diff options
author | Ruslan Ermilov <ru@FreeBSD.org> | 2001-09-21 14:38:36 +0000 |
---|---|---|
committer | Ruslan Ermilov <ru@FreeBSD.org> | 2001-09-21 14:38:36 +0000 |
commit | c1dd00f75c909e5d2a68852c310d449f2ca6f702 (patch) | |
tree | 2c8c515452b6abe9c7e4e3eeca3b6162fa919d12 /lib/libalias | |
parent | e284cfe41ecd3cdbca71365d635a5d3cb432c481 (diff) | |
download | src-c1dd00f75c909e5d2a68852c310d449f2ca6f702.tar.gz src-c1dd00f75c909e5d2a68852c310d449f2ca6f702.zip |
Fixed the bug that prevented communication with FTP servers behind
NAT in extended passive mode if the server's public IP address was
different from the main NAT address. This caused a wrong aliasing
link to be created that did not route the incoming packets back to
the original IP address of the server.
natd -v -n pub0 -redirect_address localFTP publicFTP
Note that even if localFTP == publicFTP, one still needs to supply
the -redirect_address directive. It is needed as a helper because
extended passive mode's 229 reply does not contain the IP address.
MFC after: 1 week
Notes
Notes:
svn path=/head/; revision=83771
Diffstat (limited to 'lib/libalias')
-rw-r--r-- | lib/libalias/alias_ftp.c | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/lib/libalias/alias_ftp.c b/lib/libalias/alias_ftp.c index 7dee3f8bc62c..7e51e73d2f3c 100644 --- a/lib/libalias/alias_ftp.c +++ b/lib/libalias/alias_ftp.c @@ -145,8 +145,10 @@ int maxpacketsize /* The maximum size this packet can grow to (including header */ if (ParseFtp227Reply(sptr, dlen)) ftp_message_type = FTP_227_REPLY; - else if (ParseFtp229Reply(sptr, dlen)) + else if (ParseFtp229Reply(sptr, dlen)) { ftp_message_type = FTP_229_REPLY; + true_addr.s_addr = pip->ip_src.s_addr; + } } if (ftp_message_type != FTP_UNKNOWN_MESSAGE) @@ -464,8 +466,7 @@ NewFtpMessage(struct ip *pip, struct alias_link *ftp_link; /* Security checks. */ - if (ftp_message_type != FTP_229_REPLY && - pip->ip_src.s_addr != true_addr.s_addr) + if (pip->ip_src.s_addr != true_addr.s_addr) return; if (true_port < IPPORT_RESERVED) |