Article delegate-en/5067 of [1-5169] on the server localhost:119
  upper oldest olders older1 this newer1 newers latest
search
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
[Reference:<_A5057@delegate-en.ML_>]
Newsgroups: mail-lists.delegate-en

[DeleGate-En] Re: delegate ftp proxy srcip
31 May 2014 10:58:52 GMT Yutaka Sato DG <ysato@delegate.org>


Andreas,

Although it is not clear why you need to specify SRCIF, I tested it in
a typical situation, binding the source interface of PASV connection to the
destination server.  It seems working, as follows:

-- DeleGate --

delegated -P9996 -fv SERVER=ftp://ftp.openssl.org SRCIF=10.24.192.4

-- client --

$ ftp localhost 9996
Connected to localhost.
220-extended FTP [MODE XDC][XDC/BASE64][PIPELINE] (1) localhost
220- (vsFTPd 2.3.5)
220
Name (localhost:y.sato): ftp
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> ls
200 PORT command successful [translated to PASV by DeleGate].
150 Here comes the directory listing.
drwxr-xr-x    2 29000    29000        4096 Dec 20  2012 lists
drwxr-xr-x    2 29000    29000        4096 May 31 06:15 snapshot
drwxr-xr-x    2 29000    29000       24576 Apr 07 19:21 source
226 Directory send OK.
ftp> 221 Goodbye.

-- LOGFILE --
05/31 19:48:03.53 [29160] 1+0: -- Fork(OnetimeServer): 29157 -> 29160
05/31 19:48:03.53 [29160] 1+0: (0) accepted [37]
-@[127.0.0.1]localhost:55446 (0.007s)(1)
05/31 19:48:03.53 [29160] 1+0: PATH: ftp://ftp.openssl.org:21
!localhost:9996!localhost:55446!anonymous@localhost;1401533283
05/31 19:48:03.54 [29160] 1+0: FTP server ftp://ftp.openssl.org:21/
05/31 19:48:03.54 [29160] 1+0: FTPHOPS: 1 [37/37 - -1/-1]
05/31 19:48:08.86 [29160] 1+0: ConnectToServer: DFLT=
ftp://ftp.openssl.org:21 REAL=://:0
05/31 19:48:08.86 [29160] 1+0: [11] source port = 10.24.192.4:- =
10.24.192.4:33185

(source interface for the server is specified to be bound)

05/31 19:48:09.18 [29160] 1+0: ConnectToServer connected [11] {
185.9.166.106:21 <- 10.24.192.4:33185} [0.323s]
05/31 19:48:09.18 [29160] 1+0: willSTLS_SV[ftp]: ServerFlags=0 E0ADD590
05/31 19:48:09.51 [29160] 1+0: --WARN FTP_STARTTLS_withSV no REAL_PROTO
(ftp)
05/31 19:48:09.51 [29160] 1+0: willSTLS_SV[ftp]: ServerFlags=0 E0ADD590
05/31 19:48:17.77 [29160] 1+0/3/2: LoginPWD: "/"
05/31 19:48:20.09 [29160] 1+0/4/4: SRCIF=10.24.192.4:* [ftp-data-pasv-src://
185.9.166.106:21]

(the source interface of PASV to the server is specified to be bound)

05/31 19:48:20.42 [29160] 1+0/4/4: ftp_conndata: connected 10.24.192.4:33184
->openssl.net/185.9.166.106:48633 [19](0.3)
05/31 19:48:20.42 [29160] 1+0/4/4: -- with PASV
05/31 19:48:20.42 [29160] 1+0/4/4: PORT [127,0,0,1,194,193] >> 200 PORT
command successful [translated to PASV by DeleGate].^M
05/31 19:48:20.74 [29160] 1+0/5/5: SRCIF=10.24.192.4:* [ftp-data-port-src://
127.0.0.1:55446]
05/31 19:48:20.74 [29160] 1+0/5/5: ftp_conndata: connected 10.24.192.4:9995
->localhost/127.0.0.1:49857 [20](0.0)
05/31 19:48:20.74 [29160] 1+0/5/5: DATA 185.9.166.106:48633 ->
10.24.192.4:33184 .. 10.24.192.4:9995 -> 127.0.0.1:49857
05/31 19:48:20.75 [29160] 1+0/5/5: FTP data-relay([19]15554b -> [20]2a558b)
193b / 1/ (5) 0.01s (read-EOF)

Yutaka

2014-04-27 23:54 GMT+09:00 <feedback@ml.delegate.org>:

> Hello
>
>
>
>
> *Yutaka,thanks for the great proxy delegate. I use delegate as a ftp proxy
> an I try to bind the src interface to a IP.If I do that, ftp-cli is working
> but no ftp-data.I tried with *
>
> SRCIF="1.2.3.4:*:*:*:*
>
> but no success.
>
> Is it possibe to bind a ftp proxy to a source ip?
>
> Thanks and Regards
> Andreas
>
> --
> --
> Mit freundlichen Grテシテ歹n
> Best regards
>
> Andreas Mテシrdter
> IT Systemmanager
>
> TBits.net GmbH, Seeweg 6, 73553 Alfdorf, Germany
> phone: +49 (0)7000 00000-0F, fax: +49 (0)7000 00000-0F
> Geschテ、ftsfテシhrer: Thomas Bテカrnert, Amtsgericht Stuttgart HRB 281836
> USt.-IdNr. DE 000 000 00X
>
>


  admin search upper oldest olders older1 this newer1 newers latest
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
@_@V