Subject: Re: kern/7368: ipnat not rewriting PORT command 100% of time
To: Greg A. Woods <firstname.lastname@example.org>
From: Andrew Brown <email@example.com>
Date: 04/15/1999 02:58:56
>> would this be included in a sup (in the last day or so) of 1.4_alpha?
>> if so, i'll check again to see if it works more betterly.
>No, I don't think so. I've not yet heard a release date even mentioned
>for IP-Filter 3.2.11, and even if it were this week I doubt it would be
>rolled into NetBSD-1.4 at this point (unless it fixed a very serious bug
>of some sort). You'd have to re-integrate it yourself....
ah. ok. i'll have to see if i can get that to work.
>> well...that's encouraging. no...it doesn't panic. only "fracture"
>> (not break) ftp. ncftp works, as does passive.
>That sounds like a tough one to debug....
after i looked at the packets, it was easy to see the problem.
and after looking at ip_ftp_pxy.c line 144+8, it looks like i just
wanna remove that chunk (or something). it'll probably fix my
problem. and i think that ftp clients that don't send the crlf are
dumb (it *is* linux, after all), but clients that will actually "lose"
after a "fix" like this actually *deserve* to lose. it means that
they're sending the bytes of the port command piece meal.
|-----< "CODE WARRIOR" >-----|
firstname.lastname@example.org * "ah! i see you have the internet
email@example.com (Andrew Brown) that goes *ping*!"
firstname.lastname@example.org * "information is power -- share the wealth."