I intend to run ftp-proxy on the 'director' of an LVS cluster. The ftp server will run on one of the real servers in the cluster. I use ipchains for firewalling the director against the Internet. Only a very limited set of rules is curently active, to allow ssh access to the 'director' and for the load balanced http services, plus DNS and NTP lookups and such stuff. Question: Does someone have a ruleset for ipchains for the additional rules required for the ftp proxy service. a) allowing public access to the ftp-proxy service from outside b) (if possible) allowing inside users to use an ftp client (like ncftp or wget) to access public ftp servers on the Internet. I would be happy to search the mailing list but faild to find a search feature. || Alois Treindl, Astrodienst AG, mailto:alois@astro.com || Zollikon/Zurich, Switzerland
Hi! On Wed, Jun 20, 2001 at 03:32:20PM +0200, Alois Treindl wrote:
I intend to run ftp-proxy on the 'director' of an LVS cluster. The ftp server will run on one of the real servers in the cluster.
I use ipchains for firewalling the director against the Internet. Only a very limited set of rules is curently active, to allow ssh access to the 'director' and for the load balanced http services, plus DNS and NTP lookups and such stuff.
Question: Does someone have a ruleset for ipchains for the additional rules required for the ftp proxy service.
a) allowing public access to the ftp-proxy service from outside
You do not need any redirection rules nor transparent proxying if you have only one ftp-server - simply set DestinationAddess to the IP of the ftp-server and say to the internet, the proxy machine is your ftp-server.
b) (if possible) allowing inside users to use an ftp client (like ncftp or wget) to access public ftp servers on the Internet.
start a second ftp-proxy with transparent proxying in the
internal interface of the proxy machine.
See TransProxy-Mini-Howto.txt.
Gruesse,
Marius Tomaschewski
On Thu, 21 Jun 2001, Marius Tomaschewski wrote:
Hi!
On Wed, Jun 20, 2001 at 03:32:20PM +0200, Alois Treindl wrote:
I intend to run ftp-proxy on the 'director' of an LVS cluster. The ftp server will run on one of the real servers in the cluster.
I use ipchains for firewalling the director against the Internet. Only a very limited set of rules is curently active, to allow ssh access to the 'director' and for the load balanced http services, plus DNS and NTP lookups and such stuff.
Question: Does someone have a ruleset for ipchains for the additional rules required for the ftp proxy service.
a) allowing public access to the ftp-proxy service from outside
You do not need any redirection rules nor transparent proxying if you have only one ftp-server - simply set DestinationAddess to the IP of the ftp-server and say to the internet, the proxy machine is your ftp-server.
Sorry, I seem to be too inexperienced with Linux and NAT/proxy setup to understand what you are saying. What does it mean "Say to the Internet the proxy is my ftp server"? I do say that ftp.astro.com is $VIP (see below), but I need the corresponding filtering and forwarding rules inside the proxy server. Would it be possible to express that in explicit statements like ' put this .... in configuration file 'filename' and 'put this rule .... in your ipchains ruleset? This is my setup: | | eth1: real address $DEP, virtual address eth1:0 $VIP | DEP=195.49.62.58 VIP=195.49.62.59 +---------------------+ | LVS-NAT director | running kernel 2.2.19 | ipchains firewall | | ftp-proxy | +---------------------+ | eth0: 10.1.1.254 hostname="w0" | | switch--------------- other real http servers w2, w3, w4, ... | | eth0: 10.1.1.1 hostname="w1" +---------------------+ | http server | running kernel 2.4.5 | ftp server | ----------------------+ Clients on the internet should connect via ftp (active and passive must be possible) to virtual address $VIP and get connected via the proxy to the internal server. ipchains must be configured to allow the passage and forwarding of the packets related to the ftp connections. By default, everything is forbidden. I need - the relevant entries in ftp-proxy.conf - ipchains rules || Alois Treindl, Astrodienst AG, mailto:alois@astro.com || Zollikon/Zurich, Switzerland
Hi I have a strange problem with ftp-proxy. Client: Netscape 4.77 on Linux, behind a firewall which does not allow incoming port 21 connections. Server: ftp-proxy connected to real server proftpd ftp-proxy configuration: DestinationAddress w1 DestinationPort 21 DestinationTransferMode passive Listen 0.0.0.0 LogDestination /var/log/ftp-proxy.log MaxClients 64 PassiveMinDataPort 41000 PassiveMaxDataPort 41999 ServerType standalone TimeOut 300 WelcomeString Welcome to ftp.astro.com Symptom: accessing a directory which is a symbolic link to another directory on the ftp server fails. This happens only with the Netscape client; ncftp in passive mode works. It happens only with ftp-proxy in between the server and the client; when I access an identically configured proftpd server on another machine, there is no problem. The Netscape client does this access in a complicated way, when one clicks on the name of the directory: CMD=SIZE reply: 550 not a regular file CMD=MDTM reply: 550 not a plain file CMD=RETR reply: 550 not a regular file CMD=CWD reply: 250 successful CMD=LIST here the ftp-proxy tries to open a port 20 connection to client For some reason, the proxy seems to start a connection at port 20 to the client, which it should not do in passive mode, and of course it fails at the client's filtering firewall. Here is the logfile (with -v 4)
From the ftp-proxy.debug file:
(important lines near bottom, see 'here comes the bug' or TECH-ERR) 14:01:56 < 4676> accepted 5=192.53.104.46 14:01:56 < 4676> config_int: s='(nil)' n='ForkLimit' d=40 14:01:56 < 4676> config_int: s='(nil)' n='MaxClients' d=512 14:01:56 < 4676> config_int: result=64 14:01:56 < 4676> client pid=4679 (192.53.104.46) added 14:01:56 < 4679> {{{{{ ftp-child client-fork 14:01:56 < 4679> config_int: s='(nil)' n='TimeOut' d=900 14:01:56 < 4679> config_int: result=300 14:01:56 < 4679> config_str: s='(nil)' n='DenyMessage' d='(nil)' 14:01:56 < 4679> alloc 68 (com-socket.c:327): 0x805f200 14:01:56 < 4679> created HLS for 0=192.53.104.46:4420 14:01:56 < 4679> USER-INF connect from 192.53.104.46 14:01:56 < 4679> config_str: s='(nil)' n='WelcomeString' d='(nil)' 14:01:56 < 4679> config_str: result='Welcome to ftp.astro.com' 14:01:56 < 4679> config_str: s='(nil)' n='WelcomeMessage' d='(nil)' 14:01:56 < 4679> printf Cli-Ctrl 0=192.53.104.46: 31 bytes '220 Welcome to ftp.astro.com.' 14:01:56 < 4679> alloc 55 (com-socket.c:688): 0x805f248 14:01:56 < 4679> config_str: s='(nil)' n='ServerRoot' d='(nil)' 14:01:56 < 4679> FD_SET Cli-Ctrl for W 14:01:56 < 4679> FD_SET Cli-Ctrl for R 14:01:56 < 4679> free 0x805f248 (com-socket.c:1046) 14:01:56 < 4679> ll_write Cli-Ctrl 0=192.53.104.46: 31 bytes 14:01:56 < 4679> client-loop ... 