From 3b31fc2963f74cf950217ad4ec92d4e2f043defe Mon Sep 17 00:00:00 2001
From: ian <>
Date: Mon, 24 Mar 2003 01:47:28 +0000
Subject: [PATCH] Add comments, mostly borrowed from ftp-proxy(8), showing how
 to set up up. Improved & OK'd by dhartmei@, david@, millert@.

---
 src/etc/inetd.conf | 3 ++-
 src/etc/pf.conf    | 9 ++++++++-
 2 files changed, 10 insertions(+), 2 deletions(-)

diff --git a/src/etc/inetd.conf b/src/etc/inetd.conf
index 7f85b18f..8c27ea05 100644
--- a/src/etc/inetd.conf
+++ b/src/etc/inetd.conf
@@ -1,4 +1,4 @@
-#	$OpenBSD: inetd.conf,v 1.50 2002/08/02 23:27:33 deraadt Exp $
+#	$OpenBSD: inetd.conf,v 1.51 2003/03/24 01:47:28 ian Exp $
 #
 # Internet server configuration database
 #
@@ -6,6 +6,7 @@
 #
 #ftp		stream	tcp	nowait	root	/usr/libexec/ftpd	ftpd -US
 #ftp		stream	tcp6	nowait	root	/usr/libexec/ftpd	ftpd -US
+#127.0.0.1:8021 stream tcp	nowait	root	/usr/libexec/ftp-proxy ftp-proxy
 #telnet		stream	tcp	nowait	root	/usr/libexec/telnetd	telnetd -k
 #telnet		stream	tcp6	nowait	root	/usr/libexec/telnetd	telnetd -k
 #shell		stream	tcp	nowait	root	/usr/libexec/rshd	rshd -L
diff --git a/src/etc/pf.conf b/src/etc/pf.conf
index 598de21e..58923c97 100644
--- a/src/etc/pf.conf
+++ b/src/etc/pf.conf
@@ -1,4 +1,4 @@
-#	$OpenBSD: pf.conf,v 1.18 2003/03/11 10:11:59 david Exp $
+#	$OpenBSD: pf.conf,v 1.19 2003/03/24 01:47:28 ian Exp $
 #
 # See pf.conf(5) and /usr/share/pf for syntax and examples.
 # Required order: options, normalization, queueing, translation, filtering.
@@ -7,6 +7,7 @@
 
 # Macros: define common values, so they can be referenced and changed easily.
 #ext_if="ext0"	# replace with actual external interface name i.e., dc0
+#int_if="int0"	# replace with actual internal interface name i.e., dc1
 #internal_net="10.1.1.1/8"
 #external_addr="192.168.1.1"
 
@@ -46,6 +47,9 @@
 # outgoing packets will be translated as coming from the external address.
 #rdr on $ext_if proto tcp from any to $external_addr/32 port 1234 -> 10.1.1.1 port 5678
 
+# rdr outgoing FTP requests to the ftp-proxy
+#rdr on $int_if proto tcp from any to any port ftp -> 127.0.0.1 port 8021
+
 # spamd-setup puts addresses to be redirected into table <spamd>.
 #table <spamd> persist
 #no rdr on { lo0, lo1 } from any to any
@@ -64,6 +68,9 @@
 # pass incoming packets destined to the addresses given in table <foo>.
 #pass in on $ext_if proto { tcp, udp } from any to <foo> port 80 keep state
 
+# pass incoming ports for ftp-proxy
+#pass in on $ext_if inet proto tcp from any to $ext_if user proxy keep state
+
 # assign packets to a queue.
 #pass out on $ext_if from 192.168.0.0/24 to any keep state queue developers
 #pass out on $ext_if from 192.168.1.0/24 to any keep state queue marketing