Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 25 Nov 2004 15:28:41 -0500
From:      Karim Fodil-Lemelin <kfl@xiphos.ca>
To:        freebsd-net@freebsd.org
Subject:   ipl ftp proxy bugfix
Message-ID:  <41A64079.8040201@xiphos.ca>
next in thread | raw e-mail | index | archive | help 
This is a multi-part message in MIME format.
--------------000402070104040603050701
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit

Hi all,

    I have been experiencing problems reaching some ftp servers in 
active mode through the ftp proxy in the ipl module. Although some ftp 
servers would work without problems (ex: ftp.freebsd.org). Here is how 
you can reproduce the current problem:

/etc/ipnat.rules
map sis2 192.168.0.0/16 -> 0/32 proxy port ftp ftp/tcp
map sis2 192.168.0.0/16 -> 0/32

ftp to a site where the welcome message/banner (220) is larger then 80 
bytes (FTP_BUFSZ/2).

ftp> passive
Passive mode off
ftp> ls
500 Illegal PORT command.

The problem is that the ftp proxy entry gets deleted when 
ftp_server_valid() tries to get the 220 command due to the lack of \n in 
the buffer (striped by len = MIN(mlen, FTP_BUFSZ / 2); in ip_ftp_pxy.c). 
I have attached the solution.

Regards,

-- 
Karim Fodil-Lemelin
Lead Programmer

Xiphos Technologies Inc.
www.xiplink.com


--------------000402070104040603050701
Content-Type: text/plain;
 name="ipl.patch"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline;
 filename="ipl.patch"

Index: ip_ftp_pxy.c
===================================================================
RCS file: /usr/xiphos/cvsroot/scps/OS_port/FreeBSD/dev/sys_49/contrib/ipfilter/netinet/ip_ftp_pxy.c,v
retrieving revision 1.1
diff -u -r1.1 ip_ftp_pxy.c
--- ip_ftp_pxy.c	30 Aug 2004 20:48:14 -0000	1.1
+++ ip_ftp_pxy.c	25 Nov 2004 20:03:34 -0000
@@ -818,11 +818,9 @@
 	}
 
 	for (; i; i--) {
-		c = *s++;
-		if (c == '\n') {
-			ftps->ftps_cmds = cmd;
-			return 0;
-		}
+		c = *s++;	    
+		ftps->ftps_cmds = cmd;
+		return 0;
 	}
 #if !defined(_KERNEL) && !defined(KERNEL)
 	fprintf(stdout, "ippr_ftp_server_valid:junk after cmd[%s]\n", buf);

--------------000402070104040603050701--

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?41A64079.8040201>