14:01:56 < 4679> FD_SET Cli-Ctrl for R 14:01:56 < 4679> alloc 40 (com-socket.c:956): 0x805f248 14:01:56 < 4679> ll_read Cli-Ctrl 0=192.53.104.46: 16 bytes 14:01:56 < 4679> client-loop ... 14:01:56 < 4679> free 0x805f248 (com-socket.c:538) 14:01:56 < 4679> gets Cli-Ctrl 0=192.53.104.46: 14 bytes 'USER anonymous' 14:01:56 < 4679> from User-PI (0): cmd='USER' arg='anonymous' 14:01:56 < 4679> config_str: s='(nil)' n='ValidCommands' d='(nil)' 14:01:56 < 4679> allowed: '(all)' 14:01:56 < 4679> config_bool: s='(nil)' n='AllowMagicUser' d=0 14:01:56 < 4679> alloc 10 (ftp-cmds.c:420): 0x805f248 14:01:56 < 4679> USER-INF 'USER anonymous' from 192.53.104.46 14:01:56 < 4679> USER-INF reading data for 'anonymous' from cfg-file 14:01:56 < 4679> config_addr: s='anonymous' n='DestinationAddress' d='255.255.255.255' 14:01:56 < 4679> config_addr: s='(nil)' n='DestinationAddress' d='255.255.255.255' 14:01:56 < 4679> str2addr: in='w1' 14:01:56 < 4679> config_addr: result='10.1.1.1' 14:01:56 < 4679> DestAddr for 192.53.104.46: '10.1.1.1' 14:01:56 < 4679> config_port: s='anonymous' n='DestinationPort' d=21 14:01:56 < 4679> config_port: s='(nil)' n='DestinationPort' d=21 14:01:56 < 4679> config_port: result=21 14:01:56 < 4679> DestPort for 192.53.104.46: 21 14:01:56 < 4679> config_str: s='anonymous' n='DestinationTransferMode' d='client' 14:01:56 < 4679> config_str: s='(nil)' n='DestinationTransferMode' d='client' 14:01:56 < 4679> config_str: result='passive' 14:01:56 < 4679> DestMode for 192.53.104.46: passive 14:01:56 < 4679> config_port: s='anonymous' n='DestinationMinPort' d=0 14:01:56 < 4679> config_port: s='(nil)' n='DestinationMinPort' d=0 14:01:56 < 4679> config_port: s='anonymous' n='DestinationMaxPort' d=0 14:01:56 < 4679> config_port: s='(nil)' n='DestinationMaxPort' d=0 14:01:56 < 4679> DestRange for 192.53.104.46: 0-0 14:01:56 < 4679> config_port: s='anonymous' n='ActiveMinDataPort' d=0 14:01:56 < 4679> config_port: s='(nil)' n='ActiveMinDataPort' d=0 14:01:56 < 4679> config_port: s='anonymous' n='ActiveMaxDataPort' d=0 14:01:56 < 4679> config_port: s='(nil)' n='ActiveMaxDataPort' d=0 14:01:56 < 4679> ActiveRange for 192.53.104.46: 20-20 14:01:56 < 4679> config_port: s='anonymous' n='PassiveMinDataPort' d=0 14:01:56 < 4679> config_port: s='(nil)' n='PassiveMinDataPort' d=0 14:01:56 < 4679> config_port: result=41000 14:01:56 < 4679> config_port: s='anonymous' n='PassiveMaxDataPort' d=0 14:01:56 < 4679> config_port: s='(nil)' n='PassiveMaxDataPort' d=0 14:01:56 < 4679> config_port: result=41999 14:01:56 < 4679> PassiveRange for 192.53.104.46: 41000-41999 14:01:56 < 4679> config_bool: s='anonymous' n='SameAddress' d=1 14:01:56 < 4679> config_bool: s='(nil)' n='SameAddress' d=1 14:01:56 < 4679> config_int: s='anonymous' n='TimeOut' d=900 14:01:56 < 4679> config_int: s='(nil)' n='TimeOut' d=900 14:01:56 < 4679> config_int: result=300 14:01:56 < 4679> SameAddress for 192.53.104.46: yes 14:01:56 < 4679> TimeOut for 192.53.104.46: 300 14:01:56 < 4679> config_str: s='anonymous' n='ValidCommands' d='(nil)' 14:01:56 < 4679> config_str: s='(nil)' n='ValidCommands' d='(nil)' 14:01:56 < 4679> allowed: '(all)' 14:01:56 < 4679> alloc 68 (com-socket.c:327): 0x805f728 14:01:56 < 4679> created HLS for 4=10.1.1.1:21 14:01:56 < 4679> Srv-Ctrl is 10.1.1.1:21 14:01:56 < 4679> FD_SET Srv-Ctrl for R 14:01:56 < 4679> FD_SET Cli-Ctrl for R 14:01:56 < 4679> alloc 68 (com-socket.c:956): 0x805f770 14:01:56 < 4679> ll_read Srv-Ctrl 4=10.1.1.1: 44 bytes 14:01:56 < 4679> client-loop ... 14:01:56 < 4679> free 0x805f770 (com-socket.c:538) 14:01:56 < 4679> gets Srv-Ctrl 4=10.1.1.1: 42 bytes '220 ProFTPD 1.2.2rc2 Server (ProFTPD) [w1]' 14:01:56 < 4679> from Server-PI (4): '220 ProFTPD 1.2.2rc2 Server (ProFTPD) [w1]' 14:01:56 < 4679> printf Srv-Ctrl 4=10.1.1.1: 16 bytes 'USER anonymous' 14:01:56 < 4679> alloc 40 (com-socket.c:688): 0x805f770 14:01:56 < 4679> FD_SET Srv-Ctrl for W 14:01:56 < 4679> FD_SET Srv-Ctrl for R 14:01:56 < 4679> FD_SET Cli-Ctrl for R 14:01:56 < 4679> free 0x805f770 (com-socket.c:1046) 14:01:56 < 4679> ll_write Srv-Ctrl 4=10.1.1.1: 16 bytes 14:01:56 < 4679> client-loop ... 14:01:56 < 4679> FD_SET Srv-Ctrl for R 14:01:56 < 4679> FD_SET Cli-Ctrl for R 14:01:56 < 4679> alloc 100 (com-socket.c:956): 0x8060180 14:01:56 < 4679> ll_read Srv-Ctrl 4=10.1.1.1: 76 bytes 14:01:56 < 4679> client-loop ... 14:01:56 < 4679> free 0x8060180 (com-socket.c:538) 14:01:56 < 4679> gets Srv-Ctrl 4=10.1.1.1: 74 bytes '331 Anonymous login ok, send your complete email address as your password.' 14:01:56 < 4679> from Server-PI (4): '331 Anonymous login ok, send your complete email address as your password.' 14:01:56 < 4679> printf Cli-Ctrl 0=192.53.104.46: 76 bytes '331 Anonymous login ok, send your complete email address as your password.' 14:01:56 < 4679> alloc 100 (com-socket.c:688): 0x8060180 14:01:56 < 4679> FD_SET Srv-Ctrl for R 14:01:56 < 4679> FD_SET Cli-Ctrl for W 14:01:56 < 4679> FD_SET Cli-Ctrl for R 14:01:56 < 4679> free 0x8060180 (com-socket.c:1046) 14:01:56 < 4679> ll_write Cli-Ctrl 0=192.53.104.46: 76 bytes 14:01:56 < 4679> client-loop ... 14:01:56 < 4679> FD_SET Srv-Ctrl for R 14:01:56 < 4679> FD_SET Cli-Ctrl for R 14:01:56 < 4679> alloc 39 (com-socket.c:956): 0x805f770 14:01:56 < 4679> ll_read Cli-Ctrl 0=192.53.104.46: 15 bytes 14:01:56 < 4679> client-loop ... 14:01:56 < 4679> free 0x805f770 (com-socket.c:538) 14:01:56 < 4679> gets Cli-Ctrl 0=192.53.104.46: 13 bytes 'PASS mozilla@' 14:01:56 < 4679> from User-PI (0): cmd='PASS' arg='mozilla@' 14:01:56 < 4679> printf Srv-Ctrl 4=10.1.1.1: 15 bytes 'PASS mozilla@' 14:01:56 < 4679> alloc 39 (com-socket.c:688): 0x805f770 14:01:56 < 4679> USER-INF 'PASS XXXX' from 192.53.104.46 14:01:56 < 4679> FD_SET Srv-Ctrl for W 14:01:56 < 4679> FD_SET Srv-Ctrl for R 14:01:56 < 4679> FD_SET Cli-Ctrl for R 14:01:56 < 4679> free 0x805f770 (com-socket.c:1046) 14:01:56 < 4679> ll_write Srv-Ctrl 4=10.1.1.1: 15 bytes 14:01:56 < 4679> client-loop ... 14:01:56 < 4679> FD_SET Srv-Ctrl for R 14:01:56 < 4679> FD_SET Cli-Ctrl for R 14:01:56 < 4679> alloc 75 (com-socket.c:956): 0x805f770 14:01:56 < 4679> ll_read Srv-Ctrl 4=10.1.1.1: 51 bytes 14:01:56 < 4679> client-loop ... 14:01:56 < 4679> free 0x805f770 (com-socket.c:538) 14:01:56 < 4679> gets Srv-Ctrl 4=10.1.1.1: 49 bytes '230 Anonymous access granted, restrictions apply.' 14:01:56 < 4679> from Server-PI (4): '230 Anonymous access granted, restrictions apply.' 