Article delegate-en/1859 of [1-5169] on the server localhost:119
  upper oldest olders older1 this newer1 newers latest
search
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]

Newsgroups: mail-lists.delegate-en

[DeleGate-En] Re: ftp no data received
30 Aug 2002 11:30:03 GMT "Brunet, Christophe" <piadqbdyi-f4q452suwj3r.ml@ml.delegate.org>


Hello
	Thanks for your reply but i have on think bothering me.
	The case not working sample is an aix ftp client that by default run
Active FTP but is capable of doing passive.
	What i see in doing traces is that is seems to be the Delegate
server that Force "Translate to PASV", 
	but then the firewall rejects this as it was not a client request ? 

Best Regards
 Christophe BRUNET/AT&T GLOBAL NETWORK
piadqbdyi-f4q452suwj3r.ml@ml.delegate.org
Tel 30 0 00 00 00 0X/ Fax  33 1 43 03 69 43
"This message and any attachments to it contain confidential business
information intended solely for the recipients. If you have received this
email in error please do not forward or distribute it to anyone else, but
telephone to report the error, and then delete this message from your
system."




-----Original Message-----
From: feedback@delegate.org [mailto:feedback@delegate.org]
Sent: vendredi 30 août 2002 11:20
To: feedback@delegate.org
Cc: Brunet, Christophe
Subject: Re: [DeleGate-En] ftp no data received


Hi,

In message
<_A1856@delegate-en.ML_>
on 08/30/02(17:32:52) you "Brunet, Christophe" <piadqbdyi-f4q452suwj3r.ml@ml.delegate.org> wrote:
 |	we have problem with the ftp proxy configured like this : 
 |/usr/local/bin/delegated -Pproxy:21 SERVER="ftp://ftp-internal:21/"
 |PERMIT="*:ftp-internal:*" LOGFILE=/logs/delegate/delegateftp.log
 |	The proxy is on a dmz behind a Checkpoint Firewall, the checkpoint
 |ftp fix is installed on.
..
 |        It seems that when we get translated to PASV it fails. Whe have
 |tryed to use the FTPCONF=nopasv or noxdc same problem.

It seems not so.  The problem occurs when the DeleGate try to make
TCP connection to the client, to the port requested with PORT command.

 |This is with an ftp client that performed a dir on the ftp (a netscape
 |browser behind a squid proxy using internet)
.. 
 |08/29 18:17:50.83 [6512] 2+0/5: -- with PASV
 |08/29 18:17:50.83 [6512] 2+0/5: PASV [proxy,132,69] >> 227 Entering
Passive
 |Mode (proxy,132,69) Dele
 |Gate[B].^M
 |08/29 18:17:51.02 [6512] 2+0/10: FTP-CACHE: LIST [] = [][]:0
 |08/29 18:17:52.03 [6512] 2+0/10: FTP data-relay([17]10000b -> [18]10000b)
 |7233b / 1/ 0.00s (read-EOF)

This client succeeded the data connection requesting it with PASV.
The connection is established from client to DeleGate in this case.

 |This is a ftp user that connected but didn't receive any data (direct to
 |proxy ) connexion ftp client.
..
 |08/29 18:19:52.99 [6513] 3+0/5: -- with PASV
 |08/29 18:19:52.99 [6513] 3+0/5: PORT [141,94,62,149,147,18] >> 200 PORT
 |command successful [translated to PASV].^M
 |08/29 18:19:53.02 [6513] 3+0/6: FTP-CACHE: LIST [] = [][]:0
 |08/29 18:19:53.02 [6513] 3+0/6: ## ftp-conndata: NOT bound#1 err=13
 |08/29 18:20:23.02 [6513] 3+0/6: *** CON_TIMEOUT: 30.00/30s ->
 |141.94.62.149:37650
 |08/29 18:20:23.02 [6513] 3+0/6: ftp_conndata: connection refused
 |proxy:33864->141.94.62.149/141.94.62.149:37650, errno=110

This DeleGate succeeded to connect to the server too, but failed to
connect to the client which requested data-connection with PORT
command, expecting it to be established from the DeleGate to the
client (141.94.62.149).

Cheers,
Yutaka
--
  @ @ Yutaka Sato <y.sato@delegate.org> http://www.delegate.org/y.sato/
 ( - ) National Institute of Advanced Industrial Science and Technology
(AIST)
_<   >_ 1-1-4 Umezono, Tsukuba, Ibaraki, 305-8568 Japan
Do the more with the less -- B. Fuller

  admin search upper oldest olders older1 this newer1 newers latest
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
@_@V