Home | Content | Search | Navigation | Indexes
 

Mailinglist Archive: proxy-suite (18 mails)

< Previous Next >
Re: [proxy-suite] Proxy-suite and transparent proxying on FreeBSD not working
  • From: Henrik Holmstam <turbo@xxxxxxxxxxxx>
  • Date: Fri, 30 Aug 2002 21:02:17 +0000 (UTC)
  • Message-id: <20020830225444.H11774-200000@xxxxxxxxxxxxxxxxxx>


On Fri, 30 Aug 2002, Marius Tomaschewski wrote:

> On Mon, Aug 26, 2002 at 11:04:23PM +0200, Henrik Holmstam wrote:
> > Hello all,
>
> Hi!
>
> It has worked fine on 4.4-release... I'm going to test / fix
> some stuff reported last time - perhaps I find also time to
> update FreeBSD on my test box and take a look on it as well...
>
> Have you compiled the proxy on a 4.6-STABLE as well?

Yes..

> There was some natlook ioctl number differences between
> ipfilter releases...
> You may use strace (or ptrace or trace or truss) to trace
> what fails. Or you can compile a debug version and take
> a look to /tmp/ftp-proxy.debug.
>

I compiled with --enable-debug and tried, have attached the
ftp-proxy.debug. Feel free to take a look if you have the time.

> If you are running it in a chroot, you need /dev/ipnat
> in the chroot as well.
>
> <offtopic>
> Take a look on the rc.script.in init script - it is
> SuSE like (needs /etc/rc.status), but it is easy to
> adopt it to work with FreeBSD and OpenBSD...
> Sould work, if you have a /etc/rc.status :-)
> </offtopic>
>
> > I'm having trouble getting transparent proxying working on my FreeBSD
> > 4.6-STABLE machine. Non-transparent works fine with MagicChar.
> >
> > I'm using IPFilter v3.4.27 to redirect the packets.
> >
> > ipnat.rules:
> >
> > rdr rl0 0.0.0.0/0 port 21 -> 192.168.1.1 port 2121
> >
> > (rl0 is int interface)
> >
> > ftp-proxy.conf:
> >
> > [-Global-]
> > AllowMagicUser yes
> > AllowTransProxy yes
> > DestinationTransferMode passive
> > Listen 192.168.1.1
> > LogDestination /var/log/proxy-suite/ftp-proxy.log
> > LogLevel DBG
> > Port 2121
> > ServerType standalone
> > UseMagicChar %
> >
> > turbo@sebulba:~$ ftp ftp.sunet.se
> > Connected to ftp.sunet.se.
> > 220 darkwing.home.lan FTP server (Version 1.9 - 2002/05/02 15:14:55) ready.
> > Name (ftp.sunet.se:turbo): anonymous
> > 501 Unknown destination address.
> > ftp: Login failed.
> >
> > log:
> >
> > ftp-child [22788] <08/26-22:57:02> USER-INF connect from 192.168.1.15
> > ftp-child [22788] <08/26-22:57:05> TECH-DBG no transparent proxy destination found
> > ftp-child [22788] <08/26-22:57:05> USER-ERR unknown destination address
> > ftp-child [22788] <08/26-22:57:05> USER-WRN 'SYST' without login from 192.168.1.15
> >
> > If I specify DestinationAddress to some server, it connects fine, so
> > somehow it has trouble detecting the Destination when using normal
> > transparent proxying.
> >
> > I would really like to get this working, so if anyone have any suggestions
> > I would be thankful.
> >
> > Regards,
> > Henrik Holmstam
> >
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: proxy-suite-unsubscribe@xxxxxxxx
> > For additional commands, e-mail: proxy-suite-help@xxxxxxxx
>
> Gruesse,
> Marius Tomaschewski <mt@xxxxxxx>
> --
> SuSE Linux AG, Nürnberg - SuSE Labs, Product Developement
> PGP public key available: http://www.suse.de/~mt/mt.pgp
> Fprint: EA 1F 92 75 1A F9 82 07 A1 28 DE 7A 32 E8 97 18
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: proxy-suite-unsubscribe@xxxxxxxx
> For additional commands, e-mail: proxy-suite-help@xxxxxxxx
>
>

Regards,
Henrik Holmstam
22:48:29 <47225> server signal 15
22:48:29 <47225> }}}}} ftp-proxy daemon-exit
22:48:29 <47225> free 0x8067040 (com-syslog.c:657)
22:48:29 <47225> config_cleanup
22:48:29 <47225> free 0x8064050 (com-config.c:124)
22:48:29 <47225> free 0x8064060 (com-config.c:126)
22:48:29 <47225> free 0x8064040 (com-config.c:127)
22:48:29 <47225> free 0x8064080 (com-config.c:124)
22:48:29 <47225> free 0x8064090 (com-config.c:126)
22:48:29 <47225> free 0x8064070 (com-config.c:127)
22:48:29 <47225> free 0x8063060 (com-config.c:124)
22:48:29 <47225> free 0x80640b0 (com-config.c:126)
22:48:29 <47225> free 0x80640a0 (com-config.c:127)
22:48:29 <47225> free 0x80640d0 (com-config.c:124)
22:48:29 <47225> free 0x80640e0 (com-config.c:126)
22:48:29 <47225> free 0x80640c0 (com-config.c:127)
22:48:29 <47225> free 0x8064100 (com-config.c:124)
22:48:29 <47225> free 0x8067000 (com-config.c:126)
22:48:29 <47225> free 0x80640f0 (com-config.c:127)
22:48:29 <47225> free 0x8064120 (com-config.c:124)
22:48:29 <47225> free 0x8064130 (com-config.c:126)
22:48:29 <47225> free 0x8064110 (com-config.c:127)
22:48:29 <47225> free 0x8064150 (com-config.c:124)
22:48:29 <47225> free 0x8064160 (com-config.c:126)
22:48:29 <47225> free 0x8064140 (com-config.c:127)
22:48:29 <47225> free 0x8064180 (com-config.c:124)
22:48:29 <47225> free 0x8064190 (com-config.c:126)
22:48:29 <47225> free 0x8064170 (com-config.c:127)
22:48:29 <47225> free 0x80641b0 (com-config.c:124)
22:48:29 <47225> free 0x80641c0 (com-config.c:126)
22:48:29 <47225> free 0x80641a0 (com-config.c:127)
22:48:29 <47225> free 0x8064030 (com-config.c:131)
22:48:29 <47225> ------------- ftp-proxy exiting -------------
22:49:04 <47247> ############# ftp-proxy startup #############
22:49:04 <47247> alloc 12 (com-config.c:268): 0x8064030
22:49:04 <47247> config_line: '[-Global-]'
22:49:04 <47247> config_line: 'AllowMagicUser yes'
22:49:04 <47247> alloc 12 (com-config.c:377): 0x8064040
22:49:04 <47247> alloc 15 (com-config.c:378): 0x8064050
22:49:04 <47247> alloc 4 (com-config.c:379): 0x8064060
22:49:04 <47247> config_line: 'AllowTransProxy yes'
22:49:04 <47247> alloc 12 (com-config.c:377): 0x8064070
22:49:04 <47247> alloc 16 (com-config.c:378): 0x8064080
22:49:04 <47247> alloc 4 (com-config.c:379): 0x8064090
22:49:04 <47247> config_line: 'DestinationTransferMode passive'
22:49:04 <47247> alloc 12 (com-config.c:377): 0x80640a0
22:49:04 <47247> alloc 24 (com-config.c:378): 0x8063060
22:49:04 <47247> alloc 8 (com-config.c:379): 0x80640b0
22:49:04 <47247> config_line: 'Listen 192.168.1.1'
22:49:04 <47247> alloc 12 (com-config.c:377): 0x80640c0
22:49:04 <47247> alloc 7 (com-config.c:378): 0x80640d0
22:49:04 <47247> alloc 12 (com-config.c:379): 0x80640e0
22:49:04 <47247> config_line: 'LogDestination /var/log/proxy-suite/ftp-proxy.log'
22:49:04 <47247> alloc 12 (com-config.c:377): 0x80640f0
22:49:04 <47247> alloc 15 (com-config.c:378): 0x8064100
22:49:04 <47247> alloc 35 (com-config.c:379): 0x8067000
22:49:04 <47247> config_line: 'LogLevel DBG'
22:49:04 <47247> alloc 12 (com-config.c:377): 0x8064110
22:49:04 <47247> alloc 9 (com-config.c:378): 0x8064120
22:49:04 <47247> alloc 4 (com-config.c:379): 0x8064130
22:49:04 <47247> config_line: 'Port 2121'
22:49:04 <47247> alloc 12 (com-config.c:377): 0x8064140
22:49:04 <47247> alloc 5 (com-config.c:378): 0x8064150
22:49:04 <47247> alloc 5 (com-config.c:379): 0x8064160
22:49:04 <47247> config_line: 'ServerType standalone'
22:49:04 <47247> alloc 12 (com-config.c:377): 0x8064170
22:49:04 <47247> alloc 11 (com-config.c:378): 0x8064180
22:49:04 <47247> alloc 11 (com-config.c:379): 0x8064190
22:49:04 <47247> config_line: 'UseMagicChar %'
22:49:04 <47247> alloc 12 (com-config.c:377): 0x80641a0
22:49:04 <47247> alloc 13 (com-config.c:378): 0x80641b0
22:49:04 <47247> alloc 2 (com-config.c:379): 0x80641c0
22:49:04 <47247> TECH-INF Config-File: '/usr/local/etc/proxy-suite/ftp-proxy.conf'
22:49:04 <47247> TECH-INF Config-Section ------ '(-global-)'
22:49:04 <47247> TECH-INF Config: AllowMagicUser = 'yes'
22:49:04 <47247> TECH-INF Config: AllowTransProxy = 'yes'
22:49:04 <47247> TECH-INF Config: DestinationTransferMode = 'passive'
22:49:04 <47247> TECH-INF Config: Listen = '192.168.1.1'
22:49:04 <47247> TECH-INF Config: LogDestination = '/var/log/proxy-suite/ftp-proxy.log'
22:49:04 <47247> TECH-INF Config: LogLevel = 'DBG'
22:49:04 <47247> TECH-INF Config: Port = '2121'
22:49:04 <47247> TECH-INF Config: ServerType = 'standalone'
22:49:04 <47247> TECH-INF Config: UseMagicChar = '%'
22:49:04 <47247> config_str: s='(nil)' n='DestinationAddress' d='(nil)'
22:49:04 <47247> config_bool: s='(nil)' n='AllowTransProxy' d=0
22:49:04 <47247> config_bool: result=1
22:49:04 <47247> config_str: s='(nil)' n='ServerType' d='inetd'
22:49:04 <47247> config_str: result='standalone'
22:49:04 <47247> {{{{{ ftp-proxy daemon-start
22:49:04 <47248> fork: PID 47247 --> 47248
22:49:04 <47248> config_addr: s='(nil)' n='Listen' d='0.0.0.0'
22:49:04 <47248> str2addr: in='192.168.1.1'
22:49:04 <47248> config_addr: result='192.168.1.1'
22:49:04 <47248> config_port: s='(nil)' n='Port' d=21
22:49:04 <47248> config_port: result=2121
22:49:04 <47248> config_int: s='(nil)' n='MaxRecvBufSize' d=0
22:49:04 <47248> about to listen: 192.168.1.1:2121
22:49:04 <47248> config_str: s='(nil)' n='PidFile' d='(nil)'
22:49:04 <47248> config_str: s='(nil)' n='ServerRoot' d='(nil)'
22:49:04 <47248> uid-gid desired: uid=-1 gid=-1
22:49:04 <47248> config_str: s='(nil)' n='Group' d='(nil)'
22:49:04 <47248> config_str: s='(nil)' n='User' d='(nil)'
22:49:04 <47248> uid-gid adopted: uid=0 gid=0
22:49:04 <47248> config_str: s='(nil)' n='LogDestination' d='(nil)'
22:49:04 <47248> config_str: result='/var/log/proxy-suite/ftp-proxy.log'
22:49:04 <47248> config_str: s='(nil)' n='LogLevel' d='(nil)'
22:49:04 <47248> config_str: result='DBG'
22:49:04 <47248> alloc 35 (com-syslog.c:315): 0x8067040
22:49:04 <47248> config_str: s='(nil)' n='ServerRoot' d='/'
22:49:04 <47248> TECH-DBG daemon runs in '/' with uid=0 gid=0
22:49:04 <47247> config_cleanup
22:49:04 <47247> free 0x8064050 (com-config.c:124)
22:49:04 <47247> free 0x8064060 (com-config.c:126)
22:49:04 <47247> free 0x8064040 (com-config.c:127)
22:49:04 <47247> free 0x8064080 (com-config.c:124)
22:49:04 <47247> free 0x8064090 (com-config.c:126)
22:49:04 <47247> free 0x8064070 (com-config.c:127)
22:49:04 <47247> free 0x8063060 (com-config.c:124)
22:49:04 <47247> free 0x80640b0 (com-config.c:126)
22:49:04 <47247> free 0x80640a0 (com-config.c:127)
22:49:04 <47247> free 0x80640d0 (com-config.c:124)
22:49:04 <47247> free 0x80640e0 (com-config.c:126)
22:49:04 <47247> free 0x80640c0 (com-config.c:127)
22:49:04 <47247> free 0x8064100 (com-config.c:124)
22:49:04 <47247> free 0x8067000 (com-config.c:126)
22:49:04 <47247> free 0x80640f0 (com-config.c:127)
22:49:04 <47247> free 0x8064120 (com-config.c:124)
22:49:04 <47247> free 0x8064130 (com-config.c:126)
22:49:04 <47247> free 0x8064110 (com-config.c:127)
22:49:04 <47247> free 0x8064150 (com-config.c:124)
22:49:04 <47247> free 0x8064160 (com-config.c:126)
22:49:04 <47247> free 0x8064140 (com-config.c:127)
22:49:04 <47247> free 0x8064180 (com-config.c:124)
22:49:04 <47247> free 0x8064190 (com-config.c:126)
22:49:04 <47247> free 0x8064170 (com-config.c:127)
22:49:04 <47247> free 0x80641b0 (com-config.c:124)
22:49:04 <47247> free 0x80641c0 (com-config.c:126)
22:49:04 <47247> free 0x80641a0 (com-config.c:127)
22:49:04 <47247> free 0x8064030 (com-config.c:131)
22:49:04 <47247> ------------- ftp-proxy exiting -------------
22:49:18 <47248> accepted 5=192.168.1.15 on 192.168.1.1
22:49:18 <47248> config_bool: s='(nil)' n='TCPWrapper' d=0
22:49:18 <47248> config_int: s='(nil)' n='ForkLimit' d=40
22:49:18 <47248> config_int: s='(nil)' n='MaxClients' d=512
22:49:18 <47248> client pid=47255 (192.168.1.15) added
22:49:18 <47255> {{{{{ ftp-child client-fork
22:49:18 <47255> config_int: s='(nil)' n='TimeOut' d=900
22:49:18 <47255> config_str: s='(nil)' n='DenyMessage' d='(nil)'
22:49:18 <47255> alloc 84 (com-socket.c:401): 0x8068000
22:49:18 <47255> created HLS for 0=192.168.1.15:2428
22:49:18 <47255> USER-INF connect from 192.168.1.15
22:49:18 <47255> config_str: s='(nil)' n='WelcomeString' d='(nil)'
22:49:18 <47255> config_str: s='(nil)' n='WelcomeMessage' d='(nil)'
22:49:18 <47255> printf Cli-Ctrl 0=192.168.1.15: 78 bytes '220 darkwing.home.lan FTP server (Version 1.9 - 2002/05/02 15:14:55) ready.'
22:49:18 <47255> alloc 102 (com-socket.c:791): 0x8068080
22:49:18 <47255> FD_SET Cli-Ctrl for W
22:49:18 <47255> FD_SET Cli-Ctrl for R
22:49:18 <47255> ll_write Cli-Ctrl 0=192.168.1.15: sent 78 bytes
22:49:18 <47255> free 0x8068080 (com-socket.c:1225)
22:49:18 <47255> ll_write Cli-Ctrl 0=192.168.1.15: 78/78 bytes
22:49:18 <47255> client-loop ...
