bugzilla-daemon at bugzilla.netfilter.org
2009-Feb-03 01:13 UTC
[Bug 574] New: nf_conntrack_ftp.c ignores RFC 1123 regarding parentheses in FTP passive mode message 227
http://bugzilla.netfilter.org/show_bug.cgi?id=574
Summary: nf_conntrack_ftp.c ignores RFC 1123 regarding
parentheses in FTP passive mode message 227
Product: netfilter/iptables
Version: linux-2.6.x
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: P3
Component: ip_conntrack
AssignedTo: laforge at netfilter.org
ReportedBy: mpost at novell.com
/net/netfilter/nf_conntrack_ftp.c specifically checks for parentheses
surrounding the IP address and port numbers in the FTP server 227 message.
This results in "hung" FTP sessions when trying to use passive mode
with FTP
servers that do not use parentheses in their 227 response. This is the case
with IBM's FTP server for z/VM 5.x
RFC 1123 says:
The format of the 227 reply to a PASV command is not well standardized. In
particular, an FTP client cannot assume that the parentheses shown on page 40
of RFC-959 will be present (and in fact, Figure 3 on page 43 omits them).
Therefore, a User-FTP program that interprets the PASV reply must scan the
reply for the first digit of the host and port numbers.
While the RFC was intended to apply to FTP clients interpreting messages, it
should also be applied to the nf_conntrack_ftp kernel module as well, since it
is essentially performing the same function, but on behalf of more than one
user.
--
Configure bugmail: http://bugzilla.netfilter.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at bugzilla.netfilter.org
2009-Feb-11 02:04 UTC
[Bug 574] nf_conntrack_ftp.c ignores RFC 1123 regarding parentheses in FTP passive mode message 227
http://bugzilla.netfilter.org/show_bug.cgi?id=574 ------- Comment #1 from mpost at novell.com 2009-02-11 03:04 ------- It's been a week now. Can somebody please give me an update? Thanks. -- Configure bugmail: http://bugzilla.netfilter.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at bugzilla.netfilter.org
2009-Feb-11 10:32 UTC
[Bug 574] nf_conntrack_ftp.c ignores RFC 1123 regarding parentheses in FTP passive mode message 227
http://bugzilla.netfilter.org/show_bug.cgi?id=574
laforge at netfilter.org changed:
What |Removed |Added
----------------------------------------------------------------------------
AssignedTo|laforge at netfilter.org |kaber at trash.net
------- Comment #2 from laforge at netfilter.org 2009-02-11 11:32 -------
hi and sorry. I don't know how this bug was assigned to me, I am not doing
any
netfilter related work for some three years now. Will reassign to patrick, the
current maintainer
--
Configure bugmail: http://bugzilla.netfilter.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
You are the assignee for the bug, or are watching the assignee.