14:01:56 < 4679> printf Cli-Ctrl 0=192.53.104.46: 51 bytes '230 Anonymous access granted, restrictions apply.' 14:01:56 < 4679> alloc 75 (com-socket.c:688): 0x805f770 14:01:56 < 4679> FD_SET Srv-Ctrl for R 14:01:56 < 4679> FD_SET Cli-Ctrl for W 14:01:56 < 4679> FD_SET Cli-Ctrl for R 14:01:56 < 4679> free 0x805f770 (com-socket.c:1046) 14:01:56 < 4679> ll_write Cli-Ctrl 0=192.53.104.46: 51 bytes 14:01:56 < 4679> client-loop ... 14:01:56 < 4679> FD_SET Srv-Ctrl for R 14:01:56 < 4679> FD_SET Cli-Ctrl for R 14:01:56 < 4679> alloc 32 (com-socket.c:956): 0x805f770 14:01:56 < 4679> ll_read Cli-Ctrl 0=192.53.104.46: 8 bytes 14:01:56 < 4679> client-loop ... 14:01:56 < 4679> free 0x805f770 (com-socket.c:538) 14:01:56 < 4679> gets Cli-Ctrl 0=192.53.104.46: 6 bytes 'REST 0' 14:01:56 < 4679> from User-PI (0): cmd='REST' arg='0' 14:01:56 < 4679> printf Srv-Ctrl 4=10.1.1.1: 8 bytes 'REST 0' 14:01:56 < 4679> alloc 32 (com-socket.c:688): 0x805f770 14:01:56 < 4679> USER-INF 'REST 0' from 192.53.104.46 14:01:56 < 4679> FD_SET Srv-Ctrl for W 14:01:56 < 4679> FD_SET Srv-Ctrl for R 14:01:56 < 4679> FD_SET Cli-Ctrl for R 14:01:56 < 4679> free 0x805f770 (com-socket.c:1046) 14:01:56 < 4679> ll_write Srv-Ctrl 4=10.1.1.1: 8 bytes 14:01:56 < 4679> client-loop ... 14:01:56 < 4679> FD_SET Srv-Ctrl for R 14:01:56 < 4679> FD_SET Cli-Ctrl for R 14:01:56 < 4679> alloc 91 (com-socket.c:956): 0x805f770 14:01:56 < 4679> ll_read Srv-Ctrl 4=10.1.1.1: 67 bytes 14:01:56 < 4679> client-loop ... 14:01:56 < 4679> free 0x805f770 (com-socket.c:538) 14:01:56 < 4679> gets Srv-Ctrl 4=10.1.1.1: 65 bytes '350 Restarting at 0. Send STORE or RETRIEVE to initiate transfer.' 14:01:56 < 4679> from Server-PI (4): '350 Restarting at 0. Send STORE or RETRIEVE to initiate transfer.' 14:01:56 < 4679> printf Cli-Ctrl 0=192.53.104.46: 67 bytes '350 Restarting at 0. Send STORE or RETRIEVE to initiate transfer.' 14:01:56 < 4679> alloc 91 (com-socket.c:688): 0x805f770 14:01:56 < 4679> FD_SET Srv-Ctrl for R 14:01:56 < 4679> FD_SET Cli-Ctrl for W 14:01:56 < 4679> FD_SET Cli-Ctrl for R 14:01:56 < 4679> free 0x805f770 (com-socket.c:1046) 14:01:56 < 4679> ll_write Cli-Ctrl 0=192.53.104.46: 67 bytes 14:01:56 < 4679> client-loop ... 14:01:56 < 4679> FD_SET Srv-Ctrl for R 14:01:56 < 4679> FD_SET Cli-Ctrl for R 14:01:56 < 4679> alloc 30 (com-socket.c:956): 0x805f770 14:01:56 < 4679> ll_read Cli-Ctrl 0=192.53.104.46: 6 bytes 14:01:56 < 4679> client-loop ... 14:01:56 < 4679> free 0x805f770 (com-socket.c:538) 14:01:56 < 4679> gets Cli-Ctrl 0=192.53.104.46: 4 bytes 'SYST' 14:01:56 < 4679> from User-PI (0): cmd='SYST' arg='' 14:01:56 < 4679> printf Srv-Ctrl 4=10.1.1.1: 6 bytes 'SYST' 14:01:56 < 4679> alloc 30 (com-socket.c:688): 0x805f770 14:01:56 < 4679> USER-INF 'SYST' from 192.53.104.46 14:01:56 < 4679> FD_SET Srv-Ctrl for W 14:01:56 < 4679> FD_SET Srv-Ctrl for R 14:01:56 < 4679> FD_SET Cli-Ctrl for R 14:01:56 < 4679> free 0x805f770 (com-socket.c:1046) 14:01:56 < 4679> ll_write Srv-Ctrl 4=10.1.1.1: 6 bytes 14:01:56 < 4679> client-loop ... 14:01:56 < 4679> FD_SET Srv-Ctrl for R 14:01:56 < 4679> FD_SET Cli-Ctrl for R 14:01:56 < 4679> alloc 43 (com-socket.c:956): 0x805f770 14:01:56 < 4679> ll_read Srv-Ctrl 4=10.1.1.1: 19 bytes 14:01:56 < 4679> client-loop ... 14:01:56 < 4679> free 0x805f770 (com-socket.c:538) 14:01:56 < 4679> gets Srv-Ctrl 4=10.1.1.1: 17 bytes '215 UNIX Type: L8' 14:01:56 < 4679> from Server-PI (4): '215 UNIX Type: L8' 14:01:56 < 4679> printf Cli-Ctrl 0=192.53.104.46: 19 bytes '215 UNIX Type: L8' 14:01:56 < 4679> alloc 43 (com-socket.c:688): 0x805f770 14:01:56 < 4679> FD_SET Srv-Ctrl for R 14:01:56 < 4679> FD_SET Cli-Ctrl for W 14:01:56 < 4679> FD_SET Cli-Ctrl for R 14:01:56 < 4679> free 0x805f770 (com-socket.c:1046) 14:01:56 < 4679> ll_write Cli-Ctrl 0=192.53.104.46: 19 bytes 14:01:56 < 4679> client-loop ... 14:01:56 < 4679> FD_SET Srv-Ctrl for R 14:01:56 < 4679> FD_SET Cli-Ctrl for R 14:01:56 < 4679> alloc 30 (com-socket.c:956): 0x805f770 14:01:56 < 4679> ll_read Cli-Ctrl 0=192.53.104.46: 6 bytes 14:01:56 < 4679> client-loop ... 14:01:56 < 4679> free 0x805f770 (com-socket.c:538) 14:01:56 < 4679> gets Cli-Ctrl 0=192.53.104.46: 4 bytes 'PASV' 14:01:56 < 4679> from User-PI (0): cmd='PASV' arg='' 14:01:56 < 4679> alloc 68 (com-socket.c:327): 0x805f770 14:01:56 < 4679> created HLS for -1=:0 14:01:56 < 4679> listen: Cli-Data (fd=5) 195.49.62.59:41000 14:01:56 < 4679> config_str: s='(nil)' n='TranslatedAddress' d='(nil)' 14:01:56 < 4679> printf Cli-Ctrl 0=192.53.104.46: 50 bytes '227 Entering Passive Mode (195,49,62,59,160,40).' 14:01:56 < 4679> alloc 74 (com-socket.c:688): 0x8060180 14:01:56 < 4679> USER-INF PASV set to 195.49.62.59:41000 for 192.53.104.46 14:01:56 < 4679> FD_SET Cli-Data for R 14:01:56 < 4679> FD_SET Srv-Ctrl for R 14:01:56 < 4679> FD_SET Cli-Ctrl for W 14:01:56 < 4679> FD_SET Cli-Ctrl for R 14:01:56 < 4679> free 0x8060180 (com-socket.c:1046) 14:01:56 < 4679> ll_write Cli-Ctrl 0=192.53.104.46: 50 bytes 14:01:56 < 4679> client-loop ... 14:01:56 < 4679> FD_SET Cli-Data for R 14:01:56 < 4679> FD_SET Srv-Ctrl for R 14:01:56 < 4679> FD_SET Cli-Ctrl for R 14:01:56 < 4679> accept Cli-Data (6) from 192.53.104.46 14:01:56 < 4679> client-loop ... 14:01:56 < 4679> FD_SET Cli-Data for R 14:01:56 < 4679> FD_SET Srv-Ctrl for R 14:01:56 < 4679> FD_SET Cli-Ctrl for R 14:01:56 < 4679> alloc 32 (com-socket.c:956): 0x8060180 14:01:56 < 4679> ll_read Cli-Ctrl 0=192.53.104.46: 8 bytes 14:01:56 < 4679> client-loop ... 14:01:56 < 4679> free 0x8060180 (com-socket.c:538) 14:01:56 < 4679> gets Cli-Ctrl 0=192.53.104.46: 6 bytes 'TYPE I' 14:01:56 < 4679> from User-PI (0): cmd='TYPE' arg='I' 14:01:56 < 4679> printf Srv-Ctrl 4=10.1.1.1: 8 bytes 'TYPE I' 14:01:56 < 4679> alloc 32 (com-socket.c:688): 0x8060180 14:01:56 < 4679> USER-INF 'TYPE I' from 192.53.104.46 14:01:56 < 4679> FD_SET Cli-Data for R 14:01:56 < 4679> FD_SET Srv-Ctrl for W 14:01:56 < 4679> FD_SET Srv-Ctrl for R 14:01:56 < 4679> FD_SET Cli-Ctrl for R 14:01:56 < 4679> free 0x8060180 (com-socket.c:1046) 14:01:56 < 4679> ll_write Srv-Ctrl 4=10.1.1.1: 8 bytes 14:01:56 < 4679> client-loop ... 14:01:56 < 4679> FD_SET Cli-Data for R 14:01:56 < 4679> FD_SET Srv-Ctrl for R 14:01:56 < 4679> FD_SET Cli-Ctrl for R 14:01:56 < 4679> alloc 44 (com-socket.c:956): 0x8060180 14:01:56 < 4679> ll_read Srv-Ctrl 4=10.1.1.1: 20 bytes 14:01:56 < 4679> client-loop ... 14:01:56 < 4679> free 0x8060180 (com-socket.c:538) 14:01:56 < 4679> gets Srv-Ctrl 4=10.1.1.1: 18 bytes '200 Type set to I.' 14:01:56 < 4679> from Server-PI (4): '200 Type set to I.' 14:01:56 < 4679> printf Cli-Ctrl 0=192.53.104.46: 20 bytes '200 Type set to I.' 14:01:56 < 4679> alloc 44 (com-socket.c:688): 0x8060180 14:01:56 < 4679> FD_SET Cli-Data for R 14:01:56 < 4679> FD_SET Srv-Ctrl for R 14:01:56 < 4679> FD_SET Cli-Ctrl for W 14:01:56 < 4679> FD_SET Cli-Ctrl for R 14:01:56 < 4679> free 0x8060180 (com-socket.c:1046) 14:01:56 < 4679> ll_write Cli-Ctrl 0=192.53.104.46: 20 bytes 14:01:56 < 4679> client-loop ... 