | Threaded
Open this post in threaded view
|

Re: Gateway Openbsd,

Janne Johansson-3
In reply to this post by Ahmed Majed LABABIDI
2010/11/23 Ahmed Majed LABABIDI <[hidden email]>

> Hello,
>
> I need some help, I am a bit lost. I have a gateway on OpenBSD for a
> network
> of about 400 computers. I have the same type of network as in the example.
>
> Can you help me ?
>
>
www@ is not for support, it is for web related discussions about the
www.openbsd.org web.
Please dont send mails like this here, and others - please dont continue the
discussion here
either. Others wont find your solutions on this list.

http://www.openbsd.org/mail.html has all the info needed about where to mail
different kinds of
issues and questions.

--
 To our sweethearts and wives.  May they never meet. -- 19th century toast