From 79a32636ddf8860d68220c2859f975af06f25b0b Mon Sep 17 00:00:00 2001 From: sturm Date: Sat, 30 Jul 2005 15:45:30 +0000 Subject: [PATCH] Initial import of ftpsesame 0.95 ftpsesame helps the FTP protocol get through your pf firewall. It does this by passively analysing FTP control connections and adding rules into a pf anchor when an FTP data connection is about to commence. You might want to try ftpsesame instead of ftp-proxy(8) from the OpenBSD base system for the following reasons: - it runs on "transparent" (no IP address) bridges - you need packetfilter performance on all data connections - you have to handle lots of simultaneous sessions - you do not want to redirect any traffic to the firewall itself: for IP accounting or other reasons --- net/ftpsesame/Makefile | 27 +++++++++++++++++++++++++++ net/ftpsesame/distinfo | 4 ++++ net/ftpsesame/pkg/DESCR | 17 +++++++++++++++++ net/ftpsesame/pkg/PLIST | 3 +++ 4 files changed, 51 insertions(+) create mode 100644 net/ftpsesame/Makefile create mode 100644 net/ftpsesame/distinfo create mode 100644 net/ftpsesame/pkg/DESCR create mode 100644 net/ftpsesame/pkg/PLIST diff --git a/net/ftpsesame/Makefile b/net/ftpsesame/Makefile new file mode 100644 index 00000000000..3a4c4338dc0 --- /dev/null +++ b/net/ftpsesame/Makefile @@ -0,0 +1,27 @@ +# $OpenBSD: Makefile,v 1.1.1.1 2005/07/30 15:45:30 sturm Exp $ + +COMMENT= "automagic packet filter configurator for FTP" + +DISTNAME= ftpsesame-0.95 +CATEGORIES= net + +HOMEPAGE= http://www.sentia.org/projects/ftpsesame/ + +MAINTAINER= Nikolay Sturm + +# BSD +PERMIT_PACKAGE_CDROM= Yes +PERMIT_PACKAGE_FTP= Yes +PERMIT_DISTFILES_CDROM= Yes +PERMIT_DISTFILES_FTP= Yes + +WANTLIB= c pcap + +MASTER_SITES= http://www.sentia.org/downloads/ + +do-install: + ${INSTALL_PROGRAM} ${WRKBUILD}/ftpsesame ${PREFIX}/sbin + ${INSTALL_DATA} ${WRKBUILD}/ftpsesame.cat8 \ + ${PREFIX}/man/cat8/ftpsesame.0 + +.include diff --git a/net/ftpsesame/distinfo b/net/ftpsesame/distinfo new file mode 100644 index 00000000000..6786251c0c2 --- /dev/null +++ b/net/ftpsesame/distinfo @@ -0,0 +1,4 @@ +MD5 (ftpsesame-0.95.tar.gz) = df9f143f6615daf67369e3e3c444f62e +RMD160 (ftpsesame-0.95.tar.gz) = d350f94da0080731523b72d346603240a6dfb73a +SHA1 (ftpsesame-0.95.tar.gz) = c8fbf8309c6a567a5d4837902e4219e1b266bc04 +SIZE (ftpsesame-0.95.tar.gz) = 10974 diff --git a/net/ftpsesame/pkg/DESCR b/net/ftpsesame/pkg/DESCR new file mode 100644 index 00000000000..d21d0ec8556 --- /dev/null +++ b/net/ftpsesame/pkg/DESCR @@ -0,0 +1,17 @@ +ftpsesame helps the FTP protocol get through your pf firewall. It does +this by passively analysing FTP control connections and adding rules +into a pf anchor when an FTP data connection is about to commence. + +You might want to try ftpsesame instead of ftp-proxy(8) from the OpenBSD +base system for the following reasons: +- it runs on "transparent" (no IP address) bridges +- you need packetfilter performance on all data connections +- you have to handle lots of simultaneous sessions +- you do not want to redirect any traffic to the firewall itself: for IP + accounting or other reasons + +In general, ftpsesame is a good choice to run on a firewall in front of +multiple FTP servers, where no NAT is involved. ftp-proxy(8) is usually +the best choice when users behind NAT need to access FTP servers on the +Internet. In other situations it depends, sometimes they are useful +together. diff --git a/net/ftpsesame/pkg/PLIST b/net/ftpsesame/pkg/PLIST new file mode 100644 index 00000000000..33068b2e2af --- /dev/null +++ b/net/ftpsesame/pkg/PLIST @@ -0,0 +1,3 @@ +@comment $OpenBSD: PLIST,v 1.1.1.1 2005/07/30 15:45:30 sturm Exp $ +sbin/ftpsesame +@man man/cat8/ftpsesame.0