summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorScott Ullrich <sullrich@pfsense.org>2007-11-21 23:04:00 +0000
committerScott Ullrich <sullrich@pfsense.org>2007-11-21 23:04:00 +0000
commit68bf32daaf62dc1a09588d5c5fb98f78d507a04f (patch)
treebe7db0c8d22f8644e562214331af0c4691c2a38e
parente786fa1ead5e9c9795c246099199bd6c04991875 (diff)
downloadpfsense-68bf32daaf62dc1a09588d5c5fb98f78d507a04f.zip
pfsense-68bf32daaf62dc1a09588d5c5fb98f78d507a04f.tar.gz
Convert anchors and such over to ftp-proxy.
-rw-r--r--etc/inc/config.inc6
-rw-r--r--etc/inc/filter.inc18
2 files changed, 12 insertions, 12 deletions
diff --git a/etc/inc/config.inc b/etc/inc/config.inc
index 95d2a84..a5dfe8c 100644
--- a/etc/inc/config.inc
+++ b/etc/inc/config.inc
@@ -1717,7 +1717,7 @@ function system_start_ftp_helpers() {
for ($i = 1; isset($config['interfaces']['opt' . $i]); $i++)
$iflist['opt' . $i] = "opt{$i}";
- /* loop through all interfaces and handle pftpx */
+ /* loop through all interfaces and handle ftp-proxy */
$interface_counter = 0;
if(isset($config['shaper']['enable'])) {
if(isset($config['ezshaper']['step5']['p2pcatchall'])) {
@@ -1730,7 +1730,7 @@ function system_start_ftp_helpers() {
$shaper_queue = "";
}
foreach ($iflist as $ifent => $ifname) {
- /* if the ftp proxy is disabled for this interface then kill pftpx
+ /* if the ftp proxy is disabled for this interface then kill ftp-proxy
* instance and continue. note that the helpers for port forwards are
* launched in a different sequence so we are filtering them out
* here by not including -c {$port} -g 8021 first.
@@ -1742,7 +1742,7 @@ function system_start_ftp_helpers() {
$port = 8021 + $interface_counter;
if(isset($config['interfaces'][$ifname]['disableftpproxy'])) {
/* item is disabled. lets ++ the interface counter and
- * keep processing interfaces. kill pftpx if already
+ * keep processing interfaces. kill ftp-proxy if already
* running for this instance.
*/
$helpers = exec("/bin/ps awux | grep \"/usr/local/sbin/ftp-proxy {$shaper_queue} -p {$port}\" | grep -v grep | sed \"s/ */ /g\" | cut -f2 -d\" \"");
diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc
index 83dda01..4ad1956 100644
--- a/etc/inc/filter.inc
+++ b/etc/inc/filter.inc
@@ -619,13 +619,13 @@ function filter_nat_rules_generate() {
$lansa = gen_subnet($lancfg['ipaddr'], $lancfg['subnet']);
- $natrules .= "nat-anchor \"pftpx/*\"\n";
+ $natrules .= "nat-anchor \"ftp-proxy/*\"\n";
$natrules .= "nat-anchor \"natearly/*\"\n";
$natrules .= "nat-anchor \"natrules/*\"\n";
$natrules .= "# FTP proxy\n";
- $natrules .= "rdr-anchor \"pftpx/*\"\n";
+ $natrules .= "rdr-anchor \"ftp-proxy/*\"\n";
$natrules .= "rdr-anchor \"tftp-proxy/*\"\n";
update_filter_reload_status("Creating 1:1 rules...");
@@ -932,7 +932,7 @@ function filter_nat_rules_generate() {
$iflist['opt' . $i] = "opt{$i}";
$interface_counter = 0;
$vpns_list = get_vpns_list();
- /* prevent 1:1 ips from pftpx, they will be handled by ftp-sesame */
+ /* prevent 1:1 ips from ftp-proxy, they will be handled by ftp-sesame */
if($config['nat']['onetoone'])
foreach ($config['nat']['onetoone'] as $vipent)
$onetoone_list .= "{$vipent['internal']} ";
@@ -940,7 +940,7 @@ function filter_nat_rules_generate() {
$natrules .= "table <onetoonelist> { $onetoone_list }\n";
if($vpns_list)
$natrules .= "table <vpns> { $vpns_list }\n";
- /* loop through all interfaces and handle pftpx redirections */
+ /* loop through all interfaces and handle ftp-proxy redirections */
foreach ($iflist as $ifent => $ifname) {
$ifname_lower = convert_friendly_interface_to_friendly_descr(strtolower($ifname));
$realif = convert_friendly_interface_to_real_interface_name(strtolower($ifname));
@@ -986,7 +986,7 @@ function filter_nat_rules_generate() {
$ifname_lower = strtolower(convert_friendly_interface_to_friendly_descr($ifname));
$vpns = get_vpns_list();
/* if the user has defined, include the alias so that we do not redirect ftp
- connections across the tunnels to pftpx */
+ connections across the tunnels to ftp-proxy */
$int_ip = find_interface_ip($tmp_interface);
/* if interface lacks an ip, dont setup a rdr for ftp. they are most likely on a bridged interface */
if($int_ip and $vpns_list)
@@ -1106,9 +1106,9 @@ function filter_nat_rules_generate() {
if(!$helpers) {
if($external_address == "")
$external_address = find_interface_ip(get_real_wan_interface());
- /* install a pftpx helper, do not set a rule. also use the delay filter configure run
+ /* install a ftp-proxy helper, do not set a rule. also use the delay filter configure run
* routines because if this is the first bootup the filter is not completely configured
- * and thus pf is not fully running. otherwise we end up with: pftpx: pf is disabled
+ * and thus pf is not fully running. otherwise we end up with: ftp-proxy: pf is disabled
*/
if(isset($config['shaper']['enable'])) {
if(isset($config['ezshaper']['step5']['p2pcatchall'])) {
@@ -2769,11 +2769,11 @@ EOD;
$ipfrules .= "block in log proto tcp from <sshlockout> to any port 22 label \"sshlockout\"\n\n";
$ipfrules .= "anchor \"ftpproxy\"\n";
- $ipfrules .= "anchor \"pftpx/*\"\n";
+ $ipfrules .= "anchor \"ftp-proxy/*\"\n";
$ipfrules .= process_carp_rules();
- $ipfrules .= "\n\n# PFTPX specific\n";
+ $ipfrules .= "\n\n# ftp-proxy specific\n";
foreach($used_pftpx_ports as $pftpx)
$ipfrules .= "pass in quick on {$pftpx['interface']} inet proto tcp from any to 127.0.0.1 port {$pftpx['port']} keep state label \"FTP PROXY: Allow traffic to localhost\"\n";
OpenPOWER on IntegriCloud