![[BACK]](/icons/back.gif){kind=icon}
Up to [local] / src / libexec / ftp-proxy
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.44, Thu Nov 24 17:12:50 2005 UTC (18 years, 6 months ago) by deraadt
Branch: MAIN
CVS Tags: HEAD
Changes since 1.43: +1 -1 lines
FILE REMOVED
code is not being used; toss into Attic
Revision 1.43 / (download) - annotate - [select for diffs], Fri Sep 23 14:37:57 2005 UTC (18 years, 8 months ago) by jmc
Branch: MAIN
Changes since 1.42: +3 -2 lines
Diff to previous 1.42 (colored)
avoid a nasty line split; ok deraadt@ ian@
Revision 1.42 / (download) - annotate - [select for diffs], Fri Nov 19 00:47:23 2004 UTC (19 years, 6 months ago) by jmc
Branch: MAIN
CVS Tags: OPENBSD_3_8_BASE,
OPENBSD_3_8,
OPENBSD_3_7_BASE,
OPENBSD_3_7
Changes since 1.41: +9 -7 lines
Diff to previous 1.41 (colored)
options sort and sync usage(); from wiz@netbsd
Revision 1.41 / (download) - annotate - [select for diffs], Tue Jul 6 19:49:11 2004 UTC (19 years, 11 months ago) by dhartmei
Branch: MAIN
CVS Tags: OPENBSD_3_6_BASE,
OPENBSD_3_6
Changes since 1.40: +18 -1 lines
Diff to previous 1.40 (colored)
The 'reverse ftp-proxy' mode adds a command line option -R to ftp-proxy which proxies connection from external ftp clients to an internal ftp server, supporting client passive mode (where server listens on a random port for data connections, and the client connects to the server for data connections). This is the reverse mode to normal operation, where ftp-proxy proxies connections from local clients to external servers, supporting client active mode. ok beck@, henning@
Revision 1.40 / (download) - annotate - [select for diffs], Tue Mar 16 08:50:07 2004 UTC (20 years, 3 months ago) by jmc
Branch: MAIN
CVS Tags: OPENBSD_3_5_BASE,
OPENBSD_3_5
Changes since 1.39: +2 -2 lines
Diff to previous 1.39 (colored)
typos from Andrey Matveev;
Revision 1.39 / (download) - annotate - [select for diffs], Tue Feb 24 20:39:30 2004 UTC (20 years, 3 months ago) by millert
Branch: MAIN
Changes since 1.38: +2 -2 lines
Diff to previous 1.38 (colored)
Make example "rdr pass" not just "rdr"; OK beck@
Revision 1.38 / (download) - annotate - [select for diffs], Thu Jan 22 16:10:30 2004 UTC (20 years, 4 months ago) by beck
Branch: MAIN
Changes since 1.37: +31 -10 lines
Diff to previous 1.37 (colored)
Add a -a address option to set the address which the proxy will use to bind the local end of outgoing connections, and some man page cleanup. Based on diff provided in pr 3538 by Karl O. Pinc <kop@meme.com> Closes pr 3538. ok dhartmei@
Revision 1.37 / (download) - annotate - [select for diffs], Fri Sep 5 12:27:47 2003 UTC (20 years, 9 months ago) by jmc
Branch: MAIN
CVS Tags: OPENBSD_3_4_BASE,
OPENBSD_3_4
Changes since 1.36: +70 -52 lines
Diff to previous 1.36 (colored)
macro cleanup and some typos;
Revision 1.36 / (download) - annotate - [select for diffs], Fri Sep 5 06:29:18 2003 UTC (20 years, 9 months ago) by jmc
Branch: MAIN
Changes since 1.35: +2 -2 lines
Diff to previous 1.35 (colored)
typo from naddy@;
Revision 1.35 / (download) - annotate - [select for diffs], Sat May 10 20:48:31 2003 UTC (21 years, 1 month ago) by jmc
