[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ipfilter
Subject:    Re: ftp and NAT (solved?)
From:       Jefferson Ogata <ogata () pmpro ! com>
Date:       1997-09-23 3:50:55
[Download RAW message or body]

Samuli Kaski wrote:
> 
> On Tue, 9 Sep 1997, Samuli Kaski wrote:
> 
> ..
> 
> > Now if I connect to HostC so that my Linux returns the fake IP as it's
> > address, it won't work, which I understand. But if I make my Linux
> > return the real NIC IP that will be translated to the fake IP on HostB
> > it still doesn't work. Yet on the same time FTP'ing from HostC to
> > HostA (with the real NIC IP) does. Please do explain?
> 
> My misstake, sorry. After tracing ncftp I noticed that bind()
> fills struct sockaddr *my_addr with the fake IP always, regardless
> of the /etc/hosts file. My limited acknowledgement of the TCP/IP
> implementation is to blame here.
> 
> > Hmm, maybe it's just me but I never got ncftp to work with passive
> > FTP. So I use incoming FTP (bimap), scp, netscape or wget instead.
> > Maybe someone who knows how to get it to work could send an capture of
> > an succesful ncftp(PASV) session to the mailing list? I assume there
> > would be interest for such a mail.
> 
> Well it seems that ncftp works, it just has some difficulties in
> probing for Passive-FTP supported servers. I have had FTP-mode = 1
> (Passive-FTP only) since day one but I haven't been able to use ncftp
> as my FTP client. After doing the change below, all the sites I have
> tried out have worked.
> 
> I'm too lazy to dig in further as It works for me :)
> 
> Biggest kludge of the year:
> 
> --clip--
> 
> ncftp-2.4.2/FTP.c, line ~780:
> 
>         if (dataSocket < 0) {
>                 Error(kDoPerror, "Could not get a data socket.\n");
>                 return (-1);
>         }
> 
> +        /* Force these as it seems that the Passive-FTP detection
> +                code doesn't work allways... */
> +
> +        gHasPASV = 1;
> +        mode = kPassiveMode;
> +
>         if ((gHasPASV == 0) || (mode == kSendPortMode)) {
> tryPort:
> 
> --clap--
> 
> --
> Samuli Kaski, samkaski@cs.helsinki.fi
> Department of Computer Science, University of Helsinki, Finland.

I've CCed this note to Mike Gleason, the author of ncftp. (Thanks for
the very useful program, Mike!)

The problem with ncftp: ncftp keeps a line in the bookmarks file for
every host you connect to, containing your last login info, last
working directory etc. One of the fields in this line is a value for
whether the site supports passive ftp. The problem is in Bookmark.c,
in SetBookmarkDefaults(). When you open an FTP connection to a site
you've never connected to before, this function sets the value for
passive mode support based on your current FTP mode. So if the first
time you connect to a given site you happen to be using normal
SENDPORT ftp mode, ncftp assumes the remote site doesn't support
passive FTP at all. This is incorrect, and unnecessary, since there
are already controls in the data connection code to switch based on
your current FTP mode. To demonstrate that this is the problem,
delete the line for a host from your bookmarks file
(~/.ncftp/bookmarks), then start ncftp with no options, make sure
you're in passive mode, and login to the host again. Since passive-
mode is switched on now, ncftp won't assume the remote doesn't
support it, and you should be able to use passive-mode with this
particular host forever after.

I'm using ncftp-2.3.0, and I've fixed this problem by changing
SetBookmarkDefaults() to set the bookmark->hasPASV to 1 always:

Bookmark.c:282:
	bmp->port = kPortUnset;
	bmp->hasSIZE = 1;
	bmp->hasMDTM = 1;
#if	0
	if (gPreferredDataPortMode >= kPassiveMode) {
		/* Assume we have it until proven otherwise. */
		bmp->hasPASV = 1;
	} else {
		/* If default is PORT, then make the user explicitly set this. */
		bmp->hasPASV = 0;
	}
#else
	/* assume remote site has it, we just won't use it */
	bmp->hasPASV = 1;
#endif
	bmp->isUnix = 1;
	bmp->lastCall = (time_t) 0;
}	/* SetBookmarkDefaults */

-- 
Jefferson Ogata             pmpro, inc           ogata@pmpro.com
   Q: How many engineers does it take to change a light bulb?
   A: One.

[prev in list] [next in list] [prev in thread] [next in thread]