Article delegate-en/1739 of [1-5169] on the server localhost:119
  upper oldest olders older1 this newer1 newers latest
search
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]

Newsgroups: mail-lists.delegate-en

[DeleGate-En] Problem for FTP proxy and data connection
05 Jul 2002 09:23:49 GMT pzmdabdyi-qjyh54lsbnxr.ml@ml.delegate.org


Hi,

I'm trying to setup a couple of ftp proxy with delegate.

I've compiled it on two linux box (a RedHat 7.2 and an old Debian 2.0).
I'm having trouble making it work with data connection, because I've to
connect to my corporate firewall without adding any new rule.

I've tried the following configuration:

delegated -P21 SERVER=ftp +=/etc/delegate/ftp.config

where
----- ftp.config -----
ADMIN='anonymous@mydomain'
OWNER='daemon'
DGROOT='/var/spool/delegate-root'
LOGDIR='/var/log'
RELIABLE=+=/etc/delegate/ftppermit
LOGFILE=delegate
PROTOLOG=deleftp
SRCIF="*:20:ftp-data-port"
SRCIF="*:20:ftp-data"
SRCIF="*:20:ftp-data-pasv"
SRCIF="*:20:ftp-data-src"
CACHE=no
FTPCONF=nopasv
--------------------
and where ftppermit contains a list of clients IP allowed to use this proxy.

Trying to connect to any Ftp server I obtain the following log
[CUT]
07/05 11:02:16.34 [7054] 1+0: FTP server ftp://ftp.microsoft.com:21/
07/05 11:02:16.34 [7054] 1+0: FTPHOPS: 1 [9/44 - -1/-1]
07/05 11:02:16.34 [7054] 1+0: ConnectToServer: DFLT=ftp://ftp.microsoft..com:21
REAL=://:0
07/05 11:02:16.52 [7054] 1+0: ConnectToServer connected [15] {207.46.133.140:21
<- a.b.c.d:50508} [0.177s]
07/05 11:02:21.68 [7054] 1+0/2: LoginPWD: "/"
07/05 11:02:21.86 [7054] 1+0/2: SRCIF=*:20 [ftp-data-src://207.46.133.140:21]
07/05 11:02:21.86 [7054] 1+0/2: bind_inet(16,a.b.c.d:20) failed: ERRNO=13
(you are not permitted user)
07/05 11:02:21.86 [7054] 1+0/2: ## ftp-conndata: NOT bound#1 err=98
07/05 11:02:25.03 [7054] 1+0/2: ftp_conndata: connected a.b.c.d:50528->ftp.microsoft.com/207.46.133.140:2794
[16]
07/05 11:02:25.03 [7054] 1+0/2: -- with PASV
07/05 11:02:25.03 [7054] 1+0/2: PORT [x,y,z,w,5,110] >> 200 PORT command
successful [translated to PASV by DeleGate].^M
07/05 11:02:25.21 [7054] 1+0/3: SRCIF=*:20 [ftp-data-src://x.y.z.w:1389]
07/05 11:02:25.21 [7054] 1+0/3: bind_inet(17,a.b.c.d:20) failed: ERRNO=13
(you are not permitted user)
07/05 11:02:25.21 [7054] 1+0/3: ## ftp-conndata: NOT bound#1 err=13
07/05 11:02:25.21 [7054] 1+0/3: ftp_conndata: connected a.b.c.d:50529->myclinet.mydomain/x.y.z.w:1390
[17]
[CUT]
(where a.b.c.d is the IP address of delegate server amd x.y.z.w is my client
IP address)

I've been able to force delegate to open DATA connection on port 20 towards
the external server, but not for data connection toward my client.
(adding those line for SRCIF)

Does it has something to do with the three lines at the bottom of the log
?
I've also tried many combination for owner (dameon, root, delegate, nobody
and so on)

Thanks
Riccardo

__________________________________________________________________
TuttoTISCALI e' il tuo nuovo contratto di telefonia!
Chiami in tutta Italia, giorno e notte, al prezzo di un'urbana
Ti colleghi ad Internet e spendi meno di un'urbana
http://point.tiscali.it/tuttotiscali/webmail.html





  admin search upper oldest olders older1 this newer1 newers latest
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
@_@V