# Getting ftp-proxy to work



## mariourk (May 20, 2014)

I can't set[]up any outgoing passive FTP connections. From what I've read, I need ftp-proxy for this. But no matter what I try, I can't get it working. I've added the rules to my firewall (pf), as described in the many, many, tutorials, howto's, docs, you-name-it. But nothing. I've tried to log the pf rules, but still nothing. Finally I started ftp-proxy with `ftp-proxy -D 7 -d -vv`. But no output, whatsoever. It seems ftp-proxy isn't receiving a single bit. And I don't know why.

Something else I'm not sure of: does ftp-proxy bind to port 21? Because I'm running vsftp on the same server.

Any help would be most welcome


----------



## SirDice (May 20, 2014)

mariourk said:
			
		

> Something else I'm not sure of: does ftp-proxy bind to port 21? Because I'm running vsftp on the same server.


I haven't used it much but I do believe ftp-proxy needs to bind to the _external_ IP address. You then have vsftp running on 127.0.0.1 and PF, in combination with ftp-proxy, will forward the requests to it.


----------



## mariourk (May 20, 2014)

The problem was that one of our employees needed to connect to an FTP server that supported only active FTP connections. I fixed it by forwarding a block of ports to his PC. Not really the elegant solution I was hoping for. But at least it's working.


```
rdr pass on $ext_if proto tcp from any to any port 50001:50100 -> 10.0.0.13
```


----------

