ipf ipnat ftp

Thread: ipf ipnat ftp

Search this list only Search all lists
ipf ipnat ftp
	2006-04-19 16:48:53
Hi, I am tired of trying to find out why my ftp client behind my gateway is not able to talk to ftp servers. The gw is xen domU, client is in dom0. The "230-" should be the start of a reply to a successful PASSword command, it's too early to even talk about passive or active session ... Sample of a sessin (after the "230-" the connection hangs for a while): $ ftp -a ftp.netbsd.org Trying 2001:4f8:4:7:2e0:81ff:fe21:6563... ftp: connect to address 2001:4f8:4:7:2e0:81ff:fe21:6563: No route to host Trying 204.152.190.13... Connected to ftp.netbsd.org. 220 ftp.NetBSD.org FTP server (NetBSD-ftpd 20050303) ready. 331 Guest login ok, type your name as password. 230- 421 Service not available, remote server timed out. Connection closed ftp: Login failed. ftp> /etc/ipnat.conf: map xennet1 10.0.0.0/24 -> xx.xx.xx.xx/32 proxy port ftp ftp/tcp map xennet1 10.0.0.0/24 -> xx.xx.xx.xx/32 portmap tcp/udp 10000:20000 map xennet1 10.0.0.0/24 -> xx.xx.xx.xx/32 Thank you for any hint. r.

ipf ipnat ftp
	2006-04-19 19:53:01
Maybe related to kern/25810? r.

ipf ipnat ftp
	2006-04-19 20:19:20
On Wed, Apr 19, 2006 at 06:48:53PM +0200, rudolf wrote: > Hi, > > I am tired of trying to find out why my ftp client behind my gateway is > not able to talk to ftp servers. The gw is xen domU, client is in dom0. > The "230-" should be the start of a reply to a successful PASSword > command, it's too early to even talk about passive or active session ... > > Sample of a sessin (after the "230-" the connection hangs for a while): > $ ftp -a ftp.netbsd.org > Trying 2001:4f8:4:7:2e0:81ff:fe21:6563... > ftp: connect to address 2001:4f8:4:7:2e0:81ff:fe21:6563: No route to host > Trying 204.152.190.13... > Connected to ftp.netbsd.org. > 220 ftp.NetBSD.org FTP server (NetBSD-ftpd 20050303) ready. > 331 Guest login ok, type your name as password. > 230- > > 421 Service not available, remote server timed out. Connection closed > ftp: Login failed. > ftp> > > /etc/ipnat.conf: > map xennet1 10.0.0.0/24 -> xx.xx.xx.xx/32 proxy port ftp ftp/tcp > map xennet1 10.0.0.0/24 -> xx.xx.xx.xx/32 portmap tcp/udp 10000:20000 > map xennet1 10.0.0.0/24 -> xx.xx.xx.xx/32 > > Thank you for any hint. There is a PR open about this; it's a known problem. But you don't say which version of NetBSD you're running; if it's from the netbsd-3 branch could you try current ? A new ipf has been imported which may fix this. -- Manuel Bouyer <bouyerantioche.eu.org> NetBSD: 26 ans d'experience feront toujours la difference --

ipf ipnat ftp
	2006-04-19 21:09:41
Manuel Bouyer wrote: > On Wed, Apr 19, 2006 at 06:48:53PM +0200, rudolf wrote: >> I am tired of trying to find out why my ftp client behind my gateway is >> not able to talk to ftp servers. The gw is xen domU, client is in dom0. >> The "230-" should be the start of a reply to a successful PASSword >> command, it's too early to even talk about passive or active session ... [...] >> >> Thank you for any hint. > > There is a PR open about this; it's a known problem. > But you don't say which version of NetBSD you're running; if it's from > the netbsd-3 branch could you try current ? A new ipf has been imported which > may fix this. > I've noticed the existence of the PR few moments ago, I'll try the current sources. The failure exposed itself on 3.0_STABLE (cca 1.4.2006). Thanks! r.

ipf ipnat ftp
	2006-05-23 16:35:23
Manuel Bouyer wrote: > On Wed, Apr 19, 2006 at 06:48:53PM +0200, rudolf wrote: >> Hi, [...] >> Sample of a sessin (after the "230-" the connection hangs for a while): >> $ ftp -a ftp.netbsd.org >> Trying 2001:4f8:4:7:2e0:81ff:fe21:6563... >> ftp: connect to address 2001:4f8:4:7:2e0:81ff:fe21:6563: No route to host >> Trying 204.152.190.13... >> Connected to ftp.netbsd.org. >> 220 ftp.NetBSD.org FTP server (NetBSD-ftpd 20050303) ready. >> 331 Guest login ok, type your name as password. >> 230- >> >> 421 Service not available, remote server timed out. Connection closed >> ftp: Login failed. >> ftp> >> >> /etc/ipnat.conf: >> map xennet1 10.0.0.0/24 -> xx.xx.xx.xx/32 proxy port ftp ftp/tcp >> map xennet1 10.0.0.0/24 -> xx.xx.xx.xx/32 portmap tcp/udp 10000:20000 >> map xennet1 10.0.0.0/24 -> xx.xx.xx.xx/32 >> >> Thank you for any hint. > > There is a PR open about this; it's a known problem. > But you don't say which version of NetBSD you're running; if it's from > the netbsd-3 branch could you try current ? A new ipf has been imported which > may fix this. > Hi, I tried it with gw installed from ftp://ftp.netbsd.org/pub/NetBSD-daily/HEAD/200605220000Z/ binaries and the problem is still present. Regards, r.

[1-5]

about | contact Other archives ( Real Estate discussion Medical topics )