[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ipfilter
Subject:    Re: ipf 3.3.16 ftp proxy stability?
From:       kwooding () codetalker ! com
Date:       2000-05-30 22:57:14
[Download RAW message or body]

> After trying to get fwtk's ftp proxy to work transparently (I got the
> redirect to work, but I didn't want to have to authenticate -- it
> broke non-command line based ftp) and failing.  And after trying to
> get juniper to work with OpenBSD 2.7 (kernel panics at boot after
> cleaning up the 2.4 kernel patch to work with 2.7) and failing, I'm
> left with the proxy built into ipfilter.

As for juniper, ignore the kernel cruft. The latest version (from its
CVS tree, anyway) already has ipnat transparency capability,
so you don't need a custom kernel. Just juniperd running as an
inetd-like daemon, with a config file like this:


----8<---------
smrsh@:~$ more /etc/juniperd.conf
proxy ftpd tcp
        options ipnat
        username root
        port ftp
        captured-proxy /usr/local/juniper/bin/juniper_ftp_proxy ftp-proxy
        trusted-daemon NONE
        untrusted-daemon NONE
end-proxy

-kj

[prev in list] [next in list] [prev in thread] [next in thread]