14:01:56 < 4679> FD_SET Cli-Data for R 14:01:56 < 4679> FD_SET Srv-Ctrl for R 14:01:56 < 4679> FD_SET Cli-Ctrl for R 14:01:56 < 4679> alloc 51 (com-socket.c:956): 0x8060180 14:01:56 < 4679> ll_read Cli-Ctrl 0=192.53.104.46: 27 bytes 14:01:56 < 4679> client-loop ... 14:01:56 < 4679> free 0x8060180 (com-socket.c:538) 14:01:56 < 4679> gets Cli-Ctrl 0=192.53.104.46: 25 bytes 'SIZE /pub/swisseph/my_doc' 14:01:56 < 4679> from User-PI (0): cmd='SIZE' arg='/pub/swisseph/my_doc' 14:01:56 < 4679> printf Srv-Ctrl 4=10.1.1.1: 27 bytes 'SIZE /pub/swisseph/my_doc' 14:01:56 < 4679> alloc 51 (com-socket.c:688): 0x8060180 14:01:56 < 4679> USER-INF 'SIZE /pub/swisseph/my_doc' from 192.53.104.46 14:01:56 < 4679> FD_SET Cli-Data for R 14:01:56 < 4679> FD_SET Srv-Ctrl for W 14:01:56 < 4679> FD_SET Srv-Ctrl for R 14:01:56 < 4679> FD_SET Cli-Ctrl for R 14:01:56 < 4679> free 0x8060180 (com-socket.c:1046) 14:01:56 < 4679> ll_write Srv-Ctrl 4=10.1.1.1: 27 bytes 14:01:56 < 4679> client-loop ... 14:01:56 < 4679> FD_SET Cli-Data for R 14:01:56 < 4679> FD_SET Srv-Ctrl for R 14:01:56 < 4679> FD_SET Cli-Ctrl for R 14:01:56 < 4679> alloc 71 (com-socket.c:956): 0x8060180 14:01:56 < 4679> ll_read Srv-Ctrl 4=10.1.1.1: 47 bytes 14:01:56 < 4679> client-loop ... 14:01:56 < 4679> free 0x8060180 (com-socket.c:538) 14:01:56 < 4679> gets Srv-Ctrl 4=10.1.1.1: 45 bytes '550 /pub/swisseph/my_doc: not a regular file.' 14:01:56 < 4679> from Server-PI (4): '550 /pub/swisseph/my_doc: not a regular file.' 14:01:56 < 4679> printf Cli-Ctrl 0=192.53.104.46: 47 bytes '550 /pub/swisseph/my_doc: not a regular file.' 14:01:56 < 4679> alloc 71 (com-socket.c:688): 0x8060180 14:01:56 < 4679> FD_SET Cli-Data for R 14:01:56 < 4679> FD_SET Srv-Ctrl for R 14:01:56 < 4679> FD_SET Cli-Ctrl for W 14:01:56 < 4679> FD_SET Cli-Ctrl for R 14:01:56 < 4679> free 0x8060180 (com-socket.c:1046) 14:01:56 < 4679> ll_write Cli-Ctrl 0=192.53.104.46: 47 bytes 14:01:56 < 4679> client-loop ... 14:01:56 < 4679> FD_SET Cli-Data for R 14:01:56 < 4679> FD_SET Srv-Ctrl for R 14:01:56 < 4679> FD_SET Cli-Ctrl for R 14:01:56 < 4679> alloc 51 (com-socket.c:956): 0x8060180 14:01:56 < 4679> ll_read Cli-Ctrl 0=192.53.104.46: 27 bytes 14:01:56 < 4679> client-loop ... 14:01:56 < 4679> free 0x8060180 (com-socket.c:538) 14:01:56 < 4679> gets Cli-Ctrl 0=192.53.104.46: 25 bytes 'MDTM /pub/swisseph/my_doc' 14:01:56 < 4679> from User-PI (0): cmd='MDTM' arg='/pub/swisseph/my_doc' 14:01:56 < 4679> printf Srv-Ctrl 4=10.1.1.1: 27 bytes 'MDTM /pub/swisseph/my_doc' 14:01:56 < 4679> alloc 51 (com-socket.c:688): 0x8060180 14:01:56 < 4679> USER-INF 'MDTM /pub/swisseph/my_doc' from 192.53.104.46 14:01:56 < 4679> FD_SET Cli-Data for R 14:01:56 < 4679> FD_SET Srv-Ctrl for W 14:01:56 < 4679> FD_SET Srv-Ctrl for R 14:01:56 < 4679> FD_SET Cli-Ctrl for R 14:01:56 < 4679> free 0x8060180 (com-socket.c:1046) 14:01:56 < 4679> ll_write Srv-Ctrl 4=10.1.1.1: 27 bytes 14:01:56 < 4679> client-loop ... 14:01:56 < 4679> FD_SET Cli-Data for R 14:01:56 < 4679> FD_SET Srv-Ctrl for R 14:01:56 < 4679> FD_SET Cli-Ctrl for R 14:01:56 < 4679> alloc 69 (com-socket.c:956): 0x8060180 14:01:56 < 4679> ll_read Srv-Ctrl 4=10.1.1.1: 45 bytes 14:01:56 < 4679> client-loop ... 14:01:56 < 4679> free 0x8060180 (com-socket.c:538) 14:01:56 < 4679> gets Srv-Ctrl 4=10.1.1.1: 43 bytes '550 /pub/swisseph/my_doc: not a plain file.' 14:01:56 < 4679> from Server-PI (4): '550 /pub/swisseph/my_doc: not a plain file.' 14:01:56 < 4679> printf Cli-Ctrl 0=192.53.104.46: 45 bytes '550 /pub/swisseph/my_doc: not a plain file.' 14:01:56 < 4679> alloc 69 (com-socket.c:688): 0x8060180 14:01:56 < 4679> FD_SET Cli-Data for R 14:01:56 < 4679> FD_SET Srv-Ctrl for R 14:01:56 < 4679> FD_SET Cli-Ctrl for W 14:01:56 < 4679> FD_SET Cli-Ctrl for R 14:01:56 < 4679> free 0x8060180 (com-socket.c:1046) 14:01:56 < 4679> ll_write Cli-Ctrl 0=192.53.104.46: 45 bytes 14:01:56 < 4679> client-loop ... 14:01:56 < 4679> FD_SET Cli-Data for R 14:01:56 < 4679> FD_SET Srv-Ctrl for R 14:01:56 < 4679> FD_SET Cli-Ctrl for R 14:01:57 < 4679> alloc 51 (com-socket.c:956): 0x8060180 14:01:57 < 4679> ll_read Cli-Ctrl 0=192.53.104.46: 27 bytes 14:01:57 < 4679> client-loop ... 14:01:57 < 4679> free 0x8060180 (com-socket.c:538) 14:01:57 < 4679> gets Cli-Ctrl 0=192.53.104.46: 25 bytes 'RETR /pub/swisseph/my_doc' 14:01:57 < 4679> from User-PI (0): cmd='RETR' arg='/pub/swisseph/my_doc' 14:01:57 < 4679> USER-INF 'RETR /pub/swisseph/my_doc' from 192.53.104.46 14:01:57 < 4679> printf Srv-Ctrl 4=10.1.1.1: 6 bytes 'PASV' 14:01:57 < 4679> alloc 30 (com-socket.c:688): 0x8060180 14:01:57 < 4679> FD_SET Cli-Data for R 14:01:57 < 4679> FD_SET Srv-Ctrl for W 14:01:57 < 4679> FD_SET Srv-Ctrl for R 14:01:57 < 4679> FD_SET Cli-Ctrl for R 14:01:57 < 4679> free 0x8060180 (com-socket.c:1046) 14:01:57 < 4679> ll_write Srv-Ctrl 4=10.1.1.1: 6 bytes 14:01:57 < 4679> client-loop ... 14:01:57 < 4679> FD_SET Cli-Data for R 14:01:57 < 4679> FD_SET Srv-Ctrl for R 14:01:57 < 4679> FD_SET Cli-Ctrl for R 14:01:57 < 4679> alloc 70 (com-socket.c:956): 0x8060180 14:01:57 < 4679> ll_read Srv-Ctrl 4=10.1.1.1: 46 bytes 14:01:57 < 4679> client-loop ... 14:01:57 < 4679> free 0x8060180 (com-socket.c:538) 14:01:57 < 4679> gets Srv-Ctrl 4=10.1.1.1: 44 bytes '227 Entering Passive Mode (10,1,1,1,212,43).' 14:01:57 < 4679> from Server-PI (4): '227 Entering Passive Mode (10,1,1,1,212,43).' 14:01:57 < 4679> alloc 68 (com-socket.c:327): 0x8060180 14:01:57 < 4679> created HLS for 5=10.1.1.1:54315 14:01:57 < 4679> connect: Srv-Data fd=5 14:01:57 < 4679> printf Srv-Ctrl 4=10.1.1.1: 27 bytes 'RETR /pub/swisseph/my_doc' 14:01:57 < 4679> alloc 51 (com-socket.c:688): 0x80601c8 14:01:57 < 4679> TECH-INF 'RETR /pub/swisseph/my_doc' sent for 192.53.104.46 14:01:57 < 4679> FD_SET Srv-Data for R 14:01:57 < 4679> FD_SET Cli-Data for R 14:01:57 < 4679> FD_SET Srv-Ctrl for W 14:01:57 < 4679> FD_SET Srv-Ctrl for R 14:01:57 < 4679> FD_SET Cli-Ctrl for R 14:01:57 < 4679> free 0x80601c8 (com-socket.c:1046) 14:01:57 < 4679> ll_write Srv-Ctrl 4=10.1.1.1: 27 bytes 14:01:57 < 4679> client-loop ... 14:01:57 < 4679> FD_SET Srv-Data for R 14:01:57 < 4679> FD_SET Cli-Data for R 14:01:57 < 4679> FD_SET Srv-Ctrl for R 14:01:57 < 4679> FD_SET Cli-Ctrl for R 14:01:57 < 4679> alloc 70 (com-socket.c:956): 0x80601c8 14:01:57 < 4679> ll_read Srv-Ctrl 4=10.1.1.1: 46 bytes 14:01:57 < 4679> client-loop ... 