- 论坛徽章:
- 0
|
OB4.3下使用PF做透明桥接,但ftp一直无法使用,请帮忙看看,谢谢
rc.conf 内已经开了ftpproxy=""
# cat /etc/pf.conf
ext_if = "fxp0"
int_if = "fxp1"
loop = "{lo0, 127.0.0.1}"
set optimization aggressive
set block-policy drop #Or return
set state-policy if-bound #default floating
set loginterface $ext_if
scrub in all #May impact Game link
scrub in on $ext_if all fragment reassemble
scrub on $ext_if all reassemble tcp
rdr-anchor "ftp-proxy/*"
rdr pass on $int_if proto tcp from any to any port 21 -> 127.0.0.1 port 8021
rdr log on $int_if proto tcp from any to any port 21 -> 127.0.0.1 port 8021
anchor "ftp-proxy/*"
pass quick on $loop all
pass in quick all
pass out quick all
# cat /etc/inetd.conf
# $OpenBSD: inetd.conf,v 1.59 2005/11/16 09:20:22 camield Exp $
#
# Internet server configuration database
#
# define *both* IPv4 and IPv6 entries for dual-stack support.
#
127.0.0.1:8021 stream tcp nowait root /usr/libexec/ftp-proxy ftp-proxy
#ftp stream tcp nowait root /usr/libexec/ftpd ftpd -US
#ftp stream tcp6 nowait root /usr/libexec/ftpd ftpd -US
#shell stream tcp nowait root /usr/libexec/rshd rshd -L
#shell stream tcp6 nowait root /usr/libexec/rshd rshd -L
#uucpd stream tcp nowait root /usr/libexec/uucpd uucpd
#uucpd stream tcp6 nowait root /usr/libexec/uucpd uucpd
#finger stream tcp nowait _fingerd /usr/libexec/fingerd fingerd -lsm
#finger stream tcp6 nowait _fingerd /usr/libexec/fingerd fingerd -lsm
ident stream tcp nowait _identd /usr/libexec/identd identd -el
ident stream tcp6 nowait _identd /usr/libexec/identd identd -el
#tftp dgram udp wait root /usr/libexec/tftpd tftpd -s /tftpboot
#tftp dgram udp6 wait root /usr/libexec/tftpd tftpd -s /tftpboot
127.0.0.1:comsat dgram udp wait root /usr/libexec/comsat comsat
# ifconfig
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 33208
groups: lo
inet 127.0.0.1 netmask 0xff000000
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4
fxp0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
lladdr 00:d0:b7:3f:e6:24
media: Ethernet autoselect (100baseTX full-duplex)
status: active
inet 192.168.1.20 netmask 0xffffff00 broadcast 192.168.1.255
inet6 fe80::2d0:b7ff:fe3f:e624%fxp0 prefixlen 64 scopeid 0x1
fxp1: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
lladdr 00:04:ac:cb:24:99
media: Ethernet autoselect (100baseTX full-duplex)
status: active
inet6 fe80::204:acff:fecb:2499%fxp1 prefixlen 64 scopeid 0x2
enc0: flags=0<> mtu 1536
bridge0: flags=41<UP,RUNNING> mtu 1500
groups: bridge
pflog0: flags=141<UP,RUNNING,PROMISC> mtu 33208
groups: pflog
#
[ 本帖最后由 netswordswong 于 2008-8-12 09:01 编辑 ] |
|