diff options
author | Kjell Wooding <kjell@cvs.openbsd.org> | 2000-04-12 21:32:40 +0000 |
---|---|---|
committer | Kjell Wooding <kjell@cvs.openbsd.org> | 2000-04-12 21:32:40 +0000 |
commit | 6b5ac2f2b5fe98e3a41fd70108b08b9231d4790a (patch) | |
tree | d7ab77b36ff66cdd25f9214aa3f7fb0eca098d7c /sys | |
parent | e2ce5f8ca32d5fd59097b9068f6fe1f51d229da6 (diff) |
FTP Proxy changes introduced in 3.3.12 were too agressive. Tone down
a bit. posted to ipf list by darrenr@pobox.com
Diffstat (limited to 'sys')
-rw-r--r-- | sys/netinet/ip_ftp_pxy.c | 15 |
1 files changed, 7 insertions, 8 deletions
diff --git a/sys/netinet/ip_ftp_pxy.c b/sys/netinet/ip_ftp_pxy.c index ab947e72aa8..755bbe4efca 100644 --- a/sys/netinet/ip_ftp_pxy.c +++ b/sys/netinet/ip_ftp_pxy.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ip_ftp_pxy.c,v 1.9 2000/04/05 05:35:27 kjell Exp $ */ +/* $OpenBSD: ip_ftp_pxy.c,v 1.10 2000/04/12 21:32:39 kjell Exp $ */ /* * Simple FTP transparent proxy for in-kernel use. For use with the NAT @@ -17,9 +17,7 @@ extern kmutex_t ipf_rw; #define IPF_MAXPORTLEN 30 #define IPF_MIN227LEN 39 #define IPF_MAX227LEN 51 -#define IPF_FTPBUFSZ MAX(68,IPF_MAX227LEN) /* This *MUST* be >= 51! */ - /* 68 is chosen as the minimum datagram size for */ - /* an unfragmented packet */ +#define IPF_FTPBUFSZ MAX(96,IPF_MAX227LEN) /* This *MUST* be >= 51! */ int ippr_ftp_init __P((void)); @@ -208,6 +206,7 @@ nat_t *nat; */ if (ippr_ftp_complete(portbuf, dlen)) return 0; + ftp = nat->nat_aps->aps_data; switch (ftp->ftp_passok) { @@ -433,15 +432,14 @@ nat_t *nat; * Don't put the switch in one common function because one side * should only see numeric responses and the other commands. */ - if (ippr_ftp_complete(portbuf, dlen)) - return 0; + ftp = nat->nat_aps->aps_data; switch (ftp->ftp_passok) { case 1 : if (!strncmp(portbuf, "331", 3)) ftp->ftp_passok = 2; - else if (!strncmp(portbuf, "520", 3)) + else if (!strncmp(portbuf, "530", 3)) ftp->ftp_passok = 0; break; case 3 : @@ -452,8 +450,9 @@ nat_t *nat; break; } - if (ftp->ftp_passok != 4) + if (ippr_ftp_complete(portbuf, dlen) || (ftp->ftp_passok != 4)) return 0; + /* * Check for PASV reply message. */ |