Em 23-10-2015 12:58, Motty escreveu:
> ### RULES FOR FTP
> anchor "ftp-proxy/*"
> pass in quick proto tcp to port ftp rdr-to 127.0.0.1 port 8021
> pass in quick on $ext proto tcp from any to 10.1.10.8 port ftp rdr-to
> $web_server port ftp
I believe you need a nat instead of rdr. From ftp-proxy(8) man page:
In case of passive mode (PASV or EPSV):
pass in from $client to $orig_server port $proxy_port \
rdr-to $server port $port
pass out from $client to $server port $port nat-to $proxy
p.s.: Please let FTP run its course and die! I beg you. Every time an
admin starts a ftp server, a puppy dies. Consider using SSH. Or, if you
must, DAV.
Cheers,
Giancarlo Razzolini
