From xdivac02@stud.fit.vutbr.cz  Tue Sep  7 11:42:14 2004
Return-Path: <xdivac02@stud.fit.vutbr.cz>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 3A7ED16A54A
	for <FreeBSD-gnats-submit@freebsd.org>; Tue,  7 Sep 2004 11:42:14 +0000 (GMT)
Received: from eva.fit.vutbr.cz (eva.fit.vutbr.cz [147.229.10.14])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 6853143D54
	for <FreeBSD-gnats-submit@freebsd.org>; Tue,  7 Sep 2004 11:42:13 +0000 (GMT)
	(envelope-from xdivac02@stud.fit.vutbr.cz)
Received: from eva.fit.vutbr.cz (localhost [127.0.0.1])
	by eva.fit.vutbr.cz (8.12.11/8.12.11) with ESMTP id i87Bg9dN034716
	(version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO)
	for <FreeBSD-gnats-submit@freebsd.org>; Tue, 7 Sep 2004 13:42:09 +0200 (CEST)
Received: (from xdivac02@localhost)
	by eva.fit.vutbr.cz (8.12.11/8.12.5/Submit) id i87Bg9W3034715;
	Tue, 7 Sep 2004 13:42:09 +0200 (CEST)
Message-Id: <200409071142.i87Bg9W3034715@eva.fit.vutbr.cz>
Date: Tue, 7 Sep 2004 13:42:09 +0200 (CEST)
From: Divacky Roman <xdivac02@stud.fit.vutbr.cz>
Reply-To: Divacky Roman <xdivac02@stud.fit.vutbr.cz>
To: FreeBSD-gnats-submit@freebsd.org
Cc:
Subject: ftp-proxy doesnt start
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         71458
>Category:       bin
>Synopsis:       ftp-proxy doesnt start
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Tue Sep 07 11:50:22 GMT 2004
>Closed-Date:    Tue Sep 07 20:07:44 GMT 2004
>Last-Modified:  Tue Sep 07 20:07:44 GMT 2004
>Originator:     Divacky Roman
>Release:        FreeBSD 5.3-BETA3 i386
>Organization:
home
>Environment:
FreeBSD queeg500 5.3-BETA3 FreeBSD 5.3-BETA3 #5: Tue Sep  7 13:01:38 CEST 2004
   rdivacky@queeg500:/usr/obj/usr/src/sys/QUEEG  i386
   

	
>Description:
When I try to use ftp-proxy with pf I am getting this error:
        Sep  7 13:28:50 queeg500 ftp-proxy[845]: getsockname() failed (Socket
	operation on non-socket)
so somethine is screwed up.
I've just put this:
rdr on $int_if proto tcp from any to any port 21 -> 127.0.0.1 port 8021
into my pf.conf
and this:
ftp-proxy       stream  tcp     nowait  root    /usr/libexec/ftp-proxy ftp-proxy
 -D3
into my inetd.conf

my whole pf.conf looks like
ext_if="vr0"
int_if="xl0"

#normalize packets
scrub in all

altq on $ext_if bandwidth 256Kb cbq queue {ssh_i web other} 
queue ssh_i bandwidth 25% cbq(borrow ecn)
queue web bandwidth 25% cbq(borrow ecn)
queue other bandwidth 50% cbq(borrow default ecn)

#ftp redirection
rdr on $int_if proto tcp from any to any port 21 -> 127.0.0.1 port 8021
#nat
nat on $ext_if from $int_if:network to any -> ($ext_if)

#rules
#default to block all
block in on $ext_if all
#pass all out while keeping state. and queue it
pass out on $ext_if from any to any keep state queue other
#queuing
pass on $ext_if proto tcp from any to any port ssh keep state queue(ssh_i, other)
pass out on $ext_if proto tcp from any to any port http keep state queue web
#ftp proxy
pass in on $ext_if inet proto tcp from any to $ext_if user proxy keep state queue other
#allow icmp
pass in on $ext_if inet proto icmp from any to any
 
if it helps...
	
>How-To-Repeat:
	Set it as I did and it could do the same...
	
>Fix:

I am not aware of any fix...
	


>Release-Note:
>Audit-Trail:
State-Changed-From-To: open->closed 
State-Changed-By: linimon 
State-Changed-When: Tue Sep 7 20:07:08 GMT 2004 
State-Changed-Why:  
Closed at maintainer's request. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=71458 
>Unformatted:
