https://bugzilla.novell.com/show_bug.cgi?id=779080 https://bugzilla.novell.com/show_bug.cgi?id=779080#c0 Summary: [Proxy-suite] ftp-proxy doesn't work Classification: openSUSE Product: openSUSE 12.1 Version: Final Platform: 64bit OS/Version: openSUSE 12.1 Status: NEW Severity: Major Priority: P5 - None Component: Network AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: paolo.tezza@sys-tema.it QAContact: qa-bugs@suse.de Found By: --- Blocker: --- User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:15.0) Gecko/20100101 Firefox/15.0 Hi all, I've configured ftp-proxy like transparent proxy, and it doesn't work... it keep the FTP packet in local and not forward them to remote FTP server. It doesn't work with Opensuse 12.1 and 12.2 both 32 and 64 bit (same config in debian works) Everythings works well but ftp-proxy I can use the Server to NAT all client to surf the web, but not to proxy FTP connection Here some detailed information: - OpenSuse 12.1 - Proxy-suite Version 1.9.2.4 - little Iptables configuration #!/bin/bash LAN_IF="eth1" WORLD_IF="eth0" BAD_IP="95.242.xx.xx" echo "1" > /proc/sys/net/ipv4/ip_forward /sbin/modprobe ip_conntrack_ftp /sbin/modprobe ip_nat_ftp IPTB=/usr/sbin/iptables $IPTB -F $IPTB -t nat -F $IPTB -t nat -A PREROUTING -p tcp -i $LAN_IF --dport 21 -j REDIRECT --to 21 $IPTB -t nat -A POSTROUTING -o $WORLD_IF -j SNAT --to-source $BAD_IP #EOF - Configuration of ftp-proxy Config-File: '/etc/proxy-suite/ftp-proxy.conf' Config-Section ------ '(-global-)' Config: AllowTransProxy = 'yes' Config: LogDestination = '/var/log/ftp-proxy.log' Config: LogLevel = 'DBG' Config: ServerType = 'standalone' When I try to connect with the client the /var/log/ftp-proxy.log show something like ftp-proxy [6023] <08/17-09:04:34> TECH-DBG daemon runs in '/' with uid=0 gid=0 ftp-child [6026] <08/17-09:04:53> USER-INF connect from 192.168.88.22 ftp-child [6026] <08/17-09:04:53> TECH-DBG socket name address is 192.168.88.60:21 ftp-child [6026] <08/17-09:04:53> TECH-DBG ipchains transparent destination: 192.168.88.60:21 ftp-child [6026] <08/17-09:04:53> TECH-DBG requested transparent destination 192.168.88.60 is local ftp-child [6026] <08/17-09:04:53> USER-ERR unknown destination address ftp-child [6026] <08/17-09:04:53> USER-INF closing connect from 192.168.88.22 after 0 secs - read 0/0, sent 0/0 byte/sec ftp-child [6027] <08/17-09:04:53> USER-INF connect from 192.168.88.22 ftp-child [6027] <08/17-09:04:55> TECH-DBG socket name address is 192.168.88.60:21 ftp-child [6027] <08/17-09:04:55> TECH-DBG ipchains transparent destination: 192.168.88.60:21 ftp-child [6027] <08/17-09:04:55> TECH-DBG requested transparent destination 192.168.88.60 is local ftp-child [6027] <08/17-09:04:55> USER-ERR unknown destination address ftp-child [6027] <08/17-09:04:57> USER-INF closing connect from 192.168.88.22 after 4 secs - read 0/0, sent 0/0 byte/sec ftp-child [6132] <08/17-09:19:28> USER-INF connect from 192.168.88.22 ftp-child [6132] <08/17-09:19:32> TECH-DBG socket name address is 192.168.88.60:21 ftp-child [6132] <08/17-09:19:32> TECH-DBG ipchains transparent destination: 192.168.88.60:21 ftp-child [6132] <08/17-09:19:32> TECH-DBG requested transparent destination 192.168.88.60 is local ftp-child [6132] <08/17-09:19:32> USER-ERR unknown destination address ftp-child [6132] <08/17-09:19:32> USER-WRN 'SYST' without login from 192.168.88.22 ftp-child [6132] <08/17-09:19:36> USER-INF 'QUIT' from 192.168.88.22 ftp-child [6132] <08/17-09:19:36> USER-INF closing connect from 192.168.88.22 after 8 secs - read 0/0, sent 0/0 byte/sec Reproducible: Always Steps to Reproduce: 1.Clean install of OpenSuse 2.Configure repository server:proxy, install proxy-suite 3.set minimal configuration between iptables and ftp-proxy 4.Try to connect from client Actual Results: FTP packets won't be forwarded to external nic (tcpdump and remote server confirm that nothing leave the local proxy server) Expected Results: Let FTP packets go away I tried ftp-proxy, frox and ftp.proxy with the same result. I tried kernel desktop and default (server) with the same result. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.