Date: Thu, 25 Nov 2004 15:28:41 -0500 From: Karim Fodil-Lemelin <kfl@xiphos.ca> To: freebsd-net@freebsd.org Subject: ipl ftp proxy bugfix Message-ID: <41A64079.8040201@xiphos.ca>
next in thread | raw e-mail | index | archive | help
[-- Attachment #1 --]
Hi all,
I have been experiencing problems reaching some ftp servers in
active mode through the ftp proxy in the ipl module. Although some ftp
servers would work without problems (ex: ftp.freebsd.org). Here is how
you can reproduce the current problem:
/etc/ipnat.rules
map sis2 192.168.0.0/16 -> 0/32 proxy port ftp ftp/tcp
map sis2 192.168.0.0/16 -> 0/32
ftp to a site where the welcome message/banner (220) is larger then 80
bytes (FTP_BUFSZ/2).
ftp> passive
Passive mode off
ftp> ls
500 Illegal PORT command.
The problem is that the ftp proxy entry gets deleted when
ftp_server_valid() tries to get the 220 command due to the lack of \n in
the buffer (striped by len = MIN(mlen, FTP_BUFSZ / 2); in ip_ftp_pxy.c).
I have attached the solution.
Regards,
--
Karim Fodil-Lemelin
Lead Programmer
Xiphos Technologies Inc.
www.xiplink.com
[-- Attachment #2 --]
Index: ip_ftp_pxy.c
===================================================================
RCS file: /usr/xiphos/cvsroot/scps/OS_port/FreeBSD/dev/sys_49/contrib/ipfilter/netinet/ip_ftp_pxy.c,v
retrieving revision 1.1
diff -u -r1.1 ip_ftp_pxy.c
--- ip_ftp_pxy.c 30 Aug 2004 20:48:14 -0000 1.1
+++ ip_ftp_pxy.c 25 Nov 2004 20:03:34 -0000
@@ -818,11 +818,9 @@
}
for (; i; i--) {
- c = *s++;
- if (c == '\n') {
- ftps->ftps_cmds = cmd;
- return 0;
- }
+ c = *s++;
+ ftps->ftps_cmds = cmd;
+ return 0;
}
#if !defined(_KERNEL) && !defined(KERNEL)
fprintf(stdout, "ippr_ftp_server_valid:junk after cmd[%s]\n", buf);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?41A64079.8040201>