22:49:18 <47255> FD_SET Cli-Ctrl for R
22:49:20 <47255> ll_read: FIONREAD reported 16 bytes for Cli-Ctrl 0=192.168.1.15
22:49:20 <47255> alloc 40 (com-socket.c:1103): 0x8067080
22:49:20 <47255> ll_read Cli-Ctrl 0=192.168.1.15: 16/16 bytes
22:49:20 <47255> client-loop ...
22:49:20 <47255> free 0x8067080 (com-socket.c:636)
22:49:20 <47255> gets Cli-Ctrl 0=192.168.1.15: 14 bytes 'USER anonymous'
22:49:20 <47255> from User-PI (0): cmd='USER' arg='anonymous'
22:49:20 <47255> config_str: s='(nil)' n='ValidCommands' d='(nil)'
22:49:20 <47255> allowed: '(all)'
22:49:20 <47255> config_bool: s='(nil)' n='AllowTransProxy' d=0
22:49:20 <47255> config_bool: result=1
22:49:20 <47255> TECH-DBG no transparent proxy destination found
22:49:20 <47255> config_str: s='(nil)' n='UserAuthType' d='(nil)'
22:49:20 <47255> config_bool: s='(nil)' n='AllowMagicUser' d=0
22:49:20 <47255> config_bool: result=1
22:49:20 <47255> config_str: s='(nil)' n='UseMagicChar' d='@'
22:49:20 <47255> config_str: result='%'
22:49:20 <47255> config_str: s='(nil)' n='DestinationAddress' d='(nil)'
22:49:20 <47255> USER-ERR unknown destination address
22:49:20 <47255> printf Cli-Ctrl 0=192.168.1.15: 34 bytes '501 Unknown destination address.'
22:49:20 <47255> alloc 58 (com-socket.c:791): 0x8067080
22:49:20 <47255> FD_SET Cli-Ctrl for W
22:49:20 <47255> FD_SET Cli-Ctrl for R
22:49:20 <47255> ll_write Cli-Ctrl 0=192.168.1.15: sent 34 bytes
22:49:20 <47255> free 0x8067080 (com-socket.c:1225)
22:49:20 <47255> ll_write Cli-Ctrl 0=192.168.1.15: 34/112 bytes
22:49:20 <47255> client-loop ...
22:49:20 <47255> FD_SET Cli-Ctrl for R
22:49:20 <47255> ll_read: FIONREAD reported 6 bytes for Cli-Ctrl 0=192.168.1.15
22:49:20 <47255> alloc 30 (com-socket.c:1103): 0x80630c0
22:49:20 <47255> ll_read Cli-Ctrl 0=192.168.1.15: 6/22 bytes
22:49:20 <47255> client-loop ...
22:49:20 <47255> free 0x80630c0 (com-socket.c:636)
22:49:20 <47255> gets Cli-Ctrl 0=192.168.1.15: 4 bytes 'SYST'
22:49:20 <47255> from User-PI (0): cmd='SYST' arg=''
22:49:20 <47255> printf Cli-Ctrl 0=192.168.1.15: 20 bytes '530 Not logged in.'
22:49:20 <47255> alloc 44 (com-socket.c:791): 0x8067080
22:49:20 <47255> USER-WRN 'SYST' without login from 192.168.1.15
22:49:20 <47255> FD_SET Cli-Ctrl for W
22:49:20 <47255> FD_SET Cli-Ctrl for R
22:49:20 <47255> ll_write Cli-Ctrl 0=192.168.1.15: sent 20 bytes
22:49:20 <47255> free 0x8067080 (com-socket.c:1225)
22:49:20 <47255> ll_write Cli-Ctrl 0=192.168.1.15: 20/132 bytes
22:49:20 <47255> client-loop ...
22:49:20 <47255> FD_SET Cli-Ctrl for R
22:49:24 <47255> ll_read: FIONREAD reported 6 bytes for Cli-Ctrl 0=192.168.1.15
22:49:24 <47255> alloc 30 (com-socket.c:1103): 0x80630c0
22:49:24 <47255> ll_read Cli-Ctrl 0=192.168.1.15: 6/28 bytes
22:49:24 <47255> client-loop ...