14:01:57 < 4679> free 0x80601c8 (com-socket.c:538) 14:01:57 < 4679> gets Srv-Ctrl 4=10.1.1.1: 44 bytes '550 /pub/swisseph/my_doc: Not a regular file' 14:01:57 < 4679> from Server-PI (4): '550 /pub/swisseph/my_doc: Not a regular file' 14:01:57 < 4679> printf Cli-Ctrl 0=192.53.104.46: 46 bytes '550 /pub/swisseph/my_doc: Not a regular file' 14:01:57 < 4679> alloc 70 (com-socket.c:688): 0x80601c8 14:01:57 < 4679> FD_SET Srv-Data for R 14:01:57 < 4679> FD_SET Cli-Data for R 14:01:57 < 4679> FD_SET Srv-Ctrl for R 14:01:57 < 4679> FD_SET Cli-Ctrl for W 14:01:57 < 4679> FD_SET Cli-Ctrl for R 14:01:57 < 4679> free 0x80601c8 (com-socket.c:1046) 14:01:57 < 4679> ll_write Cli-Ctrl 0=192.53.104.46: 46 bytes 14:01:57 < 4679> client-loop ... 14:01:57 < 4679> FD_SET Srv-Data for R 14:01:57 < 4679> FD_SET Cli-Data for R 14:01:57 < 4679> FD_SET Srv-Ctrl for R 14:01:57 < 4679> FD_SET Cli-Ctrl for R 14:01:57 < 4679> alloc 50 (com-socket.c:956): 0x80601c8 14:01:57 < 4679> ll_read Cli-Ctrl 0=192.53.104.46: 26 bytes 14:01:57 < 4679> client-loop ... 14:01:57 < 4679> free 0x80601c8 (com-socket.c:538) 14:01:57 < 4679> gets Cli-Ctrl 0=192.53.104.46: 24 bytes 'CWD /pub/swisseph/my_doc' 14:01:57 < 4679> from User-PI (0): cmd='CWD' arg='/pub/swisseph/my_doc' 14:01:57 < 4679> printf Srv-Ctrl 4=10.1.1.1: 26 bytes 'CWD /pub/swisseph/my_doc' 14:01:57 < 4679> alloc 50 (com-socket.c:688): 0x80601c8 14:01:57 < 4679> USER-INF 'CWD /pub/swisseph/my_doc' from 192.53.104.46 14:01:57 < 4679> FD_SET Srv-Data for R 14:01:57 < 4679> FD_SET Cli-Data for R 14:01:57 < 4679> FD_SET Srv-Ctrl for W 14:01:57 < 4679> FD_SET Srv-Ctrl for R 14:01:57 < 4679> FD_SET Cli-Ctrl for R 14:01:57 < 4679> free 0x80601c8 (com-socket.c:1046) 14:01:57 < 4679> ll_write Srv-Ctrl 4=10.1.1.1: 26 bytes 14:01:57 < 4679> client-loop ... 14:01:57 < 4679> FD_SET Srv-Data for R 14:01:57 < 4679> FD_SET Cli-Data for R 14:01:57 < 4679> FD_SET Srv-Ctrl for R 14:01:57 < 4679> FD_SET Cli-Ctrl for R 14:01:57 < 4679> alloc 53 (com-socket.c:956): 0x80601c8 14:01:57 < 4679> ll_read Srv-Ctrl 4=10.1.1.1: 29 bytes 14:01:57 < 4679> client-loop ... 14:01:57 < 4679> free 0x80601c8 (com-socket.c:538) 14:01:57 < 4679> gets Srv-Ctrl 4=10.1.1.1: 27 bytes '250 CWD command successful.' 14:01:57 < 4679> from Server-PI (4): '250 CWD command successful.' 14:01:57 < 4679> printf Cli-Ctrl 0=192.53.104.46: 29 bytes '250 CWD command successful.' 14:01:57 < 4679> alloc 53 (com-socket.c:688): 0x80601c8 14:01:57 < 4679> FD_SET Srv-Data for R 14:01:57 < 4679> FD_SET Cli-Data for R 14:01:57 < 4679> FD_SET Srv-Ctrl for R 14:01:57 < 4679> FD_SET Cli-Ctrl for W 14:01:57 < 4679> FD_SET Cli-Ctrl for R 14:01:57 < 4679> free 0x80601c8 (com-socket.c:1046) 14:01:57 < 4679> ll_write Cli-Ctrl 0=192.53.104.46: 29 bytes 14:01:57 < 4679> client-loop ... 14:01:57 < 4679> FD_SET Srv-Data for R 14:01:57 < 4679> FD_SET Cli-Data for R 14:01:57 < 4679> FD_SET Srv-Ctrl for R 14:01:57 < 4679> FD_SET Cli-Ctrl for R 14:01:57 < 4679> alloc 30 (com-socket.c:956): 0x80601c8 14:01:57 < 4679> ll_read Cli-Ctrl 0=192.53.104.46: 6 bytes 14:01:57 < 4679> client-loop ... 14:01:57 < 4679> free 0x80601c8 (com-socket.c:538) 14:01:57 < 4679> gets Cli-Ctrl 0=192.53.104.46: 4 bytes 'LIST' 14:01:57 < 4679> from User-PI (0): cmd='LIST' arg='' 14:01:57 < 4679> USER-INF 'LIST' from 192.53.104.46 14:01:57 < 4679> printf Srv-Ctrl 4=10.1.1.1: 6 bytes 'PASV' 14:01:57 < 4679> alloc 30 (com-socket.c:688): 0x80601c8 14:01:57 < 4679> FD_SET Srv-Data for R 14:01:57 < 4679> FD_SET Cli-Data for R 14:01:57 < 4679> FD_SET Srv-Ctrl for W 14:01:57 < 4679> FD_SET Srv-Ctrl for R 14:01:57 < 4679> FD_SET Cli-Ctrl for R 14:01:57 < 4679> free 0x80601c8 (com-socket.c:1046) 14:01:57 < 4679> ll_write Srv-Ctrl 4=10.1.1.1: 6 bytes 14:01:57 < 4679> client-loop ... 14:01:57 < 4679> FD_SET Srv-Data for R 14:01:57 < 4679> FD_SET Cli-Data for R 14:01:57 < 4679> FD_SET Srv-Ctrl for R 14:01:57 < 4679> FD_SET Cli-Ctrl for R 14:01:57 < 4679> closed: Srv-Data -1=10.1.1.1 14:01:57 < 4679> client-loop ... 14:01:57 < 4679> about to destroy Srv-Data 14:01:57 < 4679> deleting HLS Srv-Data -1=10.1.1.1:54315 14:01:57 < 4679> free 0x8060180 (com-socket.c:473) 14:01:57 < 4679> FD_CLR Cli-Data 14:01:57 < 4679> client-loop ... 14:01:57 < 4679> about to destroy Cli-Data 14:01:57 < 4679> USER-INF Transfer for 192.53.104.46: LIST '' 1 sec 14:01:57 < 4679> deleting HLS Cli-Data -1=192.53.104.46:4421 14:01:57 < 4679> free 0x805f770 (com-socket.c:473) 14:01:57 < 4679> FD_SET Srv-Ctrl for R 14:01:57 < 4679> FD_SET Cli-Ctrl for R 14:01:57 < 4679> alloc 70 (com-socket.c:956): 0x805f770 14:01:57 < 4679> ll_read Srv-Ctrl 4=10.1.1.1: 46 bytes 14:01:57 < 4679> client-loop ... 14:01:57 < 4679> free 0x805f770 (com-socket.c:538) 14:01:57 < 4679> gets Srv-Ctrl 4=10.1.1.1: 44 bytes '227 Entering Passive Mode (10,1,1,1,212,44).' 14:01:57 < 4679> from Server-PI (4): '227 Entering Passive Mode (10,1,1,1,212,44).' 14:01:57 < 4679> alloc 68 (com-socket.c:327): 0x805f770 14:01:57 < 4679> created HLS for 5=10.1.1.1:54316 **** here comes the bug 14:01:57 < 4679> connect: Srv-Data fd=5 14:01:57 < 4679> try to con-bind Cli-Data to 195.49.62.59:20 14:01:57 < 4679> TECH-ERR can't connect Cli-Data for 192.53.104.46 (errno=113 [No route to host]) 14:01:57 < 4679> printf Cli-Ctrl 0=192.53.104.46: 33 bytes '425 Can't open data connection.' 14:01:57 < 4679> alloc 57 (com-socket.c:688): 0x8060180 14:01:57 < 4679> FD_SET Srv-Data for R 14:01:57 < 4679> FD_SET Srv-Ctrl for R 14:01:57 < 4679> FD_SET Cli-Ctrl for W 14:01:57 < 4679> FD_SET Cli-Ctrl for R 14:01:57 < 4679> free 0x8060180 (com-socket.c:1046) 14:01:57 < 4679> ll_write Cli-Ctrl 0=192.53.104.46: 33 bytes 14:01:57 < 4679> client-loop ... 14:01:57 < 4679> FD_SET Srv-Data for R 14:01:57 < 4679> FD_SET Srv-Ctrl for R 14:01:57 < 4679> FD_SET Cli-Ctrl for R 14:01:57 < 4679> closed: Cli-Ctrl -1=192.53.104.46 14:01:57 < 4679> client-loop ... 14:01:57 < 4679> free 0x805f248 (ftp-client.c:398) 14:01:57 < 4679> }}}}} ftp-child client-exit 14:01:57 < 4679> deleting HLS Srv-Data 5=10.1.1.1:54316 14:01:57 < 4679> free 0x805f770 (com-socket.c:473) 14:01:57 < 4679> deleting HLS Srv-Ctrl 4=10.1.1.1:21 14:01:57 < 4679> free 0x805f728 (com-socket.c:473) 14:01:57 < 4679> deleting HLS Cli-Ctrl -1=192.53.104.46:4420 14:01:57 < 4679> free 0x805f200 (com-socket.c:473) 14:01:57 < 4679> free 0x805f1e0 (com-syslog.c:489) 14:01:57 < 4679> config_cleanup ... 14:01:57 < 4679> ------------- ftp-child exiting ------------- 14:01:57 < 4676> client pid=4679 (192.53.104.46) gone 14:02:57 < 4676> select: timeout (993124977)
On Thu, Jun 21, 2001 at 02:17:40PM +0200, Alois Treindl wrote:
Hi
Hi!
I have a strange problem with ftp-proxy.
Client: Netscape 4.77 on Linux, behind a firewall which does not allow incoming port 21 connections.
