Re: pf請教
現在改成下面這樣了,但是192.168.1.0/24 這個網段ftp會通,192.168.2.0/24的ftp不通
192.168.1.0/24 網段的主機是win98
192.168.2.0/24 網段的主機是winxp
ftp的錯誤訊息是
200 PORT command successful.
LIST
! Receive error: Blocking call cancelled
! DoDirList failed 0
註:inetd.conf的ftp-proxy已經開了.
---/etc/pf.conf--------------
ext_if = "em0"
int1_if = "em1"
int2_if = "em2"
int_if = "{em1,em2}"
int1_addr ="192.168.1.0/24"
int2_addr ="192.168.2.0/24"
# options
set block-policy return
set loginterface $ext_if
# scrub
scrub in all
nat_pass = "{192.168.1.0/24, 192.168.2.0/24}"
# nat/rdr
nat on $ext_if from $nat_pass to any -> ($ext_if)
rdr on $int_if proto tcp from any to any port 21 -> 127.0.0.1 port 8021
# filter rules
pass in all
pass out all
--
Ξ Origin: 中興大學天樞資訊網 <bbs.nchu.edu.tw>
Ξ From : mail2.tses.tcc.edu.tw
討論串 (同標題文章)
FreeBSD 近期熱門文章
PTT數位生活區 即時熱門文章
