|
Hello,
Tony Clarke wrote:
Hi,
To get active ftp (in both directions) working with ipvs patch for
2.2.19,
I patched ip_masq_ftp.c with the following and loaded with in_ports=21.
Anyone like to cast an eye over it?
Excuse my ignorance, but could you tell me what exactly didn't work before? As
far as I can see, you've copied some of the old cruft in ip_masq_ftp.c. Could
you exactly explain what this patch does what a loaded ip_masq_ftp.o doesn't
with regard to IPVS?
This masquerades the port and ip correct. With just in_ports=21 only
the ip gets masqueraded.
If it's about a correct masquerading issue, why is there so much code? I'm
confused, sorry. I hope you can me so I can wipe of the dust on my brain cells.
+#ifdef CONFIG_IP_MASQUERADE_VS
+ if (ms->app_data == &ipvs_ftp_pasv) {
Ok, I guess this has something to do with it. How do the packets get flagged?
+ n_ms = ip_masq_out_get(iph->protocol,
+ htonl(from), htons(port),
+ ms->daddr, 0);
+ if (!n_ms) {
+ n_ms = ip_masq_new(IPPROTO_TCP,
+ maddr, htons(port),
+ htonl(from), htons(port),
+ ms->daddr, 0,
+ IP_MASQ_F_NO_DPORT);
+
+ if (n_ms==NULL)
+ return 0;
+ ip_masq_control_add(n_ms, ms);
I guess this is the part where it didn't work for you, right?
+ }
+
+ /*
+ * Replace the old passive address with the new one
+ */
+ from = ntohl(n_ms->maddr);
+ port = ntohs(n_ms->mport);
+ sprintf(buf,"%d,%d,%d,%d,%d,%d",
+ from>>24&255,from>>16&255,from>>8&255,from&255,
+ port>>8&255,port&255);
+ buf_len = strlen(buf);
Check out the NIPQUAD makro.
I'm awfully sorry for not understanding what you've done here. Maybe our local
guru
Julian will see the missing part right away and we can all live happily ever
after.
Best regards,
Roberto Nibali, ratz
--
echo '[q]sa[ln0=aln256%Pln256/snlbx]sb3135071790101768542287578439snlbxq' | dc
|