Server: ftp-proxy connected to real server proftpd ftp-proxy configuration: DestinationAddress w1 DestinationPort 21 DestinationTransferMode passive Listen 0.0.0.0 LogDestination /var/log/ftp-proxy.log MaxClients 64 PassiveMinDataPort 41000 PassiveMaxDataPort 41999 ServerType standalone TimeOut 300 WelcomeString Welcome to ftp.astro.com
Symptom: accessing a directory which is a symbolic link to another directory on the ftp server fails.
This happens only with the Netscape client; ncftp in passive mode works. It happens only with ftp-proxy in between the server and the client; when I access an identically configured proftpd server on another machine, there is no problem.
The Netscape client does this access in a complicated way, when one clicks on the name of the directory: CMD=SIZE reply: 550 not a regular file CMD=MDTM reply: 550 not a plain file CMD=RETR reply: 550 not a regular file CMD=CWD reply: 250 successful CMD=LIST here the ftp-proxy tries to open a port 20 connection to client
For some reason, the proxy seems to start a connection at port 20 to the client, which it should not do in passive mode, and of course it fails at the client's filtering firewall.
No, it only does a _bind_ to port 20 and then connects using this _bound_ socket to the client. You are using active transfer there with the client, not passive; the proxy<->server communication is passive.
Here is the logfile (with -v 4)
Please use -v 2
From the ftp-proxy.debug file: ------------------------------ (important lines near bottom, see 'here comes the bug' or TECH-ERR) [...] 14:01:56 < 4679> gets Cli-Ctrl 0=192.53.104.46: 25 bytes 'SIZE /pub/swisseph/my_doc' 14:01:56 < 4679> from User-PI (0): cmd='SIZE' arg='/pub/swisseph/my_doc' 14:01:56 < 4679> printf Srv-Ctrl 4=10.1.1.1: 27 bytes 'SIZE /pub/swisseph/my_doc' 14:01:56 < 4679> alloc 51 (com-socket.c:688): 0x8060180 14:01:56 < 4679> USER-INF 'SIZE /pub/swisseph/my_doc' from 192.53.104.46 14:01:56 < 4679> FD_SET Cli-Data for R 14:01:56 < 4679> FD_SET Srv-Ctrl for W 14:01:56 < 4679> FD_SET Srv-Ctrl for R 14:01:56 < 4679> FD_SET Cli-Ctrl for R 14:01:56 < 4679> free 0x8060180 (com-socket.c:1046) 14:01:56 < 4679> ll_write Srv-Ctrl 4=10.1.1.1: 27 bytes 14:01:56 < 4679> client-loop ... 14:01:56 < 4679> FD_SET Cli-Data for R 14:01:56 < 4679> FD_SET Srv-Ctrl for R 14:01:56 < 4679> FD_SET Cli-Ctrl for R 14:01:56 < 4679> alloc 71 (com-socket.c:956): 0x8060180 14:01:56 < 4679> ll_read Srv-Ctrl 4=10.1.1.1: 47 bytes 14:01:56 < 4679> client-loop ... 14:01:56 < 4679> free 0x8060180 (com-socket.c:538) 14:01:56 < 4679> gets Srv-Ctrl 4=10.1.1.1: 45 bytes '550 /pub/swisseph/my_doc: not a regular file.' 14:01:56 < 4679> from Server-PI (4): '550 /pub/swisseph/my_doc: not a regular file.' 14:01:56 < 4679> printf Cli-Ctrl 0=192.53.104.46: 47 bytes '550 /pub/swisseph/my_doc: not a regular file.'
The ftp-server refuses to SIZE a link, that's all.
14:01:56 < 4679> gets Cli-Ctrl 0=192.53.104.46: 25 bytes 'MDTM /pub/swisseph/my_doc' 14:01:56 < 4679> from User-PI (0): cmd='MDTM' arg='/pub/swisseph/my_doc' 14:01:56 < 4679> printf Srv-Ctrl 4=10.1.1.1: 27 bytes 'MDTM /pub/swisseph/my_doc' 14:01:56 < 4679> alloc 51 (com-socket.c:688): 0x8060180 14:01:56 < 4679> USER-INF 'MDTM /pub/swisseph/my_doc' from 192.53.104.46 14:01:56 < 4679> FD_SET Cli-Data for R 14:01:56 < 4679> FD_SET Srv-Ctrl for W 14:01:56 < 4679> FD_SET Srv-Ctrl for R 14:01:56 < 4679> FD_SET Cli-Ctrl for R 14:01:56 < 4679> free 0x8060180 (com-socket.c:1046) 14:01:56 < 4679> ll_write Srv-Ctrl 4=10.1.1.1: 27 bytes 14:01:56 < 4679> client-loop ... 14:01:56 < 4679> FD_SET Cli-Data for R 14:01:56 < 4679> FD_SET Srv-Ctrl for R 14:01:56 < 4679> FD_SET Cli-Ctrl for R 14:01:56 < 4679> alloc 69 (com-socket.c:956): 0x8060180 14:01:56 < 4679> ll_read Srv-Ctrl 4=10.1.1.1: 45 bytes 14:01:56 < 4679> client-loop ... 14:01:56 < 4679> free 0x8060180 (com-socket.c:538) 14:01:56 < 4679> gets Srv-Ctrl 4=10.1.1.1: 43 bytes '550 /pub/swisseph/my_doc: not a plain file.' 14:01:56 < 4679> from Server-PI (4): '550 /pub/swisseph/my_doc: not a plain file.' 14:01:56 < 4679> printf Cli-Ctrl 0=192.53.104.46: 45 bytes '550 /pub/swisseph/my_doc: not a plain file.'
The ftp-server refuses to get MDTM of a link.
14:01:57 < 4679> gets Cli-Ctrl 0=192.53.104.46: 25 bytes 'RETR /pub/swisseph/my_doc' 14:01:57 < 4679> from User-PI (0): cmd='RETR' arg='/pub/swisseph/my_doc' 14:01:57 < 4679> USER-INF 'RETR /pub/swisseph/my_doc' from 192.53.104.46 14:01:57 < 4679> printf Srv-Ctrl 4=10.1.1.1: 6 bytes 'PASV' 14:01:57 < 4679> alloc 30 (com-socket.c:688): 0x8060180 14:01:57 < 4679> FD_SET Cli-Data for R 14:01:57 < 4679> FD_SET Srv-Ctrl for W 14:01:57 < 4679> FD_SET Srv-Ctrl for R 14:01:57 < 4679> FD_SET Cli-Ctrl for R 14:01:57 < 4679> free 0x8060180 (com-socket.c:1046) 14:01:57 < 4679> ll_write Srv-Ctrl 4=10.1.1.1: 6 bytes 14:01:57 < 4679> client-loop ... 14:01:57 < 4679> FD_SET Cli-Data for R 14:01:57 < 4679> FD_SET Srv-Ctrl for R 14:01:57 < 4679> FD_SET Cli-Ctrl for R 14:01:57 < 4679> alloc 70 (com-socket.c:956): 0x8060180 14:01:57 < 4679> ll_read Srv-Ctrl 4=10.1.1.1: 46 bytes 14:01:57 < 4679> client-loop ... 14:01:57 < 4679> free 0x8060180 (com-socket.c:538) 14:01:57 < 4679> gets Srv-Ctrl 4=10.1.1.1: 44 bytes '227 Entering Passive Mode (10,1,1,1,212,43).' 14:01:57 < 4679> from Server-PI (4): '227 Entering Passive Mode (10,1,1,1,212,43).' 14:01:57 < 4679> alloc 68 (com-socket.c:327): 0x8060180 14:01:57 < 4679> created HLS for 5=10.1.1.1:54315 14:01:57 < 4679> connect: Srv-Data fd=5 14:01:57 < 4679> printf Srv-Ctrl 4=10.1.1.1: 27 bytes 'RETR /pub/swisseph/my_doc' 14:01:57 < 4679> alloc 51 (com-socket.c:688): 0x80601c8 14:01:57 < 4679> TECH-INF 'RETR /pub/swisseph/my_doc' sent for 192.53.104.46 14:01:57 < 4679> FD_SET Srv-Data for R 14:01:57 < 4679> FD_SET Cli-Data for R 14:01:57 < 4679> FD_SET Srv-Ctrl for W 14:01:57 < 4679> FD_SET Srv-Ctrl for R 14:01:57 < 4679> FD_SET Cli-Ctrl for R 14:01:57 < 4679> free 0x80601c8 (com-socket.c:1046) 14:01:57 < 4679> ll_write Srv-Ctrl 4=10.1.1.1: 27 bytes 14:01:57 < 4679> client-loop ... 14:01:57 < 4679> FD_SET Srv-Data for R 14:01:57 < 4679> FD_SET Cli-Data for R 14:01:57 < 4679> FD_SET Srv-Ctrl for R 14:01:57 < 4679> FD_SET Cli-Ctrl for R 14:01:57 < 4679> alloc 70 (com-socket.c:956): 0x80601c8 14:01:57 < 4679> ll_read Srv-Ctrl 4=10.1.1.1: 46 bytes 14:01:57 < 4679> client-loop ... 14:01:57 < 4679> free 0x80601c8 (com-socket.c:538) 14:01:57 < 4679> gets Srv-Ctrl 4=10.1.1.1: 44 bytes '550 /pub/swisseph/my_doc: Not a regular file' 14:01:57 < 4679> from Server-PI (4): '550 /pub/swisseph/my_doc: Not a regular file' 14:01:57 < 4679> printf Cli-Ctrl 0=192.53.104.46: 46 bytes '550 /pub/swisseph/my_doc: Not a regular file'
and here the ftp-server refuses to RETR a link. what has this to do with the proxy? is is a ftp-server issue.
