redirect outbound packets originating from localhost to locally assign address (-> ftp-proxy)

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

redirect outbound packets originating from localhost to locally assign address (-> ftp-proxy)

twies
Hello,

i'm new on this list, so please be patient with me.
Anyway - I did my homework (at least i think so) but i'm stuck
nevertheless. All man pages and docs i found seem to indicate that
what i want is impossible, but i hope, someone might have an idea...

I want to use ftp-proxy for outgoing client-requests. The main reason
for that is the automatic handling of pf rules that allow traffic
on the data connection without opening up the firewall to any ip/port
for outbound traffic.

I'm unsing OpenBSD 5.0. I know, the ftp-proxy is purely transparent
and is invoked by a divert-to rule. But

- divert-to is only allowed on inbound rules

- rdr-to is not supported on outbound rules, if the destination is
  a locally assigned address

So how can i get packets to port 21 that originate from the host
itself processed by the ftp-proxy.

Background: I'm using squid on this host and i want it to serve
ftp:// URLs via http. This usage doesnt seem to be unusual and
there might be a solution i didn't think of/find...

Thanks in advance
Thomas