[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ipfilter
Subject:    HylaFAX + FTP Proxy Problem
From:       Jim Pingle <lists () pingle ! org>
Date:       2007-03-02 1:51:57
Message-ID: 45E7833D.3020000 () pingle ! org
[Download RAW message or body]

I recently moved a HylaFAX server behind a firewall, so PASV mode no longer
works with HylaFAX clients. At work, our LAN is behind a PIX separate from
where the server now resides, I configured to PIX to fixup port 4559 as ftp,
and it works like a champ with a FAX client configured for active mode.

At home, however, my server/router is running IPFilter and I am having
trouble getting the FTP proxy to work properly with any HylaFAX client I
have tried. It is not translating the IP address in the PORT command.

When used with a normal FTP server on port 21, the proxy works as expected.
When I use an FTP client such as FileZilla aimed at port 4559 on the HylaFAX
server, it works. I'm sure the FAX clients are to blame. If there were a
problem with the proxy, the FTP client would fail as well.

The problem that I can see with some of the HylaFAX clients I've tried
(jhylafax, yajhfc) is that they issue the commands in lowercase. i.e. "port
192,168,0,4,14,164" instead of "PORT 192,168,0,4,14,164". Although in the
case of WHFC it issues the PORT command in upper-case and it was still not
translated.

When connecting with a client that issues the commands in all lower case,
the proxy doesn't appear to trigger at all. No proxy output is shown in the
output of ipnat -l.

With WHFC, I see the proxy listing in ipnat -l as follows:
MAP 192.168.0.4     4955  <- -> xxx.yyy.59.4    4955  [aaa.bbb.145.29 4559]
        proxy ftp/6 use -13 flags 0
                proto 6 flags 0 bytes 384 pkts 6 data YES size 312
        FTP Proxy:
                passok: 1
        Client:
                seq 5ba50712 (ack 0) len 0 junk 0 cmds 0
                buf [\000]
        Server:
                seq 57e15003 (ack 57e15003) len 64 junk 0 cmds 220
                buf [220 thor.example.com server (HylaFAX (tm) Version
4.3.0) ready.\015\012\000]

A log of the WHFC connection using tcpflow shows this:
  220 thor.example.com server (HylaFAX (tm) Version 4.3.0) ready.
  USER jim
  331 Password required for jim.
  PASS **********
  230 User jim logged in.
  230 User jim logged in.
  TZONE LOCAL
  200 Using time values in EST.
  TYPE I
  200 Type set to Image.
  MODE S
  200 Mode set to Stream.
  PORT 192,168,0,4,38,12
  200 PORT command successful.
  LIST status

There was a post a little over two years ago where someone referenced using
the FTP proxy for HylaFAX:
http://marc.theaimsgroup.com/?l=ipfilter&m=110022091431670&w=2
There was no mention of what client was used, however.

What it boils down to is this:
Can support for clients broken in this way be added or improved upon? I can
understand if that's a "no" -- but I figured I would ask.
-or-
Can anyone recommend a (free/open) HylaFAX client that works from behind
IPFilter?

Any input on the subject would be appreciated.

I'm using FreeBSD 6.2-STABLE from Jan 19, 2007. IPFilter is loaded via a
kernel module.

Output of ipf -V:
ipf: IP Filter: v4.1.13 (416)
Kernel: IP Filter: v4.1.13
Running: yes
Log Flags: 0 = none set
Default: pass all, Logging: available
Active list: 0
Feature mask: 0x10f

Jim
[prev in list] [next in list] [prev in thread] [next in thread]