14:01:57 < 4679> gets Cli-Ctrl 0=192.53.104.46: 4 bytes 'LIST' 14:01:57 < 4679> from User-PI (0): cmd='LIST' arg='' 14:01:57 < 4679> USER-INF 'LIST' from 192.53.104.46 14:01:57 < 4679> printf Srv-Ctrl 4=10.1.1.1: 6 bytes 'PASV' 14:01:57 < 4679> alloc 30 (com-socket.c:688): 0x80601c8 14:01:57 < 4679> FD_SET Srv-Data for R 14:01:57 < 4679> FD_SET Cli-Data for R 14:01:57 < 4679> FD_SET Srv-Ctrl for W 14:01:57 < 4679> FD_SET Srv-Ctrl for R 14:01:57 < 4679> FD_SET Cli-Ctrl for R 14:01:57 < 4679> free 0x80601c8 (com-socket.c:1046) 14:01:57 < 4679> ll_write Srv-Ctrl 4=10.1.1.1: 6 bytes 14:01:57 < 4679> client-loop ... 14:01:57 < 4679> FD_SET Srv-Data for R 14:01:57 < 4679> FD_SET Cli-Data for R 14:01:57 < 4679> FD_SET Srv-Ctrl for R 14:01:57 < 4679> FD_SET Cli-Ctrl for R 14:01:57 < 4679> closed: Srv-Data -1=10.1.1.1 14:01:57 < 4679> client-loop ... 14:01:57 < 4679> about to destroy Srv-Data 14:01:57 < 4679> deleting HLS Srv-Data -1=10.1.1.1:54315 14:01:57 < 4679> free 0x8060180 (com-socket.c:473) 14:01:57 < 4679> FD_CLR Cli-Data 14:01:57 < 4679> client-loop ... 14:01:57 < 4679> about to destroy Cli-Data 14:01:57 < 4679> USER-INF Transfer for 192.53.104.46: LIST '' 1 sec 14:01:57 < 4679> deleting HLS Cli-Data -1=192.53.104.46:4421 14:01:57 < 4679> free 0x805f770 (com-socket.c:473) 14:01:57 < 4679> FD_SET Srv-Ctrl for R 14:01:57 < 4679> FD_SET Cli-Ctrl for R 14:01:57 < 4679> alloc 70 (com-socket.c:956): 0x805f770 14:01:57 < 4679> ll_read Srv-Ctrl 4=10.1.1.1: 46 bytes 14:01:57 < 4679> client-loop ... 14:01:57 < 4679> free 0x805f770 (com-socket.c:538) 14:01:57 < 4679> gets Srv-Ctrl 4=10.1.1.1: 44 bytes '227 Entering Passive Mode (10,1,1,1,212,44).' 14:01:57 < 4679> from Server-PI (4): '227 Entering Passive Mode (10,1,1,1,212,44).' 14:01:57 < 4679> alloc 68 (com-socket.c:327): 0x805f770 14:01:57 < 4679> created HLS for 5=10.1.1.1:54316 **** here comes the bug 14:01:57 < 4679> connect: Srv-Data fd=5 14:01:57 < 4679> try to con-bind Cli-Data to 195.49.62.59:20 14:01:57 < 4679> TECH-ERR can't connect Cli-Data for 192.53.104.46 (errno=113 [No route to host]) 14:01:57 < 4679> printf Cli-Ctrl 0=192.53.104.46: 33 bytes '425 Can't open data connection.'
this is same as in the other mail - do not use transparent
proxying or update to 1.7tp7 and set Listen IP.
the problem in transparent mode is, getsockname returns the IP
of the ftp-server the client wantet to connect to instead of
the IP of the proxy and if no Listen is set, the proxy uses
this IP to bind the socket to before it connects the client.
in simply words, the proxy is spoofing the client.
Kind regards,
Marius Tomaschewski
On Thu, 21 Jun 2001, Marius Tomaschewski wrote: Hi Marius
Symptom: accessing a directory which is a symbolic link to another directory on the ftp server fails.
This happens only with the Netscape client; ncftp in passive mode works. It happens only with ftp-proxy in between the server and the client; when I access an identically configured proftpd server on another machine, there is no problem.
The Netscape client does this access in a complicated way, when one clicks on the name of the directory: CMD=SIZE reply: 550 not a regular file CMD=MDTM reply: 550 not a plain file CMD=RETR reply: 550 not a regular file CMD=CWD reply: 250 successful CMD=LIST here the ftp-proxy tries to open a port 20 connection to client
14:01:57 < 4679> gets Srv-Ctrl 4=10.1.1.1: 44 bytes '550 /pub/swisseph/my_doc: Not a regular file' 14:01:57 < 4679> from Server-PI (4): '550 /pub/swisseph/my_doc: Not a regular file' 14:01:57 < 4679> printf Cli-Ctrl 0=192.53.104.46: 46 bytes '550 /pub/swisseph/my_doc: Not a regular file'
and here the ftp-server refuses to RETR a link.
I do not see what sould be wrong about that. the "file" is a symbolic link to a directory, it is not a sybolic link to a regular file. In the ftp protocol, I don't think you can RETR a directory, you can only LIST it or CWD into it.
what has this to do with the proxy? is is a ftp-server issue.
I do not see what there is supposed to be a server issue. The client reacts perfectly correct, after this failed RETR it does a CWD and then a LIST (because Netscape ftp client lists a directory when you click on it). I have updated ftp-proxy to 1.7p7 but the problem is exactly the same. Only with Netscape client, as I said. With Konqueror or IE (set to passive mode, because otherwise I would not get through my firewall) it works, with ncftp anyway. I would appreciate it if you could continue to patiently help me understand and solve this problem, as oetherwise I would have to remove ftp-proxy again. Best regards Alois my ftp-prox.conf: [-Global-] DestinationAddress w1 Listen 195.49.62.59 LogDestination /var/log/ftp-proxy.log MaxClients 64 MaxClientsString The maximum number of ftp users is reached PassiveMinDataPort 41000 PassiveMaxDataPort 41999 PortResetsPasv yes ServerType standalone TimeOut 300 WelcomeString Welcome to Astrodienst the log file: 19:36:46 <12841> accepted 5=192.53.104.46 wanting to go to 195.49.62.59 19:36:46 <12841> client pid=12846 (192.53.104.46) added 19:36:46 <12846> {{{{{ ftp-child client-fork 19:36:46 <12846> created HLS for 0=192.53.104.46:4599 19:36:46 <12846> USER-INF connect from 192.53.104.46 19:36:46 <12846> printf Cli-Ctrl 0=192.53.104.46: 29 bytes '220 Welcome to Astrodienst.' 19:36:46 <12846> gets Cli-Ctrl 0=192.53.104.46: 14 bytes 'USER anonymous' 19:36:46 <12846> from User-PI (0): cmd='USER' arg='anonymous' 19:36:46 <12846> allowed: '(all)' 19:36:46 <12846> USER-INF 'USER anonymous' from 192.53.104.46 19:36:46 <12846> USER-INF reading data for 'anonymous' from cfg-file 19:36:46 <12846> DestAddr for 192.53.104.46: '10.1.1.1' 19:36:46 <12846> DestPort for 192.53.104.46: 21 19:36:46 <12846> DestMode for 192.53.104.46: client 19:36:46 <12846> DestRange for 192.53.104.46: 0-0 19:36:46 <12846> ActiveRange for 192.53.104.46: 20-20 19:36:46 <12846> PassiveRange for 192.53.104.46: 41000-41999 19:36:46 <12846> SameAddress for 192.53.104.46: yes 19:36:46 <12846> TimeOut for 192.53.104.46: 300 19:36:46 <12846> allowed: '(all)' 19:36:46 <12846> created HLS for 4=10.1.1.1:21 19:36:46 <12846> Srv-Ctrl is 10.1.1.1:21 19:36:46 <12846> gets Srv-Ctrl 4=10.1.1.1: 42 bytes '220 ProFTPD 1.2.2rc2 Server (ProFTPD) [w1]' 19:36:46 <12846> from Server-PI (4): '220 ProFTPD 1.2.2rc2 Server (ProFTPD) [w1]' 19:36:46 <12846> printf Srv-Ctrl 4=10.1.1.1: 16 bytes 'USER anonymous' 19:36:46 <12846> gets Srv-Ctrl 4=10.1.1.1: 74 bytes '331 Anonymous login ok, send your complete email address as your password.' 19:36:46 <12846> from Server-PI (4): '331 Anonymous login ok, send your complete email address as your password.' 19:36:46 <12846> printf Cli-Ctrl 0=192.53.104.46: 76 bytes '331 Anonymous login ok, send your complete email address as your password.' 19:36:46 <12846> gets Cli-Ctrl 0=192.53.104.46: 13 bytes 'PASS mozilla@' 19:36:46 <12846> from User-PI (0): cmd='PASS' arg='mozilla@' 19:36:46 <12846> printf Srv-Ctrl 4=10.1.1.1: 15 bytes 'PASS mozilla@' 19:36:46 <12846> USER-INF 'PASS XXXX' from 192.53.104.46 19:36:46 <12846> gets Srv-Ctrl 4=10.1.1.1: 49 bytes '230 Anonymous access granted, restrictions apply.' 