Someone asked whether lukemftpd offered functionality other(s) don't ? What about proxy ? I've never been sure which ftpd to run on my gateway (with IPFW, with no NAT) to provide proxy, so internal hosts could cd /usr/ports; make fetch I've tried various ftpd's but never got the right combination of ftpd & client host environment variables (+ipfw), + some feeling of safety, as not wanting (most the time) to allow incoming ftp from internet to my gate (or beyond !), & some ftpd descriptions don't sound secure. Any reccomendations please of working combinations of ftpd's & env. vars & ipfw rules from people succesfully running make fetch on internal client hosts via proxy ftpd's on gateway, without NAT ? (Apache on gate works as http proxy already with IPFW & with no NAT). Julian -- Julian Stacey. Munich Computer Consultant, BSD Unix C Linux. http://berklix.com Ihr Rauch = mein allergischer Kopfschmerz. Dump cigs: Try snuff. _______________________________________________ freebsd-current@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to "freebsd-current-unsubscribe@freebsd.org"

> On Tue, May 15, 2007 at 04:17:55PM +0200, Dag-Erling Sm??rgrav wrote: > > "Julian H. Stacey" <jhs@tower.berklix.net> writes: > > > Someone asked whether lukemftpd offered functionality other(s) don't ? > > > What about proxy ? > > > > > > I've never been sure which ftpd to run on my gateway (with IPFW, with n= > o NAT) > > > to provide proxy, so internal hosts could cd /usr/ports; make fetch > >=20 > > You don't need a proxy. Do the following on each internal host: > >=20 > > # echo 'FTP_PASSIVE_MODE=3DYES' >>/etc/profile Thanks Dag-Erling, To make sure, I've just added FTP_PASSIVE_MODE=YES to my /etc/profile though I've long had in my csh : printenv | grep -i FTP | sort FTPSERVER=gate.jhs.private FTP_LOGIN=ftp FTP_PASSIVE_MODE=YES FTP_PASSWORD=jhs@berklix.net PACKAGEROOT=ftp://ftp ftp_proxy=ftp://gate.jhs.private:21 printenv | grep -i http | sort WWW_HOME=http://gate.jhs.private all_proxy=http://gate.jhs.private http_proxy=http://gate.jhs.private:80 But it just occured to me as long shot, that when fetch does a system() or fork() it may invoke sh not csh, so I need to check again what env vars fetch inherits (though I recall it inherited OK last I looked). > actually, if the internal hosts use RFC1918 addresses this wouldn't > suffice. He really needs either ftp proxy (and redirect all ftp traffic > to it) or NAT. Thanks Buki, Yes, that's what I'd thought too: I do need an ftpd proxy too. I still need to know which ftpd is good for proxy & how to config to it ? ( My guess is many people use NAT, which is why not so many know /reply re. ftpd proxy ? ) -- Julian Stacey. Munich Computer Consultant, BSD Unix C Linux. http://berklix.com Ihr Rauch = mein allergischer Kopfschmerz. Dump cigs: Try snuff. _______________________________________________ freebsd-current@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to "freebsd-current-unsubscribe@freebsd.org"