Thanks for your information, Michael.
Extremely helpful stuff.
Soundforge,
Please fix your site. It's simply bogus to force people who work
behind firewalls to jump through hoops in order to access the PCMCIA
sources. Open Source Code access should always be straightforward.
Especially for major projects, like PCMCIA!
Miles
"Michael H. Warfield" wrote:
>
> On Mon, Oct 25, 1999 at 09:28:36AM -0700, Miles Lane wrote:
> > Help!
>
> > I have been unable to connect to the new PCMCIA distribution
> > FTP site. I have checked with David Hinds and he says noone
> > else has reported any problems. I know basically nothing about
> > network protocols, so your help is greatly appreciated!
>
> I've noticed two problems with SourceForge.org.
>
> One is that they are connecting back on auth, looking for the
> ident service, when you first make a connection to them. If they can't
> connect to ident because you are behind a firewall, or aren't running
> auth, and they don't get a RST or some sort of ICMP unreachable back (maybe
> because you are behind a firewall that doesn't send them) they seem to have
> a ridiculous timeout before giving up on auth. It's like 5 or 10 minutes
> long! And you just sit and sit and sit there waiting for the blinken
> thing to come back to you with a prompt after connecting.
>
> I don't know the exact timeout, because every time I've tried to
> access it from behind any of my firewalls, I end up doing something else
> and checking back from time to time. Unfortunately, by the time I've
> noticed that the ident time-out has fired and I have a prompt, the 3
> minute idle timer has also fired and it has disconnected me. Interactive
> ftp from behind a firewall where ident has to time out is virtually
> useless with their site.
>
> Next problem occured when I tried to use fmirror to retrieve the
> files (wget won't work because wget doesn't support passive mode and I
> have to use passive mode through our firewalls). An attempt to mirror
> over the pcmcia directory from SourceForge went absolutely, positively,
> berzerk. I got the same directory listing scrolling over and over and over
> again when fmirror tried to determine what needed to be gotten.
>
> Discovered that it's a bug in the "list" operation at their end.
> Fmirror is configurable but the list command options default to -lgRa.
> Unfortunately, the list command at that end is broken for the "-a"
> option in combination with "-R" and recurses on "." repeating the same
> thing over and over again. Just try doing a "dir -lgRa" in any directory
> once you've connected to them, you'll see what I mean. The fix for that
> was to set the listing options to "-lgRA" and it no longer recursed on ".".
> Using "-A" instead of "-a" probably makes sense anyways. The only thing
> that will probably be broken is the mirrored modification time of the
> root directory of the mirror operation.
>
> So I got my work-around. If I have to connect to SourceForge
> I use fmirror to retrieve files so I don't have to deal with their broken
> ident timeout and I set the listing options to -lgRA to avoid the -a
> bug in the recursive listings. This way, I turn fmirror loose and come
> back 10 minutes later and it has patiently sat through the timeout and
> grabbed the files I've wanted as soon as it is permitted in.
>
> I hadn't complained to them or David, because I managed to figure
> out somewhat reasonable workarounds. I'm Cc'ing this to all of them as
> well, to let them know of my experience.
>
> They are also running a vulnerable version of ProFTP on that
> site. They're running ProFTP 1.2.0pre1 according to the banner and
> everything prior to 1.2.0pre6 had some pretty serious nasty buffer
> overflows and such. Someone is not keeping up with security advisories
> or upgrades. :-(
>
> Mike
> --
> Michael H. Warfield | (770) 985-6132 | [EMAIL PROTECTED]
> (The Mad Wizard) | (770) 331-2437 | http://www.wittsend.com/mhw/
> NIC whois: MHW9 | An optimist believes we live in the best of all
> PGP Key: 0xDF1DD471 | possible worlds. A pessimist is sure of it!
-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to [EMAIL PROTECTED]
