SYSTEM WARNING: 'date_default_timezone_get(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone.' in '/usr/share/mantis/www/core.php' line 264

0000290: ftp proxy not working . - MantisBT
MantisBT - Endian Firewall
View Issue Details
0000290Endian FirewallApplication Level Proxiespublic2007-11-02 07:052008-04-23 17:41
clubbing80s 
ra-endian 
normalmajoralways
closedfixed 
2.2-beta1 
2.2-beta42.2-beta4 
0000290: ftp proxy not working .
Hi
The ftp proxy is not working correctly. I tested with firfox and ncftp.
When both are configured to use the proxy 21 the following error occurred
"501 Proxy unable to contact ftp server"
when both are configured to use the proxy 2121 the following error occurred
ff "reported 502 Command not implemented"
nctftp "Could not open host ftp.is.co.za: invalid reply from server.
        Could not read reply from control connection: Connection reset by peer"

I have attached frox.log for my testing period
No tags attached.
has duplicate 0000538closed ra-endian FTP Antivirus not working 
related to 0000262closed ra-endian 421 Proxy tried to loop error when ftp proxy is enabled 
log frox.log (37,723) 2007-11-02 07:05
https://bugs.endian.com/file_download.php?file_id=55&type=bug
? frox.conf (870) 2007-12-07 15:13
https://bugs.endian.com/file_download.php?file_id=63&type=bug
jpg system_acess_4frox_conf.JPG (80,814) 2007-12-07 15:16
https://bugs.endian.com/file_download.php?file_id=64&type=bug
jpg
Issue History
2007-11-02 07:05clubbing80sNew Issue
2007-11-02 07:05clubbing80sFile Added: frox.log
2007-12-06 19:58CIURINote Added: 0000684
2007-12-07 10:58peter-endianNote Added: 0000685
2007-12-07 15:13CIURINote Added: 0000686
2007-12-07 15:13CIURIFile Added: frox.conf
2007-12-07 15:16CIURIFile Added: system_acess_4frox_conf.JPG
2007-12-12 09:30clubbing80sNote Added: 0000694
2008-02-04 14:42ra-endianRelationship addedhas duplicate 0000538
2008-02-04 14:42ra-endianTarget Version => 2.2-rc1
2008-02-04 15:07peter-endianRelationship addedrelated to 0000262
2008-02-28 14:31ra-endianStatusnew => assigned
2008-02-28 14:31ra-endianAssigned To => ra-endian
2008-02-28 14:31ra-endianStatusassigned => confirmed
2008-02-28 14:47ra-endianStatusconfirmed => resolved
2008-02-28 14:47ra-endianFixed in Version => 2.2-rc1
2008-02-28 14:47ra-endianResolutionopen => fixed
2008-02-28 14:47ra-endianNote Added: 0000939
2008-03-04 14:42ra-endianTarget Version2.2-rc1 => 2.2-beta4
2008-03-04 14:43ra-endianFixed in Version2.2-rc1 => 2.2-beta4
2008-04-10 07:10AnonymousStatusresolved => feedback
2008-04-10 07:10AnonymousResolutionfixed => reopened
2008-04-10 07:10AnonymousNote Added: 0000981
2008-04-10 07:11AnonymousNote Edited: 0000981
2008-04-10 07:13AnonymousNote Edited: 0000981
2008-04-22 13:25ra-endianStatusfeedback => resolved
2008-04-22 13:25ra-endianResolutionreopened => fixed
2008-04-23 17:41peter-endianStatusresolved => closed

Notes
(0000684)
CIURI   
2007-12-06 19:58   
Got the same problem but the log dosent tell me anything.Tried to recompile from scratch a version of frox no luck still not working.I think thats a bug from frox.I will try to run frox from other linux distro to see if its doing the same thing.
(0000685)
peter-endian   
2007-12-07 10:58   
well, we try to eliminate frox and to use squid instead for ftp proxying
so far we have some troubles with some ftp authentication possibilities
(0000686)
CIURI   
2007-12-07 15:13   
I got it working today ,first you must set from system access on the web interface
to let the traffic pass to the system and then the port 2121 opens and you are able to access frox.

The second problem is that the virus scan dosent work at all.All files are virus infected :).Thats stupid because I tried to scan with "/usr/bin/clamdscan" the file downloaded without the virus scan and the file is clean.The ftp link I tested is from hp.com where virus infected files cannot be :).

Whit out the virus scan option in the config file it works perfectly.

Only Firefox and Opera dosent like the ftp proxy.You will get timmed out when you try to download something from the ftp. Tried all configs possible whiteout
luck.In IE 7 it works whiteout problems.

I recompiled frox and activated the cache option and it works ok.
(0000694)
clubbing80s   
2007-12-12 09:30   
Hi CIURI what source did you use to compile from ? a source rpm if so which one, or the raw source ?
Thanks for your input ..
(0000939)
ra-endian   
2008-02-28 14:47   
the input firewall drops the connection to the frox.

Please change this line
from:
udp,,2121,on,,GREEN&BLUE&ORANGE&VPN:ANY,off,FTP,ACCEPT,,

to:
tcp,,2121,on,,GREEN&BLUE&ORANGE&VPN:ANY,off,FTP,ACCEPT,,

in the file /etc/firewall/inputfw/frox.conf.tmpl

and restart the frox with the command "restartfrox"
(0000981)
Anonymous   
2008-04-10 07:10   
(edited on: 2008-04-10 07:13)
Hi,

changed the
from:
udp,,2121,on,,GREEN&BLUE&ORANGE&VPN:ANY,off,FTP,ACCEPT,,

to:
tcp,,2121,on,,GREEN&BLUE&ORANGE&VPN:ANY,off,FTP,ACCEPT,,

and on system access added a new rule

1 <ANY> GREEN BLUE TCP/2121 ALLOW FTPFROX
2 <ANY> GREEN BLUE TCP/21 ALLOW FTPFROX

Now i got no deny messages in firewall log.

Only
Apr 10 09:04:25 INPUTFW:ACCEPT:1 br0 KEY_TCP 192.168.x.x 1482 macaddress 172.16.x.30 2121

but i cant use an FTP Programm like Filezilla.. tryed Proxy 172.16.x.30 with ports 8080 , 2121 and 21.

Still no luck with FTP Transfer.

Endian Version is 2.2 beta 3.

I'm using the Endian in Gateway Mode.
Working as a Proxy, AV Filter and Content Filter.