diff options
Diffstat (limited to 'contrib/ipfilter/rules/ftp-proxy')
-rw-r--r-- | contrib/ipfilter/rules/ftp-proxy | 45 |
1 files changed, 0 insertions, 45 deletions
diff --git a/contrib/ipfilter/rules/ftp-proxy b/contrib/ipfilter/rules/ftp-proxy deleted file mode 100644 index ad2f717..0000000 --- a/contrib/ipfilter/rules/ftp-proxy +++ /dev/null @@ -1,45 +0,0 @@ -How to setup FTP proxying using the built in proxy code. -======================================================== - -NOTE: Currently, the built-in FTP proxy is only available for use with NAT - (i.e. only if you're already using "map" rules with ipnat). It does - support null-NAT mappings, that is, using the proxy without changing - the addresses. - -Lets assume your network diagram looks something like this: - - -[host A] - |a ----+-------------+---------- - |b - [host B] - |c ----+-------------+---------- - |d -[host C] - -and IP Filter is running on host B. If you want to proxy FTP from A to C -then you would do: - -map int-c ipaddr-a/32 -> ip-addr-c-net/32 proxy port ftp ftp/tcp - -int-c = name of "interface c" -ipaddr-a = ip# of interface a -ipaddr-c-net = another ip# on the C-network (usually not the same as the -interface). - -e.g., if host A was 10.1.1.1, host B had two network interfaces ed0 and vx0 -which had IP#'s 10.1.1.2 and 203.45.67.89 respectively, and host C was -203.45.67.90, you would do: - -map vx0 10.1.1.1/32 -> 203.45.67.91/32 proxy port ftp ftp/tcp - -where: -ipaddr-a = 10.1.1.1 -int-c = vx0 -ipaddr-c-net = 203.45.67.91 - -The "map" rule for this proxy should precede any other NAT rules you are -using. - |