Branch: MAIN
Changes since 1.34: +2 -2 lines
Diff to previous 1.34 (colored)
removed unnecessary punctuation from SEE ALSO;
Revision 1.34 / (download) - annotate - [select for diffs], Thu Mar 20 01:34:48 2003 UTC (21 years, 2 months ago) by david
Branch: MAIN
CVS Tags: OPENBSD_3_3_BASE,
OPENBSD_3_3
Changes since 1.33: +51 -51 lines
Diff to previous 1.33 (colored)
cmdline options in alphabetical order in usage() and manpage and make sure they are consistent ok dhartmei@ henning@
Revision 1.33 / (download) - annotate - [select for diffs], Thu Mar 6 20:19:52 2003 UTC (21 years, 3 months ago) by jmc
Branch: MAIN
Changes since 1.32: +3 -3 lines
Diff to previous 1.32 (colored)
.Xr typos; ok deraadt@
Revision 1.32 / (download) - annotate - [select for diffs], Thu Mar 6 04:07:37 2003 UTC (21 years, 3 months ago) by david
Branch: MAIN
Changes since 1.31: +2 -2 lines
Diff to previous 1.31 (colored)
date should be written formally: .Dd Month day, year ok henning@ jmc@
Revision 1.31 / (download) - annotate - [select for diffs], Wed Feb 26 15:05:07 2003 UTC (21 years, 3 months ago) by david
Branch: MAIN
Changes since 1.30: +6 -4 lines
Diff to previous 1.30 (colored)
start new sentence on a new line ok mpech@
Revision 1.30 / (download) - annotate - [select for diffs], Fri Jan 31 21:54:40 2003 UTC (21 years, 4 months ago) by jmc
Branch: MAIN
Changes since 1.29: +2 -2 lines
Diff to previous 1.29 (colored)
typos; eeprom(8): added .Ar to fields, removed references to sun3 sshd(8): help and ok markus@ help and ok millert@
Revision 1.29 / (download) - annotate - [select for diffs], Sat Dec 21 21:13:43 2002 UTC (21 years, 5 months ago) by henning
Branch: MAIN
Changes since 1.28: +4 -3 lines
Diff to previous 1.28 (colored)
better example rules from David Krause, Thanks! ok dhartmei@
Revision 1.28 / (download) - annotate - [select for diffs], Thu Dec 19 01:27:56 2002 UTC (21 years, 5 months ago) by deraadt
Branch: MAIN
Changes since 1.27: +2 -1 lines
Diff to previous 1.27 (colored)
missing .Pp
Revision 1.27 / (download) - annotate - [select for diffs], Sun Dec 1 17:05:06 2002 UTC (21 years, 6 months ago) by henning
Branch: MAIN
Changes since 1.26: +2 -2 lines
Diff to previous 1.26 (colored)
typo; David Krause
Revision 1.26 / (download) - annotate - [select for diffs], Wed Nov 27 19:43:46 2002 UTC (21 years, 6 months ago) by henning
Branch: MAIN
Changes since 1.25: +9 -6 lines
Diff to previous 1.25 (colored)
I fucked up. The manpage was correct before my last commit. noticed by Daniel. To unconfuse it a bit, add a little clarification. ok dhartmei@
Revision 1.25 / (download) - annotate - [select for diffs], Wed Nov 27 16:57:39 2002 UTC (21 years, 6 months ago) by henning
Branch: MAIN
Changes since 1.24: +20 -15 lines
Diff to previous 1.24 (colored)
corrections and clarifications from Han Boetes <han at mijncomputer dot nl> Thanks!
Revision 1.24 / (download) - annotate - [select for diffs], Fri Oct 11 20:32:10 2002 UTC (21 years, 8 months ago) by dhartmei
Branch: MAIN
Changes since 1.23: +2 -2 lines
Diff to previous 1.23 (colored)
Add 'proto tcp' to example rdr rule, it's required now. Found by grange@efnet.
