Re: Forward ftp request another server

From: Seth Arnold (
Date: 07/15/02

Date: Sun, 14 Jul 2002 19:23:20 -0700
From: Seth Arnold <>
To: SpaceWalker <>

On Sun, Jul 14, 2002 at 03:33:27PM +0200, SpaceWalker wrote:
> I'm using ipnat from ipfilter on my solaris box, with these rules :
> map ppp0 ->
> map ppp0 -> proxy port ftp ftp/tcp
> but the ftp proxy doesn't work as expected. Only passive sessions are
> accepted, and that's quite anoying because some windows programs (like
> norton AV) doesn't let you the choice of using PASV mode. Comments
> are welcome.

SpaceWalker, when I used ipfilter on my OpenBSD machine (quite some time
ago, so things may have changed :) I discovered that the proxy port ftp
ftp/tcp line must be _before_ the general NAT line. Reverse the order of
the two lines, reload, and try again. :)


Relevant Pages

  • ipfilter ipf.conf on solaris 10 problems
    ... I am having problems moving from SunScreen 3.2 from Solaris 9 to ipfilter as ... pass in quick on dmfe0 proto icmp from any to icmp-type 11 ...
  • Re: Solaris 10 - ARG!
    ... solaris 10's SVC. ... shows no ipfilter, yet another command to start the pfil server... ... restart pfil, no errors. ...
  • Re: Wrt54G is a FW appliance?
    ... >> You've been told more than once already that Sun ship and support IPFilter ... >> You could try claiming that Sun and Solaris are somehow 'unproven'...... ... Sun ships IPFilter *on* Solaris as *standard*. ...
  • Re: Filtering out P2P traffic
    ... You may be interesed in Snort and Snortsam ... In an educational institution I use Solaris 10 on the gateway between ... Is possible to block P2P traffic with the IPFilter included in Solaris ...
  • Solaris 10 - ARG!
    ... I've admin'ed solaris for a little while - I'm trying hard not flame ... along with ipnat (ipfilter). ... not working for a while a co-worker says to use routeadm. ... svcadm restart pfil, no errors. ...