[jira] Updated: (FTPSERVER-83) Allow configuring IP address for PASV response

[Clinton Foster (JIRA)]

     [ 
https://issues.apache.org/jira/browse/FTPSERVER-83?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Clinton Foster updated FTPSERVER-83:
------------------------------------

    Attachment: FTPSERVER-83_diffs.zip

These diffs are based on the pre-MINA code base from early January 07. I will 
provide updated diffs when I upgrade to the latest source code if these changes 
have not been incorporated into the code base by then.

> Allow configuring IP address for PASV response
> ----------------------------------------------
>
>                 Key: FTPSERVER-83
>                 URL: https://issues.apache.org/jira/browse/FTPSERVER-83
>             Project: FtpServer
>          Issue Type: Improvement
>          Components: Core
>            Reporter: Clinton Foster
>            Priority: Minor
>         Attachments: FTPSERVER-83_diffs.zip
>
>
> Currently there is no way to configure the IP address returned in response to 
> the PASV command. The config.data-connection.passive.address parameter allows 
> configuring the local network interface where data connections should be 
> accepted. But if the server is behind a firewall, the address it returns to 
> the client must be an external address, not a local address like 10.10.1.2.
> The current code will only work with firewalls that are smart enough to sniff 
> the control connection and automatically rewrite the correct external address 
> in PASV responses. But it won't work if the control connection is running 
> over SSL. To handle the SSL case (and the unsophisticated firewall case) a 
> new configuration parameter is needed. I would suggest calling it 
> config.data-connection.passive.external-address.
> Ideally, the server should notice if the client's control connection came 
> from a local address, and if so return the local address instead of the 
> external address. This allows local clients to make passive data connections 
> to the server even if the external address is not resolvable for them. JDK 
> 1.4 provides methods on InetAddress for making this determination, such as 
> isLinkLocalAddress().
> I am going to attach a patch for the pre-MINA code base from early January 
> (2007). When I update to the latest code base I can attach an updated patch 
> if this patch hasn't been incorporated by that time.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.