Date: Thu, 28 May 2009 17:40:14 -0300 From: Alexandre Biancalana <biancalana@gmail.com> To: Scott Ullrich <sullrich@gmail.com> Cc: freebsd-pf@freebsd.org Subject: Re: Multiple ftp servers behind pf with carp multi-ip Message-ID: <8e10486b0905281340i588eea3cj16fc6dd745c3e2ff@mail.gmail.com> In-Reply-To: <d5992baf0905281323n43d15c24i897332d29374e020@mail.gmail.com> References: <8e10486b0905271442j224b37f5nceccaba929a08f8a@mail.gmail.com> <d5992baf0905271512n7a66ad26n91c1a645fd526d3c@mail.gmail.com> <8e10486b0905281125l662e1f98r5b5a68e172d56684@mail.gmail.com> <d5992baf0905281137j38b54733q40c753fb712a69a7@mail.gmail.com> <8e10486b0905281317h40250894rb98d19f063cd8a1c@mail.gmail.com> <d5992baf0905281323n43d15c24i897332d29374e020@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, May 28, 2009 at 5:23 PM, Scott Ullrich <sullrich@gmail.com> wrote: > On Thu, May 28, 2009 at 4:17 PM, Alexandre Biancalana > <biancalana@gmail.com> wrote: >> The patch does not apply clearly, I merge they by hand (the final diff >> is attached) and compiled Ok. I will give a try and let you know. >> >> I'm curious about the two new command line options -i and -2, what's >> the exacly purpose of this options ? > > That might be a little bit outdated. =A0The most up to date port is > here: http://redmine.pfsense.org/repositories/browse/pfsense-tools/pfPort= s/pftpx-routeto > > I quickly glanced at the source and did not see the -i argument but > the -2 argument should be the routeto IP address: > > =A0 =A0 =A0 =A0if (routeto) { > =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0memset(&hints, 0, sizeof hints); > =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0hints.ai_flags =3D AI_NUMERICHOST; > =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0hints.ai_family =3D ipv6_mode ? AF_INET6 := AF_INET; > =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0hints.ai_socktype =3D SOCK_STREAM; > =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0error =3D getaddrinfo(routeto, NULL, &hint= s, &res); > =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0if (error) > =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0errx(1, "getaddrinfo route= -to address failed: %s", > =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0gai_strerror(error= )); > =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0memcpy(&routeto_ss, res->ai_addr, res->ai_= addrlen); > =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0logmsg(LOG_INFO, "using route-to (%s %s)",= routeto_if, > =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0sock_ntop(sstosa(&routeto_ss))); > =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0freeaddrinfo(res); > =A0 =A0 =A0 =A0} Does not work :-( The client side the error happen in a intermittent manner: Pink:/usr/home/ale $ ftp xxx.xxx.11.130 Connected to xxx.xxx.11.130. 220-Microsoft FTP Service 220 FTP SERVER Name (xxx.xxx.11.130:ale): user 421 Service not available, remote server has closed connection. ftp: Login failed. ftp> quit Pink:/usr/home/ale $ ftp xxx.xxx.11.130 Connected to xxx.xxx.11.130. 421 Service not available, remote server has closed connection. ftp> quit Pink:/usr/home/ale $ ftp xxx.xxx.11.130 Connected to xxx.xxx.11.130. 220-Microsoft FTP Service 220 FTP SERVER Name (xxx.xxx.11.130:ale): user 331 Password required for user. Password: 421 Service not available, remote server has closed connection. ftp: Login failed. ftp> the server side looks like this: FW1:/usr/ports/ftp/pftpx # pftpx -D7 -d -c 8023 -f 192.168.0.80 -p 192.168.0.253 using 192.168.0.253 to connect to servers using route-to (lo0 127.0.0.1) using fixed server 192.168.0.80 listening on 127.0.0.1 port 8023 #1 accepted connection from xxx.xxx.153.79 #1 FTP session 1/100 started: client xxx.xxx.153.79 to server 192.168.0.80 via proxy 192.168.0.253 #1 server: 220-Microsoft FTP Service\r\n #1 server: 220 FTP SERVER\r\n #2 accepted connection from xxx.xxx.153.79 #2 FTP session 2/100 started: client xxx.xxx.153.79 to server 192.168.0.80 via proxy 192.168.0.253 #2 server: 220-Microsoft FTP Service\r\n #1 server: 220 FTP SERVER\r\n #2 client: USER user\r\n #2 server: 331 Password required for user.\r\n #2 client reset connection #2 ending session Any other idea ? Alexandre
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?8e10486b0905281340i588eea3cj16fc6dd745c3e2ff>