Re: Re: [proxy-suite] USER-WRN bad 'USER@' dest
Marius Tomaschewski
On Wed, Nov 20, 2002 at 02:31:21PM +0100, Frank Sackewitz wrote:
Hi,
Hi!
I made the changes on the startscript as described below but the same behavoir.
sordns:~ # ps -e |grep ftp 673 ? 00:00:00 ftp-proxy
sordns:~ # less /proc/673/maps |grep /lib/libnsl -B2 -A2 4016c000-40175000 r-xp 00000000 08:02 21824 /usr/lib/liblber.so.2.0.15 40175000-40176000 rw-p 00008000 08:02 21824 /usr/lib/liblber.so.2.0.15 40176000-40188000 r-xp 00000000 08:02 9446 /lib/libnsl.so.1 40188000-4018a000 rw-p 00011000 08:02 9446 /lib/libnsl.so.1 4018a000-4018d000 rw-p 00000000 00:00 0 4018d000-4019a000 r-xp 00000000 08:02 9456 /lib/libresolv.so.2
The Library is there and is used.
Hmm... the proxy is not able to resolv hostnames... something is missed in the chroot. Perhaps some NSS specials you use?
Make sure, the proxy works propelly without a chroot first.
$ host ftp.de.openbsd.org ftp.de.openbsd.org is a nickname for ftp.fu-berlin.de ftp.fu-berlin.de has address 130.133.1.100 ftp.fu-berlin.de mail is handled (pri=10) by ftp.fu-berlin.de ftp.fu-berlin.de mail is handled (pri=20) by mail.fu-berlin.de
Try out if ftp@130.133.1.100" in USER works (MagicUser mode).
It works (in parts): # ftp 192.168.127.225 Connected to 192.168.127.225. 220 sordns FTP server (Version 1.8.1 - 2002/01/29 00:30:00) ready. Name (192.168.127.225:anton): anonymous@ftp.de.openbsd.org 501 Invalid destination in user name. Login failed. ftp> user ftp@130.133.1.100 331 Anonymous login ok, send anything as password. Password: 230- Welcome at Freie Universität Berlin, Germany. Willkommen auf dem FTP-Server der Freien Universität Berlin. Ein Service der Zentraleinrichtung für Datenverarbeitung (ZEDAT). 230 Anonymous login ok. ftp> quit 221 Goodbye. ftp-child [1348] <11/20-16:29:27> USER-INF connect from 192.168.1.11 ftp-child [1348] <11/20-16:29:33> USER-WRN bad 'USER@' dest 'ftp.de.openbsd.org:(nil)' from 192.168.1.11 ftp-child [1348] <11/20-16:30:03> USER-INF 'USER ftp' dest 130.133.1.100:21 from 192.168.1.11 ftp-child [1348] <11/20-16:30:03> USER-INF reading data for 'ftp' from cfg-file ftp-child [1348] <11/20-16:30:03> TECH-DBG from Server-PI (3): '220 FTP.FU-Berlin.DE ready, please login as user "ftp".' ftp-child [1348] <11/20-16:30:03> TECH-DBG from Server-PI (3): '331 Anonymous login ok, send anything as password.' ftp-child [1348] <11/20-16:30:05> USER-INF 'PASS XXXX' from 192.168.1.11 ftp-child [1348] <11/20-16:30:05> TECH-DBG from Server-PI (3): '230-' ftp-child [1348] <11/20-16:30:05> TECH-DBG from Server-PI (3): ' Welcome at Freie Universität Berlin, Germany.' ftp-child [1348] <11/20-16:30:05> TECH-DBG from Server-PI (3): ' Willkommen auf dem FTP-Server der Freien Universität Berlin.' ftp-child [1348] <11/20-16:30:05> TECH-DBG from Server-PI (3): ' Ein Service der Zentraleinrichtung für Datenverarbeitung (ZEDAT).' ftp-child [1348] <11/20-16:30:05> TECH-DBG from Server-PI (3): ' ' ftp-child [1348] <11/20-16:30:05> TECH-DBG from Server-PI (3): '230 Anonymous login ok.' ftp-child [1348] <11/20-16:30:07> USER-INF 'QUIT' from 192.168.1.11 ftp-child [1348] <11/20-16:30:07> USER-INF closing connect from 192.168.1.11 after 40 secs - read 0/0, sent 0/0 byte/sec On a console on sordns they can resolve the name ftp.de.openbsd.org. -- Bye Frank Sackewitz EDM HASCO-GERMANY
On Wed, Nov 20, 2002 at 04:03:12PM +0100, Frank Sackewitz wrote:
It works (in parts):
# ftp 192.168.127.225 Connected to 192.168.127.225. 220 sordns FTP server (Version 1.8.1 - 2002/01/29 00:30:00) ready. Name (192.168.127.225:anton): anonymous@ftp.de.openbsd.org 501 Invalid destination in user name. Login failed. ftp> user ftp@130.133.1.100 331 Anonymous login ok, send anything as password. Password: 230- Welcome at Freie Universität Berlin, Germany. Willkommen auf dem FTP-Server der Freien Universität Berlin. Ein Service der Zentraleinrichtung für Datenverarbeitung (ZEDAT).
230 Anonymous login ok. ftp> quit 221 Goodbye.
OK. As I said, the proxy is not able to resolv hostnames
in your chroot, because the some files are missed there.
Are you using DNS for resolving? Do you have something
like this in these files (needed in chroot dir as well! ):
/etc/nsswitch.conf
hosts: files dns
networks: files dns
/etc/resolv.conf
domain your-domain.top
search your-domain.top
nameserver 192.168.x.y
/etc/host.conf
order hosts, bind
multi on
Kind regards,
Marius Tomaschewski
participants (2)
-
Frank Sackewitz
-
Marius Tomaschewski