Date: Thu, 17 Aug 2000 22:20:11 -0700 From: Rudy R <rudybulk@monkeybrains.net> To: freebsd-stable@FreeBSD.ORG Subject: ftpd problems... Message-ID: <399CC78B.A99D84F0@monkeybrains.net>
next in thread | raw e-mail | index | archive | help
Help! I'm been testing all day and am stuck!@#$!
I've been having trouble with FTP. Specifically, I cannot seem to get
ftp to work on a non primary IP on port 20.
(Here is a side question: why does ftpd always reply on the hosts
primary IP? If I start a control connection on
an aliased IP, ftpd (in active mode) trys to connect back to the client
from the hosts primary IP and not the aliased IP.)
I set up inetd to launch ftp from both port 21 and 551:
cybercash stream tcp nowait root /usr/libexec/ftpd ftpd
-l
ftp stream tcp nowait root /usr/libexec/ftpd ftpd
-l
Here is my ifconfig:
ed0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
inet 216.231.58.3 netmask 0xffffff00 broadcast 216.231.58.255
inet 216.231.58.8 netmask 0xffffff00 broadcast 216.231.58.255
I can ftp to 216.231.58.8,551 and 216.231.58.3,20; however, when I ftp
to 216.231.58.8,20 the control channel works fine, but the data channel
does not connect. What follows is my three FTP sessions and a tcpdump
on the client. (both boxes are FreeBSD 4.1):
> ftp -v 216.231.58.7 551
Connected to 216.231.58.7.
220 po.monkeybrains.net FTP server (Version 6.00LS) ready.
Name (216.231.58.7:rudy): test1
331 Password required for test1.
Password:
230 User test1 logged in, access restrictions apply.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> pass
Passive mode off.
ftp> ls
200 PORT command successful.
150 Opening ASCII mode data connection for '/bin/ls'.
total 10
-rw-r--r-- 1 1038 1038 20 Aug 18 03:43 test.txt
226 Transfer complete.
ftp> quit
> ftp -v 216.231.58.7 21
Connected to 216.231.58.7.
220 po.monkeybrains.net FTP server (Version 6.00LS) ready.
Name (216.231.58.7:rudy): test1
331 Password required for test1.
Password:
230 User test1 logged in, access restrictions apply.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> pass
Passive mode off.
ftp> ls
200 PORT command successful.
425 Can't build data connection: Operation timed out.
ftp> close
221 Goodbye.
ftp> exit
> ftp -v 216.231.58.3 21
Connected to 216.231.58.3.
220 po.monkeybrains.net FTP server (Version 6.00LS) ready.
Name (216.231.58.3:rudy): test1
331 Password required for test1.
Password:
230 User test1 logged in, access restrictions apply.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> pass
Passive mode off.
ftp> ls
200 PORT command successful.
150 Opening ASCII mode data connection for '/bin/ls'.
total 10
-rw-r--r-- 1 1038 1038 20 Aug 18 03:43 test.txt
226 Transfer complete.
Here are the tcp dumps for the above 3 sessions (in the same order):
(root@dipsy) 105> tcpdump -n | grep 216.231
tcpdump: listening on fxp0
21:56:06.809819 216.231.57.142.1171 > 216.231.58.7.551: . ack 1528415386
win 17520
21:56:06.873422 216.231.58.7.551 > 216.231.57.142.1171: . ack 1 win
17520 (DF) [tos 0x10]
21:56:18.581157 216.231.57.142.1171 > 216.231.58.7.551: P 1:29(28) ack 1
win 17520 (DF) [tos 0x10]
21:56:18.671255 216.231.58.7.551 > 216.231.57.142.1171: P 1:31(30) ack
29 win 17520 (DF) [tos 0x10]
21:56:18.671788 216.231.57.142.1171 > 216.231.58.7.551: P 29:35(6) ack
31 win 17520 (DF) [tos 0x10]
21:56:18.810416 216.231.58.3.20 > 216.231.57.142.49189: S
1539921608:1539921608(0) win 16384 <mss 1460> (DF) [tos 0x8]
21:56:18.810650 216.231.57.142.49189 > 216.231.58.3.20: S
365894139:365894139(0) ack 1539921609 win 17520 <mss 1460> (DF)
21:56:18.850853 216.231.58.7.551 > 216.231.57.142.1171: . ack 35 win
17520 (DF) [tos 0x10]
