Article delegate-en/1856 of [1-5169] on the server localhost:119
  upper oldest olders older1 this newer1 newers latest
search
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]

Newsgroups: mail-lists.delegate-en

[DeleGate-En] ftp no data received
30 Aug 2002 08:33:20 GMT "Brunet, Christophe" <piadqbdyi-bfkmicecio3r.ml@ml.delegate.org>


Hello,


	we have problem with the ftp proxy configured like this : 
/usr/local/bin/delegated -Pproxy:21 SERVER="ftp://ftp-internal:21/"
PERMIT="*:ftp-internal:*" LOGFILE=/logs/delegate/delegateftp.log
	The proxy is on a dmz behind a Checkpoint Firewall, the checkpoint
ftp fix is installed on.

	The problem is that some user can't do a ls, dir or get. They
connect but never get a data connexion
	The difference is the log is that when it works we get
	08/29 18:17:50.76 [6512] 2+0/3: LoginPWD: "/"
	08/29 18:17:50.76 [6512] 2+0/3: set REST 0

	When it doesn't work we get 
	08/29 18:19:52.99 [6513] 3+0/5: LoginPWD: "/"
	08/29 18:19:52.99 [6513] 3+0/5: ftp_conndata: connected
proxy:33861->ftp-internal/ftp-internal:39870 [13]
	08/29 18:19:52.99 [6513] 3+0/5: -- with PASV
	08/29 18:19:52.99 [6513] 3+0/5: PORT [141,94,62,149,147,18] >> 200
PORT command successful [translated to PASV].^M

	It seems that when we get translated to PASV it fails. Whe have
tryed to use the FTPCONF=nopasv or noxdc same problem.
	Is there a way to avoid the translated to PASV.


This is with an ftp client that performed a dir on the ftp (a netscape
browser behind a squid proxy using internet)

08/29 18:17:50.60 [6512] 2+0: -- Fork(OnetimeServer): 6509 -> 6512
08/29 18:17:50.60 [6512] 2+0: (0) accepted [30]
-@[194.196.209.254]merlin.axone.fr:43963 (0.005s)(1)
08/29 18:17:50.60 [6512] 2+0: PATH:
ftp://ftp-internal:21!proxy:21!merlin.axone.fr:43963!anonymous@merlin.ax
one.fr;1030637870
08/29 18:17:50.62 [6512] 2+0: FTP server ftp://ftp-internal:21/
08/29 18:17:50.62 [6512] 2+0: FTPHOPS: 1 [30/30 - -1/-1]
08/29 18:17:50.62 [6512] 2+0: ConnectToServer: DFLT=ftp://ftp-internal:21
REAL=://:0
08/29 18:17:50.62 [6512] 2+0: ConnectToServer connected [9] {ftp-internal:21
<- proxy:33860} [0.002s]
08/29 18:17:50.76 [6512] 2+0/3: LoginPWD: "/"
08/29 18:17:50.76 [6512] 2+0/3: set REST 0
08/29 18:17:50.83 [6512] 2+0/5: FTP-control-remote: proxy:21
08/29 18:17:50.83 [6512] 2+0/5: bind_inet(13,proxy:20) failed: ERRNO=13 (you
are not permitted user)
08/29 18:17:50.83 [6512] 2+0/5: FTP-data-local[13]: proxy:33861
08/29 18:17:50.83 [6512] 2+0/5: ftp_conndata: connected
proxy:33859->ftp-internal/ftp-internal:39856 [17]
08/29 18:17:50.83 [6512] 2+0/5: -- with PASV
08/29 18:17:50.83 [6512] 2+0/5: PASV [proxy,132,69] >> 227 Entering Passive
Mode (proxy,132,69) Dele
Gate[B].^M
08/29 18:17:51.02 [6512] 2+0/10: FTP-CACHE: LIST [] = [][]:0
08/29 18:17:52.03 [6512] 2+0/10: FTP data-relay([17]10000b -> [18]10000b)
7233b / 1/ 0.00s (read-EOF)


This is a ftp user that connected but didn't receive any data (direct to
proxy ) connexion ftp client.

08/29 18:19:27.02 [6513] 3+0: -- Fork(OnetimeServer): 6509 -> 6513
08/29 18:19:27.03 [6513] 3+0: (2) accepted [46]
-@[141.94.62.149]141.94.62.149:37649 (0.003s)(1)
08/29 18:19:27.03 [6513] 3+0: PATH:
ftp://ftp-internal:21!proxy:21!141.94.62.149:37649!anonymous@141.94.62.1
49;1030637967
08/29 18:19:27.05 [6513] 3+0: FTP server ftp://ftp-internal:21/
08/29 18:19:27.05 [6513] 3+0: FTPHOPS: 1 [46/46 - -1/-1]
08/29 18:19:27.05 [6513] 3+0: ConnectToServer: DFLT=ftp://ftp-internal:21
REAL=://:0
08/29 18:19:27.05 [6513] 3+0: ConnectToServer connected [7] {ftp-internal:21
<- proxy:33862} [0.001s]
08/29 18:19:36.42 [6513] 3+0/2: bind_insock(13,proxy,0) = 0, errno=0
08/29 18:19:46.43 [6513] 3+0/2: ## connect[13] TIMEOUT(10000)
08/29 18:19:46.43 [6513] 3+0/2: ### IDENT CONNECT(141.94.62.149:113)
TIMEOUT(10000ms) (110)
08/29 18:19:46.43 [6513] 3+0/2: ## FTP_delayReject.0 PASS [firewall][]
08/29 18:19:46.43 [6513] 3+0/2: ####LS cannot open
/var/spool/delegate-nobody/act/delay/17/141.94.62.149:141.94.62.149

08/29 18:19:46.43 [6513] 3+0/2: doDelay: clear old errors:
count=3,age=172,delay=30
08/29 18:19:52.99 [6513] 3+0/5: LoginPWD: "/"
08/29 18:19:52.99 [6513] 3+0/5: ftp_conndata: connected
proxy:33861->ftp-internal/ftp-internal:39870 [13]
08/29 18:19:52.99 [6513] 3+0/5: -- with PASV
08/29 18:19:52.99 [6513] 3+0/5: PORT [141,94,62,149,147,18] >> 200 PORT
command successful [translated to PASV].^M
08/29 18:19:53.02 [6513] 3+0/6: FTP-CACHE: LIST [] = [][]:0
08/29 18:19:53.02 [6513] 3+0/6: ## ftp-conndata: NOT bound#1 err=13
08/29 18:20:23.02 [6513] 3+0/6: *** CON_TIMEOUT: 30.00/30s ->
141.94.62.149:37650
08/29 18:20:23.02 [6513] 3+0/6: ftp_conndata: connection refused
proxy:33864->141.94.62.149/141.94.62.149:376
50, errno=110
08/29 18:20:23.05 [6513] 3+0/6: disconnected [46]
-@[141.94.62.149]141.94.62.149:37649 (56.023s)(0)




Best Regards
 Christophe BRUNET/AT&T GLOBAL NETWORK
piadqbdyi-bfkmicecio3r.ml@ml.delegate.org
Tel 30 0 00 00 00 0X/ Fax  33 1 43 03 69 43
"This message and any attachments to it contain confidential business
information intended solely for the recipients. If you have received this
email in error please do not forward or distribute it to anyone else, but
telephone to report the error, and then delete this message from your
system."




  admin search upper oldest olders older1 this newer1 newers latest
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
@_@V