22:49:24 <47255> free 0x80630c0 (com-socket.c:636)
22:49:24 <47255> gets Cli-Ctrl 0=192.168.1.15: 4 bytes 'QUIT'
22:49:24 <47255> from User-PI (0): cmd='QUIT' arg=''
22:49:24 <47255> printf Cli-Ctrl 0=192.168.1.15: 14 bytes '221 Goodbye.'
22:49:24 <47255> alloc 38 (com-socket.c:791): 0x8067080
22:49:24 <47255> USER-INF 'QUIT' from 192.168.1.15
22:49:24 <47255> FD_SET Cli-Ctrl for W
22:49:24 <47255> FD_SET Cli-Ctrl for R
22:49:24 <47255> ll_write Cli-Ctrl 0=192.168.1.15: sent 14 bytes
22:49:24 <47255> free 0x8067080 (com-socket.c:1225)
22:49:24 <47255> ll_write Cli-Ctrl 0=192.168.1.15: 14/146 bytes
22:49:24 <47255> client-loop ...
22:49:24 <47255> USER-INF closing connect from 192.168.1.15 after 6 secs - read 0/0, sent 0/0 byte/sec
22:49:24 <47255> }}}}} ftp-child client-exit
22:49:24 <47255> free 0x8067040 (com-syslog.c:657)
22:49:24 <47255> deleting HLS Cli-Ctrl -1=192.168.1.15:2428
22:49:24 <47255> free 0x8068000 (com-socket.c:552)
22:49:24 <47255> config_cleanup
22:49:24 <47255> free 0x8064050 (com-config.c:124)
22:49:24 <47255> free 0x8064060 (com-config.c:126)
22:49:24 <47255> free 0x8064040 (com-config.c:127)
22:49:24 <47255> free 0x8064080 (com-config.c:124)
22:49:24 <47255> free 0x8064090 (com-config.c:126)
22:49:24 <47255> free 0x8064070 (com-config.c:127)
22:49:24 <47255> free 0x8063060 (com-config.c:124)
22:49:24 <47255> free 0x80640b0 (com-config.c:126)
22:49:24 <47255> free 0x80640a0 (com-config.c:127)
22:49:24 <47255> free 0x80640d0 (com-config.c:124)
22:49:24 <47255> free 0x80640e0 (com-config.c:126)
22:49:24 <47255> free 0x80640c0 (com-config.c:127)
22:49:24 <47255> free 0x8064100 (com-config.c:124)
22:49:24 <47255> free 0x8067000 (com-config.c:126)
22:49:24 <47255> free 0x80640f0 (com-config.c:127)
22:49:24 <47255> free 0x8064120 (com-config.c:124)
22:49:24 <47255> free 0x8064130 (com-config.c:126)
22:49:24 <47255> free 0x8064110 (com-config.c:127)
22:49:24 <47255> free 0x8064150 (com-config.c:124)
22:49:24 <47255> free 0x8064160 (com-config.c:126)
22:49:24 <47255> free 0x8064140 (com-config.c:127)
22:49:24 <47255> free 0x8064180 (com-config.c:124)
22:49:24 <47255> free 0x8064190 (com-config.c:126)
22:49:24 <47255> free 0x8064170 (com-config.c:127)
22:49:24 <47255> free 0x80641b0 (com-config.c:124)
22:49:24 <47255> free 0x80641c0 (com-config.c:126)
22:49:24 <47255> free 0x80641a0 (com-config.c:127)
22:49:24 <47255> free 0x8064030 (com-config.c:131)
22:49:24 <47255> ------------- ftp-child exiting -------------
22:49:24 <47248> client pid=47255 (192.168.1.15) gone
22:50:24 <47248> select: timeout (1030740624)
22:51:24 <47248> select: timeout (1030740684)
22:52:24 <47248> select: timeout (1030740744)
22:53:24 <47248> select: timeout (1030740804)
22:54:24 <47248> select: timeout (1030740864)
22:55:24 <47248> select: timeout (1030740924)
22:56:24 <47248> select: timeout (1030740984)
22:57:24 <47248> select: timeout (1030741044)
22:58:24 <47248> select: timeout (1030741104)
22:59:24 <47248> select: timeout (1030741164)
23:00:24 <47248> select: timeout (1030741224)
23:01:24 <47248> select: timeout (1030741284)
< Previous Next >
References