Revision 1.23 / (download) - annotate - [select for diffs], Fri Oct 4 09:37:19 2002 UTC (21 years, 8 months ago) by henning
Branch: MAIN
Changes since 1.22: +3 -3 lines
Diff to previous 1.22 (colored)
use port 8021 in examples inspired by a PR from rjmooney@aboveground.cx ok deraadt@
Revision 1.22 / (download) - annotate - [select for diffs], Fri Oct 4 02:47:28 2002 UTC (21 years, 8 months ago) by deraadt
Branch: MAIN
Changes since 1.21: +10 -10 lines
Diff to previous 1.21 (colored)
improvements; rjmooney@aboveground.cx
Revision 1.21 / (download) - annotate - [select for diffs], Wed Jul 24 03:22:42 2002 UTC (21 years, 10 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_3_2_BASE,
OPENBSD_3_2
Changes since 1.20: +19 -11 lines
Diff to previous 1.20 (colored)
clean up docs a bit
Revision 1.20 / (download) - annotate - [select for diffs], Mon Jun 17 00:21:28 2002 UTC (22 years ago) by pvalchev
Branch: MAIN
Changes since 1.19: +3 -3 lines
Diff to previous 1.19 (colored)
nat.conf(5) no longer exist, reference to pf.conf(5) instead
Revision 1.19 / (download) - annotate - [select for diffs], Sun Jun 16 19:34:42 2002 UTC (22 years ago) by miod
Branch: MAIN
Changes since 1.18: +2 -3 lines
Diff to previous 1.18 (colored)
Some nat.conf(5) -> pf.conf(5) changes. Some nat.conf(5) references remain in the text, since it looks better than .Pa /etc/nat.conf and there is still a softlink.
Revision 1.18 / (download) - annotate - [select for diffs], Sat Jun 8 23:49:35 2002 UTC (22 years ago) by beck
Branch: MAIN
Changes since 1.17: +9 -1 lines
Diff to previous 1.17 (colored)
add example using per-user pf rules to allow backchannel connections to the proxy.
Revision 1.17 / (download) - annotate - [select for diffs], Thu May 23 10:22:14 2002 UTC (22 years ago) by deraadt
Branch: MAIN
Changes since 1.16: +9 -9 lines
Diff to previous 1.16 (colored)
KNF during an audit; found an improperly initialized sockaddr
Revision 1.16 / (download) - annotate - [select for diffs], Sun May 19 22:51:32 2002 UTC (22 years ago) by millert
Branch: MAIN
Changes since 1.15: +8 -7 lines
Diff to previous 1.15 (colored)
o End a sentence with a period, not a comma; Hans-Joerg Hoexer o Start all sentences on a new line (me)
Revision 1.15 / (download) - annotate - [select for diffs], Wed Mar 27 08:56:07 2002 UTC (22 years, 2 months ago) by mpech
Branch: MAIN
CVS Tags: OPENBSD_3_1_BASE,
OPENBSD_3_1
Changes since 1.14: +2 -2 lines
Diff to previous 1.14 (colored)
We need ftp-proxy only on loopback. todd@, beck@ ok
Revision 1.14 / (download) - annotate - [select for diffs], Fri Feb 1 06:19:19 2002 UTC (22 years, 4 months ago) by itojun
Branch: MAIN
Changes since 1.13: +2 -2 lines
Diff to previous 1.13 (colored)
missing period
Revision 1.13 / (download) - annotate - [select for diffs], Thu Dec 6 00:27:29 2001 UTC (22 years, 6 months ago) by deraadt
Branch: MAIN
Changes since 1.12: +8 -5 lines
Diff to previous 1.12 (colored)
use .Nm more
Revision 1.12 / (download) - annotate - [select for diffs], Thu Dec 6 00:26:32 2001 UTC (22 years, 6 months ago) by beck
Branch: MAIN
Changes since 1.11: +4 -5 lines
Diff to previous 1.11 (colored)
don't use "you" in a man page.
Revision 1.11 / (download) - annotate - [select for diffs], Thu Dec 6 00:22:45 2001 UTC (22 years, 6 months ago) by beck
Branch: MAIN
Changes since 1.10: +7 -7 lines
Diff to previous 1.10 (colored)
*** empty log message ***
Revision 1.10 / (download) - annotate - [select for diffs], Wed Dec 5 23:47:12 2001 UTC (22 years, 6 months ago) by dhartmei
Branch: MAIN
Changes since 1.9: +3 -3 lines
Diff to previous 1.9 (colored)
typo
Revision 1.9 / (download) - annotate - [select for diffs], Wed Dec 5 23:37:39 2001 UTC (22 years, 6 months ago) by dhartmei
Branch: MAIN
Changes since 1.8: +20 -1 lines
Diff to previous 1.8 (colored)
Explain that filter rules need to let pass connections to the proxy ports in, why this is so, and how it's done.
