[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[suse-security] problems with proxy-proxy communication

To: suse-security@xxxxxxxx
Subject: [suse-security] problems with proxy-proxy communication
From: Ralf Ronneburger <ralf@xxxxxxxxxxxxxx>
Date: Fri, 12 Dec 2003 17:35:58 +0100
Delivered-to: mailing list suse-security@xxxxxxxx
Delivery-date: Fri, 12 Dec 2003 17:36:44 +0100
Envelope-to: suse@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx
List-help: <mailto:suse-security-help@suse.com>
List-post: <mailto:suse-security@suse.com>
List-subscribe: <mailto:suse-security-subscribe@suse.com>
List-unsubscribe: <mailto:suse-security-unsubscribe-suse=archive.cert.uni-stuttgart.de@suse.com>
Mailing-list: contact suse-security-help@xxxxxxxx; run by ezmlm
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.4) Gecko/20030624

Hi everyone,

I have a problem with SuSE Proxy Suite (in front of an ftp-server) when
communication with client behind another proxy server (a delegate
8.5.5). Communication with other clients works without any problems,
active or passive, the SuSE Proxy is configured for active and passive ftp.

My network looks like this:

external interface
proxy (SuSE Linux 8.1, SuSE Proxy Suite)
internal interface (10.0.0.254)
|
|
ftp-server (10.0.0.200)

When connecting from a client behind the delegate-proxy the logfile
looks like this (where 172.16.0.1 is the IP of the delegate-proxy,
10.0.0.254 is the internal IP of the SuSE Proxy):

ftp-child [19569] <11/26-12:43:14> USER-INF connect from 172.16.0.1
ftp-child [19569] <11/26-12:43:14> USER-INF 'USER USERNAME' from 172.16.0.1
ftp-child [19569] <11/26-12:43:14> USER-INF reading data for 'USERNAME'
from cfg-file
ftp-child [19569] <11/26-12:43:14> TECH-DBG from Server-PI (3): '220
SERVERNAME.'
ftp-child [19569] <11/26-12:43:14> TECH-DBG from Server-PI (3): '331
Password required for USERNAME.'
ftp-child [19569] <11/26-12:43:14> USER-INF 'PASS XXXX' from 172.16.0.1
ftp-child [19569] <11/26-12:43:14> USER-INF 'PASS XXXX' from 172.16.0.1
ftp-child [19569] <11/26-12:43:14> TECH-DBG from Server-PI (3): '230
User USERNAME logged in.'
ftp-child [19569] <11/26-12:43:14> USER-INF 'PWD' from 172.16.0.1
ftp-child [19569] <11/26-12:43:14> TECH-DBG from Server-PI (3): '257
"/USERNAME" is current directory.'
ftp-child [19569] <11/26-12:43:14> USER-INF 'SYST' from 172.16.0.1
ftp-child [19569] <11/26-12:43:14> TECH-DBG from Server-PI (3): '215
SERVERSYSTEM'
ftp-child [19569] <11/26-12:43:20> USER-INF 'PORT 172.16.0.1:4568' from
172.16.0.1
ftp-child [19569] <11/26-12:43:20> USER-INF 'LIST' from 172.16.0.1
ftp-child [19569] <11/26-12:43:20> TECH-INF 'PORT 10.0.0.254:54975' for
172.16.0.1
ftp-child [19569] <11/26-12:43:20> TECH-DBG from Server-PI (3): '200
PORT command successful.'
ftp-child [19569] <11/26-12:43:20> TECH-ERR can't connect Cli-Data for
172.16.0.1
ftp-child [19569] <11/26-12:43:50> USER-INF closing connect from
172.16.0.1 after 36 secs - read 0/0, sent 0/0 byte/sec

Has anybody experienced something similar? How can I or the admin of the
delegate-proxy solve this? This has also happened to me with another
proxy on the other side, unfortunately they did not wanna tell me what
technology they use...

Greetings,

Ralf Ronneburger





--
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here

Prev by Date: [suse-security] Linux Pam 8.2
Next by Date: Re: [suse-security] Curious response
Previous by thread: [suse-security] Linux Pam 8.2
Next by thread: [suse-security] free sms messages
Index(es):
- Date
- Thread