Setting ESETS for scanning of FTP communication - transparent mode

FTP scanning is performed using the esets_ftp daemon. In the [ftp] section of the ESETS configuration file, set the following parameters:

agent_enabled = yes
listen_addr = "192.168.1.10"
listen_port = 2121

In the example above, ‘listen_addr’ is the address of the local network interface named ‘if0’. Restart the ESETS daemon. Then, redirect all FTP requests to esets_ftp. If IP-filtering is being performed by the ipchains administration tool, an appropriate rule would be:

ipchains -A INPUT -p tcp -i if0 --dport 21 -j REDIRECT 2121

If IP-filtering is being performed by the iptables administration tool, the rule is:

iptables -t nat -A PREROUTING -p tcp -i if0 --dport 21 -j REDIRECT --to-ports 2121

On FreeBSD, the rule is:

ipfw add fwd 192.168.1.10,2121 tcp from any to any 21 via if0 in