19:36:46 <12846> from Server-PI (4): '230 Anonymous access granted, restrictions apply.' 19:36:46 <12846> printf Cli-Ctrl 0=192.53.104.46: 51 bytes '230 Anonymous access granted, restrictions apply.' 19:36:46 <12846> gets Cli-Ctrl 0=192.53.104.46: 6 bytes 'REST 0' 19:36:46 <12846> from User-PI (0): cmd='REST' arg='0' 19:36:46 <12846> printf Srv-Ctrl 4=10.1.1.1: 8 bytes 'REST 0' 19:36:46 <12846> USER-INF 'REST 0' from 192.53.104.46 19:36:46 <12846> gets Srv-Ctrl 4=10.1.1.1: 65 bytes '350 Restarting at 0. Send STORE or RETRIEVE to initiate transfer.' 19:36:46 <12846> from Server-PI (4): '350 Restarting at 0. Send STORE or RETRIEVE to initiate transfer.' 19:36:46 <12846> printf Cli-Ctrl 0=192.53.104.46: 67 bytes '350 Restarting at 0. Send STORE or RETRIEVE to initiate transfer.' 19:36:46 <12846> gets Cli-Ctrl 0=192.53.104.46: 4 bytes 'SYST' 19:36:46 <12846> from User-PI (0): cmd='SYST' arg='' 19:36:46 <12846> printf Srv-Ctrl 4=10.1.1.1: 6 bytes 'SYST' 19:36:46 <12846> USER-INF 'SYST' from 192.53.104.46 19:36:46 <12846> gets Srv-Ctrl 4=10.1.1.1: 17 bytes '215 UNIX Type: L8' 19:36:46 <12846> from Server-PI (4): '215 UNIX Type: L8' 19:36:46 <12846> printf Cli-Ctrl 0=192.53.104.46: 19 bytes '215 UNIX Type: L8' 19:36:46 <12846> gets Cli-Ctrl 0=192.53.104.46: 4 bytes 'PASV' 19:36:46 <12846> from User-PI (0): cmd='PASV' arg='' 19:36:46 <12846> bind 195.49.62.59:41000 result: 0, status: Success 19:36:46 <12846> bind succeeded,port: 41000, result: 0 19:36:46 <12846> bound socket to port 41000 19:36:46 <12846> created HLS for -1=:0 19:36:46 <12846> listen: Cli-Data (fd=5) 195.49.62.59:41000 19:36:46 <12846> printf Cli-Ctrl 0=192.53.104.46: 50 bytes '227 Entering Passive Mode (195,49,62,59,160,40).' 19:36:46 <12846> USER-INF PASV set to 195.49.62.59:41000 for 192.53.104.46 19:36:46 <12846> accept Cli-Data (6) from 192.53.104.46 19:36:46 <12846> gets Cli-Ctrl 0=192.53.104.46: 6 bytes 'TYPE I' 19:36:46 <12846> from User-PI (0): cmd='TYPE' arg='I' 19:36:46 <12846> printf Srv-Ctrl 4=10.1.1.1: 8 bytes 'TYPE I' 19:36:46 <12846> USER-INF 'TYPE I' from 192.53.104.46 19:36:46 <12846> gets Srv-Ctrl 4=10.1.1.1: 18 bytes '200 Type set to I.' 19:36:46 <12846> from Server-PI (4): '200 Type set to I.' 19:36:46 <12846> printf Cli-Ctrl 0=192.53.104.46: 20 bytes '200 Type set to I.' 19:36:46 <12846> gets Cli-Ctrl 0=192.53.104.46: 25 bytes 'SIZE /pub/swisseph/my_doc' 19:36:46 <12846> from User-PI (0): cmd='SIZE' arg='/pub/swisseph/my_doc' 19:36:46 <12846> printf Srv-Ctrl 4=10.1.1.1: 27 bytes 'SIZE /pub/swisseph/my_doc' 19:36:46 <12846> USER-INF 'SIZE /pub/swisseph/my_doc' from 192.53.104.46 19:36:46 <12846> gets Srv-Ctrl 4=10.1.1.1: 45 bytes '550 /pub/swisseph/my_doc: not a regular file.' 19:36:46 <12846> from Server-PI (4): '550 /pub/swisseph/my_doc: not a regular file.' 19:36:46 <12846> printf Cli-Ctrl 0=192.53.104.46: 47 bytes '550 /pub/swisseph/my_doc: not a regular file.' 19:36:46 <12846> gets Cli-Ctrl 0=192.53.104.46: 25 bytes 'MDTM /pub/swisseph/my_doc' 19:36:46 <12846> from User-PI (0): cmd='MDTM' arg='/pub/swisseph/my_doc' 19:36:46 <12846> printf Srv-Ctrl 4=10.1.1.1: 27 bytes 'MDTM /pub/swisseph/my_doc' 19:36:46 <12846> USER-INF 'MDTM /pub/swisseph/my_doc' from 192.53.104.46 19:36:46 <12846> gets Srv-Ctrl 4=10.1.1.1: 43 bytes '550 /pub/swisseph/my_doc: not a plain file.' 19:36:46 <12846> from Server-PI (4): '550 /pub/swisseph/my_doc: not a plain file.' 19:36:46 <12846> printf Cli-Ctrl 0=192.53.104.46: 45 bytes '550 /pub/swisseph/my_doc: not a plain file.' 19:36:46 <12846> gets Cli-Ctrl 0=192.53.104.46: 25 bytes 'RETR /pub/swisseph/my_doc' 19:36:46 <12846> from User-PI (0): cmd='RETR' arg='/pub/swisseph/my_doc' 19:36:46 <12846> USER-INF 'RETR /pub/swisseph/my_doc' from 192.53.104.46 19:36:46 <12846> printf Srv-Ctrl 4=10.1.1.1: 6 bytes 'PASV' 19:36:46 <12846> gets Srv-Ctrl 4=10.1.1.1: 44 bytes '227 Entering Passive Mode (10,1,1,1,233,23).' 19:36:46 <12846> from Server-PI (4): '227 Entering Passive Mode (10,1,1,1,233,23).' 19:36:46 <12846> created HLS for 5=10.1.1.1:59671 19:36:46 <12846> connect: Srv-Data fd=5 19:36:46 <12846> printf Srv-Ctrl 4=10.1.1.1: 27 bytes 'RETR /pub/swisseph/my_doc' 19:36:46 <12846> TECH-INF 'RETR /pub/swisseph/my_doc' sent for 192.53.104.46 19:36:46 <12846> gets Srv-Ctrl 4=10.1.1.1: 44 bytes '550 /pub/swisseph/my_doc: Not a regular file' 19:36:46 <12846> from Server-PI (4): '550 /pub/swisseph/my_doc: Not a regular file' 19:36:46 <12846> printf Cli-Ctrl 0=192.53.104.46: 46 bytes '550 /pub/swisseph/my_doc: Not a regular file' 19:36:46 <12846> gets Cli-Ctrl 0=192.53.104.46: 24 bytes 'CWD /pub/swisseph/my_doc' 19:36:46 <12846> from User-PI (0): cmd='CWD' arg='/pub/swisseph/my_doc' 19:36:46 <12846> printf Srv-Ctrl 4=10.1.1.1: 26 bytes 'CWD /pub/swisseph/my_doc' 19:36:46 <12846> USER-INF 'CWD /pub/swisseph/my_doc' from 192.53.104.46 19:36:46 <12846> gets Srv-Ctrl 4=10.1.1.1: 27 bytes '250 CWD command successful.' 19:36:46 <12846> from Server-PI (4): '250 CWD command successful.' 19:36:46 <12846> printf Cli-Ctrl 0=192.53.104.46: 29 bytes '250 CWD command successful.' 19:36:46 <12846> gets Cli-Ctrl 0=192.53.104.46: 4 bytes 'LIST' 19:36:46 <12846> from User-PI (0): cmd='LIST' arg='' 19:36:46 <12846> USER-INF 'LIST' from 192.53.104.46 19:36:46 <12846> bind 10.1.1.254:0 result: 0, status: Success 19:36:46 <12846> bind succeeded,port: 0, result: 0 19:36:46 <12846> bound socket to port 3774 19:36:46 <12846> created HLS for -1=:0 19:36:46 <12846> listen: Srv-Data (fd=9) 10.1.1.254:3774 19:36:46 <12846> printf Srv-Ctrl 4=10.1.1.1: 24 bytes 'PORT 10,1,1,254,14,190' 19:36:46 <12846> TECH-INF 'PORT 10.1.1.254:3774' for 192.53.104.46 19:36:46 <12846> closed: Srv-Data -1=10.1.1.1 19:36:46 <12846> gets Srv-Ctrl 4=10.1.1.1: 28 bytes '200 PORT command successful.' 19:36:46 <12846> from Server-PI (4): '200 PORT command successful.' 19:36:46 <12846> Cli-Data: about to bind to 195.49.62.59:range(20-20) 19:36:46 <12846> bind 195.49.62.59:20 result: 0, status: Success 19:36:46 <12846> bind succeeded,port: 20, result: 0 19:36:46 <12846> bound socket to port 20 19:36:55 <12846> Cli-Data: connect failed with 'No route to host' 19:36:55 <12846> TECH-ERR can't connect Cli-Data for 192.53.104.46 (errno=113 [No route to host]) 19:36:55 <12846> printf Cli-Ctrl 0=192.53.104.46: 33 bytes '425 Can't open data connection.' 19:36:55 <12846> closed: Cli-Data -1=192.53.104.46 19:36:55 <12846> USER-INF Transfer for 192.53.104.46: '' 1 sec 19:36:55 <12846> deleting HLS Cli-Data -1=192.53.104.46:4600 19:36:55 <12846> deleting HLS Srv-Data -1=:0 19:36:55 <12846> closed: Cli-Ctrl -1=192.53.104.46 19:36:55 <12846> }}}}} ftp-child client-exit 19:36:55 <12846> deleting HLS Srv-Data -1=10.1.1.1:59671 19:36:55 <12846> deleting HLS Srv-Ctrl 4=10.1.1.1:21 19:36:55 <12846> deleting HLS Cli-Ctrl -1=192.53.104.46:4599 19:36:55 <12846> ------------- ftp-child exiting ------------- 19:36:55 <12841> client pid=12846 (192.53.104.46) gone
participants (2)
-
Alois Treindl -
Marius Tomaschewski