Article delegate-en/4004 of [1-5169] on the server localhost:119
  upper oldest olders older1 this newer1 newers latest
search
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
[Reference:<_A4003@delegate-en.ML_>]
Newsgroups: mail-lists.delegate-en

[DeleGate-En] Re: ftp/tls +PASV +NAT
17 Jun 2008 01:06:34 GMT feedback@delegate.org (Yutaka Sato)
The DeleGate Project


In message <_A4003@delegate-en.ML_> on 06/17/08(05:14:42)
you Darin Perusich <puahqbdyi-xtqvdmyia3jr.ml@ml.delegate.org> wrote:
 |On 06/12/08(04:56) you Darin Perusich <puahqbdyi.ml@delegate.org> wrote
 |in <_A4000@delegate-en.ML_>
 ||First, if possible, you shoud setup your client to use EPSV instread of
 ||PASV. Unlike PASV, the EPSV response does not include the address of 
 ||the FTP server but only shows the port number, like "229 Extended 
 ||Passive Mode (|||12346|)" instead of "227 Entering Passive Mode 
 ||(11,22,33,44,482,64)." for PASV. Thus the destination address of the 
 ||data connection will be that of the current control connection 
 ||automatically, and you will not be bothered with it.
 |
 |The server I'm connecting to doesn't support EPSV mode so this won't 
 |work. They are running a rather old version of WS_FTP.

The command for data-connection establishment is hop-by-hop thus the
command with the server is independent from the one with the client.
For example, it can be EPSV with client and PASV with the server.

  client ---EPSV--- DeleGate ----PASV---- server


 ||You need to specify your external IP address (11.22.33.44) as this:
 ||
 ||  SRCIF="11.22.33.44:*:tcpbound"
 |
 |I tried setting this but it didn't make any difference, the connection 
 |still timed out.

If your DeleGate is within a firewall, it should be setup to pass the
port numbers for PASV assined by DeleGate.  You can add another SRCIF
to restrict the range of the port numbers (2048-2064 for example) to be
assined as this:

  SRCIF="*:2048-2064:ftp-data-pasv"
  SRCIF="11.22.33.44:*:tcpbound"

You can confirm it is working as this:

  % telent delegate port
  pasv
  227 Entering Passive Mode (11,22,33,44,8,0)

The LOGFILE of DeleGate (with -vd option) will record as this:

06/17 10:03:35.99 [22651] 1+0/1: CLIENT-SAYS: pasv^M
06/17 10:03:35.99 [22651] 1+0/1: SRCIF=*:2048-2064 [ftp-data-pasv://127.0.0.1:9999]
06/17 10:03:35.99 [22651] 1+0/1: FTP-control-remote: 127.0.0.1:9999 [27]
06/17 10:03:35.99 [22651] 1+0/1: ##NOT ViaSocks-B## 127.0.0.1:0
06/17 10:03:36.04 [22651] 1+0/1: listen(24,1) OK.
06/17 10:03:36.04 [22651] 1+0/1: SRCIF=11.22.33.44:* [tcpbound://127.0.0.1:50717]
06/17 10:03:36.05 [22651] 1+0/1: FTP-data-local[24]: 11.22.33.44:2048
06/17 10:03:36.05 [22651] 1+0/1: PASV [X][11,22,33,44,8,0] >> 227 Entering Passive Mode (11,22,33,44,8,0).^M

Another solution is to force the client to use PORT or EPRT command.

Cheers,
Yutaka
--
  9 9   Yutaka Sato <y.sato@delegate.org> http://delegate.org/y.sato/
 ( ~ )  National Institute of Advanced Industrial Science and Technology
_<   >_ 1-1-4 Umezono, Tsukuba, Ibaraki, 305-8568 Japan
Do the more with the less -- B. Fuller

  admin search upper oldest olders older1 this newer1 newers latest
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
@_@V