Hi,
I would like to propose a patch for ftp-proxy. This patch implement an
option concerning specific timeout (connect_timeout).
It add an option for setting connect_timeout variable while starting
ftp-proxy (this variable is currently set to 30 in code). Setting this
variable to another value can solve many troubles with some ftp server:
ex:
- There are some public ftp servers missconfigurated who use ident protocol
and wait 30 seconds on ident port before sending banner.
With the default connect_timeout value, it is not possible to connect to
theses servers with fw filtering ident port. With a higher value, it will
succeed
- It can be also usefull to change these value and set it to a lower value
in order to drop these kind of servers quickly.
That's why I think adding a knob can be usefull.
What do you thing about this idea ? Other people should have had troubles
with the default value.
Kind regards,
Tiery
-
diff -u -p -r -r ftp-proxy.orig/ftp-proxy.8 ftp-proxy/ftp-proxy.8
--- ftp-proxy.orig/ftp-proxy.8Tue Jan 5 11:31:39 2010
+++ ftp-proxy/ftp-proxy.8Tue Jan 5 16:41:34 2010
@@ -26,6 +26,7 @@
.Op Fl 6Adrv
.Op Fl a Ar address
.Op Fl b Ar address
+.Op Fl c Ar connect_timeout
.Op Fl D Ar level
.Op Fl m Ar maxsessions
.Op Fl P Ar port
@@ -95,6 +96,9 @@ connection to a server.
.It Fl b Ar address
Address where the proxy will listen for redirected control connections.
The default is 127.0.0.1, or ::1 in IPv6 mode.
+.It Fl c Ar connect_timeout
+Number of seconds that the connection will wait before
+assuming that the server is down. The default is 30 seconds.
.It Fl D Ar level
Debug level, ranging from 0 to 7.
Higher is more verbose.
Only in ftp-proxy: ftp-proxy.8.orig
diff -u -p -r -r ftp-proxy.orig/ftp-proxy.c ftp-proxy/ftp-proxy.c
--- ftp-proxy.orig/ftp-proxy.cTue Jan 5 11:31:39 2010
+++ ftp-proxy/ftp-proxy.cTue Jan 5 16:49:21 2010
@@ -44,7 +44,6 @@
#include filter.h
-#define CONNECT_TIMEOUT30
#define MIN_PORT1024
#define MAX_LINE500
#define MAX_LOGLINE300
@@ -115,8 +114,8 @@ char ntop_buf[NTOP_BUFS][INET6_ADDRSTRLEN];
struct sockaddr_storage fixed_server_ss, fixed_proxy_ss;
char *fixed_server, *fixed_server_port, *fixed_proxy, *listen_ip,
*listen_port,
*qname, *tagname;
-int anonymous_only, daemonize, id_count, ipv6_mode, loglevel, max_sessions,
-rfc_mode, session_count, timeout, verbose;
+int anonymous_only, connect_timeout, daemonize, id_count, ipv6_mode,
loglevel,
+max_sessions, rfc_mode, session_count, timeout, verbose;
extern char *__progname;
void
@@ -506,7 +505,7 @@ handle_connection(const int listen_fd, short event, vo
logmsg(LOG_CRIT, #%d bufferevent_new server failed, s-id);
goto fail;
}
-bufferevent_settimeout(s-server_bufev, CONNECT_TIMEOUT, 0);
+bufferevent_settimeout(s-server_bufev, connect_timeout, 0);
bufferevent_enable(s-server_bufev, EV_READ | EV_TIMEOUT);
return;
@@ -592,6 +591,7 @@ main(int argc, char *argv[])
/* Defaults. */
anonymous_only= 0;
+connect_timeout= 30;
daemonize= 1;
fixed_proxy= NULL;
fixed_server= NULL;
@@ -611,7 +611,7 @@ main(int argc, char *argv[])
id_count= 1;
session_count= 0;
-while ((ch = getopt(argc, argv, 6Aa:b:D:dm:P:p:q:R:rT:t:v)) != -1) {
+while ((ch = getopt(argc, argv, 6Aa:b:c:D:dm:P:p:q:R:rT:t:v)) != -1)
{
switch (ch) {
case '6':
ipv6_mode = 1;
@@ -625,6 +625,11 @@ main(int argc, char *argv[])
case 'b':
listen_ip = optarg;
break;
+case 'c':
+connect_timeout = strtonum(optarg, 0, 86400, errstr);
+if (errstr)
+errx(1, connect timeout %s, errstr);
+break;
case 'D':
loglevel = strtonum(optarg, LOG_EMERG, LOG_DEBUG,
errstr);
@@ -1119,8 +1124,9 @@ void
usage(void)
{
fprintf(stderr, usage: %s [-6Adrv] [-a address] [-b address]
- [-D level] [-m maxsessions]\n [-P port]
- [-p port] [-q queue] [-R address] [-T tag]\n
- [-t timeout]\n, __progname);
+ [-c connect_timeout] \n [-D level]
+ [-m maxsessions] [-P port] [-p port] [-q queue]\n
+ [-R address] [-T tag] [-t timeout]\n
+, __progname);
exit(1);
}
Only in ftp-proxy: ftp-proxy.c.orig