From owner-freebsd-net@FreeBSD.ORG Thu Nov 25 20:28:45 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A54CB16A4CE for ; Thu, 25 Nov 2004 20:28:45 +0000 (GMT) Received: from mail.net (custpop.ca.mci.com [142.77.1.111]) by mx1.FreeBSD.org (Postfix) with ESMTP id 01FE643D5A for ; Thu, 25 Nov 2004 20:28:45 +0000 (GMT) (envelope-from kfl@xiphos.ca) Received: from [24.200.150.83] (account kfl@xiphos.ca HELO [10.0.0.249]) by mail.net (CommuniGate Pro SMTP 4.2.5) with ESMTP id 29815804 for freebsd-net@freebsd.org; Thu, 25 Nov 2004 15:28:44 -0500 Message-ID: <41A64079.8040201@xiphos.ca> Date: Thu, 25 Nov 2004 15:28:41 -0500 From: Karim Fodil-Lemelin User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7) Gecko/20040514 X-Accept-Language: en-us, en MIME-Version: 1.0 To: freebsd-net@freebsd.org Content-Type: multipart/mixed; boundary="------------000402070104040603050701" Subject: ipl ftp proxy bugfix X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 25 Nov 2004 20:28:45 -0000 This is a multi-part message in MIME format. --------------000402070104040603050701 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Hi all, I have been experiencing problems reaching some ftp servers in active mode through the ftp proxy in the ipl module. Although some ftp servers would work without problems (ex: ftp.freebsd.org). Here is how you can reproduce the current problem: /etc/ipnat.rules map sis2 192.168.0.0/16 -> 0/32 proxy port ftp ftp/tcp map sis2 192.168.0.0/16 -> 0/32 ftp to a site where the welcome message/banner (220) is larger then 80 bytes (FTP_BUFSZ/2). ftp> passive Passive mode off ftp> ls 500 Illegal PORT command. The problem is that the ftp proxy entry gets deleted when ftp_server_valid() tries to get the 220 command due to the lack of \n in the buffer (striped by len = MIN(mlen, FTP_BUFSZ / 2); in ip_ftp_pxy.c). I have attached the solution. Regards, -- Karim Fodil-Lemelin Lead Programmer Xiphos Technologies Inc. www.xiplink.com --------------000402070104040603050701 Content-Type: text/plain; name="ipl.patch" Content-Transfer-Encoding: 7bit Content-Disposition: inline; filename="ipl.patch" Index: ip_ftp_pxy.c =================================================================== RCS file: /usr/xiphos/cvsroot/scps/OS_port/FreeBSD/dev/sys_49/contrib/ipfilter/netinet/ip_ftp_pxy.c,v retrieving revision 1.1 diff -u -r1.1 ip_ftp_pxy.c --- ip_ftp_pxy.c 30 Aug 2004 20:48:14 -0000 1.1 +++ ip_ftp_pxy.c 25 Nov 2004 20:03:34 -0000 @@ -818,11 +818,9 @@ } for (; i; i--) { - c = *s++; - if (c == '\n') { - ftps->ftps_cmds = cmd; - return 0; - } + c = *s++; + ftps->ftps_cmds = cmd; + return 0; } #if !defined(_KERNEL) && !defined(KERNEL) fprintf(stdout, "ippr_ftp_server_valid:junk after cmd[%s]\n", buf); --------------000402070104040603050701--