Bug#587655: FTP proxy frox uses only a few different local ports when started from inetd

Wed, 30 Jun 2010 09:39:24 -0700 

Package: frox
Version: 0.7.18-4

We are running frox from xinetd.
In this case, frox uses only a few different local ports for outgoing
TCP connections.
This is caused by a change in frox version 0.7.5:
 * Moved srand() to main.c to prevent reseeding on every call of
bind_me().
Now srand() is never called when frox is run in inetd mode.
srand() is called from new_connection() which is only called from
run_daemon() but not from run_with_inetd().
I propose to move srand() into main(), where it is called once for both
run modes.
 
This bug beats us if multiple FTP connections to the same destination
are started one after another with a short delay of only a few seconds. 
In this case frox uses the same local port for different connections.
This confuses the remote server.
It accepts the first connection.
But for the second connection there is a delay of about 90 seconds
before we get a syn ack.
I think this occurs, because the remote server waits until the TIME_WAIT
of the previous connection is timed out.
 
We are running frox on Debian GNU/Linux 5.0.4 with kernel
2.6.26-2-686-bigmem.
Frox checks in bind_me(), if bind() fails with EADDRINUSE.
This check should prevent duplicate local ports.
But this error never occurs.
Apparently, a current kernel allows to bind to the same local port which
was in use only a few seconds ago.

 

Example output from tcpdump (flags removed fror brevity)

tcpdump -ni eth0 'tcp[tcpflags] & tcp-syn != 0' and src host
1xx.91.129.7 and dst port 21

13:11:40.055675 IP 1xx.91.129.7.49383 > 2xx.158.111.3.21: S
13:12:03.722709 IP 1xx.91.129.7.49383 > 2xx.6.198.99.21: S
13:15:04.697885 IP 1xx.91.129.7.40886 > 1xx.95.226.140.21: S
13:15:09.211815 IP 1xx.91.129.7.49383 > 1xx.38.3.180.21: S
13:16:00.117402 IP 1xx.91.129.7.47281 > 1xx.38.3.174.21: S
13:16:21.281711 IP 1xx.91.129.7.48335 > 1xx.113.141.121.21: S
13:16:37.439948 IP 1xx.91.129.7.49383 > 1xx.95.226.140.21: S
13:19:11.673447 IP 1xx.91.129.7.49383 > 2xx.48.100.206.21: S
13:19:25.561600 IP 1xx.91.129.7.40886 > 1xx.96.8.105.21: S
13:21:18.148914 IP 1xx.91.129.7.40886 > 2xx.86.206.152.21: S
13:21:40.052250 IP 1xx.91.129.7.40886 > 2xx.158.111.3.21: S
13:22:03.598634 IP 1xx.91.129.7.40886 > 2xx.6.198.99.21: S
13:25:04.745362 IP 1xx.91.129.7.40886 > 1xx.95.226.140.21: S

Reply via email to