21:56:18.886968 216.231.58.3.20 > 216.231.57.142.49189: . ack 1 win
17520 (DF) [tos 0x8]
21:56:18.898075 216.231.58.7.551 > 216.231.57.142.1171: P 31:86(55) ack
35 win 17520 (DF) [tos 0x10]
21:56:18.903209 216.231.58.7.551 > 216.231.57.142.1171: P 86:110(24) ack
35 win 17520 (DF) [tos 0x10]
21:56:18.965020 216.231.58.3.20 > 216.231.57.142.49189: FP 1:542(541)
ack 1 win 17520 (DF) [tos 0x8]
21:56:18.965491 216.231.57.142.49189 > 216.231.58.3.20: . ack 543 win
16979 (DF) [tos 0x8]
21:56:18.968597 216.231.57.142.49189 > 216.231.58.3.20: F 1:1(0) ack 543
win 17520 (DF) [tos 0x8]
21:56:18.999854 216.231.57.142.1171 > 216.231.58.7.551: . ack 110 win
17520 (DF) [tos 0x10]
21:56:19.043574 216.231.58.3.20 > 216.231.57.142.49189: . ack 2 win
17520 (DF) [tos 0x8]
^C
THIS IS THE FAILED FTP
21:57:43.321034 216.231.57.142.1172 > 216.231.58.7.21: P
375941473:375941502(29) ack 1550170715 win 17520 (DF) [tos 0x10]
21:57:43.393709 216.231.58.7.21 > 216.231.57.142.1172: P 1:31(30) ack 29
win 17520 (DF) [tos 0x10]
21:57:43.394261 216.231.57.142.1172 > 216.231.58.7.21: P 29:35(6) ack 31
win 17520 (DF) [tos 0x10]
21:57:43.460894 216.231.58.3.20 > 216.231.57.142.50377: S
1556264452:1556264452(0) win 16384 <mss 1460> (DF) [tos 0x8]
21:57:43.554720 216.231.58.7.21 > 216.231.57.142.1172: . ack 35 win
17520 (DF) [tos 0x10]
21:57:46.454092 216.231.58.3.20 > 216.231.57.142.50377: S
1556264452:1556264452(0) win 16384 <mss 1460> (DF) [tos 0x8]
21:57:52.455372 216.231.58.3.20 > 216.231.57.142.50377: S
1556264452:1556264452(0) win 16384 <mss 1460> (DF) [tos 0x8]
21:58:04.455913 216.231.58.3.20 > 216.231.57.142.50377: S
1556264452:1556264452(0) win 16384 <mss 1460> (DF) [tos 0x8]
21:58:13.551107 216.231.57.142.1172 > 216.231.58.7.21: . ack 31 win
17520
21:58:13.613785 216.231.58.7.21 > 216.231.57.142.1172: . ack 35 win
17520 (DF) [tos 0x10]
21:58:28.457512 216.231.58.3.20 > 216.231.57.142.50377: S
1556264452:1556264452(0) win 16384 <mss 1460> (DF) [tos 0x8]
21:58:43.611446 216.231.57.142.1172 > 216.231.58.7.21: . ack 31 win
17520
21:58:43.673668 216.231.58.7.21 > 216.231.57.142.1172: . ack 35 win
17520 (DF) [tos 0x10]
^C
tcpdump: listening on fxp0
22:03:12.579250 216.231.57.142.1173 > 216.231.58.3.21: P
441061947:441061976(29) ack 1615458157 win 17520 (DF) [tos 0x10]
22:03:12.667789 216.231.58.3.21 > 216.231.57.142.1173: P 1:31(30) ack 29
win 17520 (DF) [tos 0x10]
22:03:12.668348 216.231.57.142.1173 > 216.231.58.3.21: P 29:35(6) ack 31
win 17520 (DF) [tos 0x10]
22:03:12.735537 216.231.58.3.20 > 216.231.57.142.34714: S
1619204024:1619204024(0) win 16384 <mss 1460> (DF) [tos 0x8]
22:03:12.735785 216.231.57.142.34714 > 216.231.58.3.20: S
444497739:444497739(0) ack 1619204025 win 17520 <mss 1460> (DF)
22:03:12.799303 216.231.58.3.20 > 216.231.57.142.34714: . ack 1 win
17520 (DF) [tos 0x8]
22:03:12.809963 216.231.58.3.21 > 216.231.57.142.1173: P 31:86(55) ack
35 win 17520 (DF) [tos 0x10]
22:03:12.815083 216.231.58.3.21 > 216.231.57.142.1173: P 86:110(24) ack
35 win 17520 (DF) [tos 0x10]
22:03:12.877332 216.231.58.3.20 > 216.231.57.142.34714: FP 1:542(541)
ack 1 win 17520 (DF) [tos 0x8]
22:03:12.877792 216.231.57.142.34714 > 216.231.58.3.20: . ack 543 win
16979 (DF) [tos 0x8]
22:03:12.881031 216.231.57.142.34714 > 216.231.58.3.20: F 1:1(0) ack 543
win 17520 (DF) [tos 0x8]
22:03:12.914317 216.231.57.142.1173 > 216.231.58.3.21: . ack 110 win
17520 (DF) [tos 0x10]
22:03:12.945973 216.231.58.3.20 > 216.231.57.142.34714: . ack 2 win
17520 (DF) [tos 0x8]
More info:
yes I am running ipfw, however, all the deny rules are still at zero
after running this test.
Rudy
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?399CC78B.A99D84F0>