Revision 1.8 / (download) - annotate - [select for diffs], Mon Dec 3 19:40:28 2001 UTC (22 years, 6 months ago) by dhartmei
Branch: MAIN
Changes since 1.7: +1 -3 lines
Diff to previous 1.7 (colored)
Remove the last line, pf does support IPv6 now. From Dries Schellekens. Closes PR 2221.
Revision 1.7 / (download) - annotate - [select for diffs], Wed Sep 5 20:40:10 2001 UTC (22 years, 9 months ago) by beck
Branch: MAIN
CVS Tags: OPENBSD_3_0_BASE,
OPENBSD_3_0
Changes since 1.6: +7 -6 lines
Diff to previous 1.6 (colored)
-Make ftp-proxy drop privs to user "proxy" by default. *WARNING* this means that it will die when it can't find user proxy if you are not running with a passwd database generated from current - Speling cleanup and missing va_end() noticed by <d.doroshenko@omnitel.net> - fix logging of getpwnam|getgrnam failures.
Revision 1.6 / (download) - annotate - [select for diffs], Wed Aug 22 17:22:00 2001 UTC (22 years, 9 months ago) by beck
Branch: MAIN
Changes since 1.5: +3 -3 lines
Diff to previous 1.5 (colored)
oops
Revision 1.5 / (download) - annotate - [select for diffs], Wed Aug 22 15:17:28 2001 UTC (22 years, 9 months ago) by beck
Branch: MAIN
Changes since 1.4: +42 -30 lines
Diff to previous 1.4 (colored)
Fixes for my worst abuses of nroff from mpech@ Add a sentence at the start for espie in dumb user mode :)
Revision 1.4 / (download) - annotate - [select for diffs], Wed Aug 22 05:41:03 2001 UTC (22 years, 9 months ago) by beck
Branch: MAIN
Changes since 1.3: +10 -8 lines
Diff to previous 1.3 (colored)
Duh.
Revision 1.3 / (download) - annotate - [select for diffs], Wed Aug 22 05:28:15 2001 UTC (22 years, 9 months ago) by beck
Branch: MAIN
Changes since 1.2: +21 -1 lines
Diff to previous 1.2 (colored)
-Functionify some of the main loop, so it isn't so horrificly deep and is a bit easier to look at, for small values of easier. -Add two options for -u user and -g group to optionally make the proxy drop privs after doing it's pf ioctl's to find out where to go. Running as non root does mean that the PORT and EPRT backchannels do not come from port 20, but this isn't a problem for most sensible ftp clients and sets of packet filter rules that aren't written by a knuckle dragging ape living in the 90's. I would make it drop privs by default, but technically this breaks the ftp specs, and for the upcoming stuff to deal with EPRT, we will need root privs to manipulate rdr rules).
Revision 1.2 / (download) - annotate - [select for diffs], Sun Aug 19 13:43:09 2001 UTC (22 years, 9 months ago) by deraadt
Branch: MAIN
Changes since 1.1: +22 -23 lines
Diff to previous 1.1 (colored)
1564 lines of cleanup
Revision 1.1 / (download) - annotate - [select for diffs], Sun Aug 19 04:11:11 2001 UTC (22 years, 9 months ago) by beck
Branch: MAIN
transparent ftp proxy, based on Obtuse Systems juniper stuff with much modernizing and cleanup. still needs looking at. Currently supports PORT PASV EPRT data connections with only a pf rdr to capture the control connection. (I.E. you don't need ip forwarding or other NAT stuff). Runs from inetd. Supports all passive (EPSV PASV) when using -n flag, where the proxy ignores passive mode data connections (and assumes nat will get them through). Todo yet: More audit IpV6 Handle EPSV in proxy (with an rdr added then removed) Option to Daemonize and bind only to the loopback More Content/Login filtering, etc. etc. and more bloat