Starting with the 1.42 version of sftpd, it incorporates functionality contributed by Landon Curt Noll, http://www.isthe.com/chongo/ : * The sftpd daemon can optionally listen for new clients on a port of specific interface / IP address. * The sftpd daemon can connect to a ftpd server on a different machine. * The myinetd can optionally listen for new clients on a port of specific interface / IP address. The mods to sftpd extend functionality of -p port and -f port to be: -p Ihost:port Listen for new clients on 'port' for the interface 'Ihost'. The 'Ihost' must be one of the hostnames or IP address of the machine on which sftpd is running. Note that the Ihost: part is optional. The ``-p port'' still works in the old way. -f Fhost:port Connect to an ftpd server on host 'Fhost' port 'port'. The 'Fhost' may be any hostname / IP address. Note that the Fhost: part is optional. The ``-f port'' still works in the old way. Also for myinetd, the port arg may be ``Ihost:port'' as well. =-= Example: Say you have a firewall with 2 IP addresses, 1 public and 1 private. Assume that the private connect is a dedicated / securite / private network segment to an ftp server. So the firewall has: 200.100.50.25 ftp.public.foo.com 10.1.0.1 gateway.firewall.foo.com And say there is an ftp server on the private network: 10.1.0.30 ftp.private.foo.com The following sftpd command will allow this to work: sftpd -p200.100.50.25:353 -f10.1.0.30:21 ... Or one can run myinetd as follows: myinetd 200.100.50.25:353 /sbin/sftpd -s -f10.1.0.30:21 ... A more complex example: Say you have a firewall with 4 IP addresses, 3 public and 1 private. Assume that the private connect is a dedicated / securite / private network segment to several ftp servers. So the firewall has: 200.100.50.25 ftp.public.foo.com 200.100.55.10 ftp.public.bar.com 200.100.65.5 ftp.public.baz.com 10.1.0.1 gateway.firewall.foo.com And say there are multiple ftp servers on the private network: 10.1.0.30 ftp.private.foo.com 10.1.0.31 ftp.private.bar.com 10.1.0.32 ftp.private.baz.com One can run several sftpd daemons to the ftp servers from the firewall: sftpd -p200.100.50.25:353 -f10.1.0.30:21 -y/etc/key1 ... sftpd -p200.100.55.10:353 -f10.1.0.31:21 -y/etc/key2 ... sftpd -p200.100.65.5:353 -f10.1.0.32:21 -y/etc/key3 ... Or one can run multiple myinetd's as follows: myinetd 200.100.50.25:353 /sbin/sftpd -f10.1.0.30:21 -y/etc/key1 ... myinetd 200.100.55.10:353 /sbin/sftpd -f10.1.0.31:21 -y/etc/key2 ... myinetd 200.100.65.5:353 /sbin/sftpd -f10.1.0.32:21 -y/etc/key3 ...