Hi!
The proxy-suite-1.9.tar.gz archive is avaliable on
ftp://ftp.suse.com/pub/projects/proxy-suite/src/
and its mirror sites, i.e. ftp://ftp.gwdg.de in
/pub/linux/suse/ftp.suse.com/projects/proxy-suite/src/
* 1.9 - released 2002-05-02
-----------------------------------
- implemented user authentication - currently ldap based only
- updated documentation, merged with v1.8.2.2 fixes
Kind regards,
Marius Tomaschewski <mt(a)suse.de>
--
SuSE Linux AG, Nürnberg - SuSE Labs, Product Developement
PGP public key available: http://www.suse.de/~mt/mt.pgp
Fprint: EA 1F 92 75 1A F9 82 07 A1 28 DE 7A 32 E8 97 18
Hi,
I am using proxy-suite-1.7.tp8-6 on SuSE 7.1 kernel 2.2.19 along with
SuSEfirewall version 5.1 with public services www and ftp are
served on a separate network in DMZ with private IP
eth0=192.168.1.0/29 LOCAL network
eth1=REALIP/32
eth2=192.168.2.0/29 DMZ
FW_SERVICES_EXTERNAL_TCP="21 22"
FW_ALLOW_INCOMING_HIGHPORTS_TCP="no"
FW_REDIRECT_TCP="192.168.1.0/29,0/0,21,21"
So far everything works for the outgoing and incoming ftp traffic. It is
only the logs that make me think if there are things I can improve.
The question is how can I make the proxy pass the client ip ( in this
case 217.xxx.xx.xx to vsftp so vsftpd.log will show the proper client ip
not the ip of the firewall box connected to DMZ
proxy-suite is running with choot managed by compartment
Here is the ftp-proxy.conf
[-Global-]
UseMagicChar %
AllowMagicUser yes
AllowTransProxy yes
DestinationAddress 192.168.2.2
DestinationTransferMode passive
LogDestination daemon
MaxClients 32
MaxClientsString The server is full try later
PortResetsPasv yes
ServerType standalone
WelcomeMessage /etc/proxy-suite/ftp-welcome.txt
WelcomeString Have fun
Here is what the ftp-proxy logs
USER-INF connect from 217.xxx.xx.xx
USER-WRN requested transparent proxy dest REALIP is local
USER-INF 'USER anonymous' from 217.xxx.xx.xx
USER-INF reading data for 'anonymous' from cfg-file
USER-INF 'PASS XXXX' from 217.xxx.xx.xx
USER-INF 'mkd /pub/115548309' from 217.xxx.xx.xx
USER-INF 'mkd /incoming/115548309' from 217.xxx.xx.xx
USER-INF 'mkd /_vti_pvt/115548309' from 217.xxx.xx.xx
USER-INF 'mkd /public/115548309' from 217.xxx.xx.xx
USER-INF 'mkd /pub/incoming/115548309' from 217.xxx.xx.xx
USER-INF 'mkd /115548309' from 217.xxx.xx.xx
USER-INF 'mkd /tmp/115548309' from 217.xxx.xx.xx
USER-INF 'mkd /_private/115548309' from 217.xxx.xx.xx
USER-INF 'mkd /cgi-bin/ /115548309' from 217.xxx.xx.xx
USER-INF 'mkd /_vti_cnf/115548309' from 217.xxx.xx.xx
USER-INF 'mkd /_vti_txt/115548309' from 217.xxx.xx.xx
Here is what the vsftpd.log shows
[ftp] OK LOGIN: Client "192.168.2.1", anon password "anonymous"
Thanks in advance
--
Togan Muftuoglu
Unofficial SuSE FAQ Maintainer
http://dinamizm.ath.cx