Hi, I would like to propose a patch for ftp-proxy. This patch implement an option concerning specific timeout (connect_timeout). It add an option for setting connect_timeout variable while starting ftp-proxy (this variable is currently set to 30 in code). Setting this variable to another value can solve many troubles with some ftp server:
ex: - There are some public ftp servers missconfigurated who use ident protocol and wait 30 seconds on ident port before sending banner. With the default connect_timeout value, it is not possible to connect to theses servers with fw filtering ident port. With a higher value, it will succeed - It can be also usefull to change these value and set it to a lower value in order to drop these kind of servers quickly. That's why I think adding a knob can be usefull. What do you thing about this idea ? Other people should have had troubles with the default value. Kind regards, Tiery ----- diff -u -p -r -r ftp-proxy.orig/ftp-proxy.8 ftp-proxy/ftp-proxy.8 --- ftp-proxy.orig/ftp-proxy.8 Tue Jan 5 11:31:39 2010 +++ ftp-proxy/ftp-proxy.8 Tue Jan 5 16:41:34 2010 @@ -26,6 +26,7 @@ .Op Fl 6Adrv .Op Fl a Ar address .Op Fl b Ar address +.Op Fl c Ar connect_timeout .Op Fl D Ar level .Op Fl m Ar maxsessions .Op Fl P Ar port @@ -95,6 +96,9 @@ connection to a server. .It Fl b Ar address Address where the proxy will listen for redirected control connections. The default is 127.0.0.1, or ::1 in IPv6 mode. +.It Fl c Ar connect_timeout +Number of seconds that the connection will wait before +assuming that the server is down. The default is 30 seconds. .It Fl D Ar level Debug level, ranging from 0 to 7. Higher is more verbose. Only in ftp-proxy: ftp-proxy.8.orig diff -u -p -r -r ftp-proxy.orig/ftp-proxy.c ftp-proxy/ftp-proxy.c --- ftp-proxy.orig/ftp-proxy.c Tue Jan 5 11:31:39 2010 +++ ftp-proxy/ftp-proxy.c Tue Jan 5 16:49:21 2010 @@ -44,7 +44,6 @@ #include "filter.h" -#define CONNECT_TIMEOUT 30 #define MIN_PORT 1024 #define MAX_LINE 500 #define MAX_LOGLINE 300 @@ -115,8 +114,8 @@ char ntop_buf[NTOP_BUFS][INET6_ADDRSTRLEN]; struct sockaddr_storage fixed_server_ss, fixed_proxy_ss; char *fixed_server, *fixed_server_port, *fixed_proxy, *listen_ip, *listen_port, *qname, *tagname; -int anonymous_only, daemonize, id_count, ipv6_mode, loglevel, max_sessions, - rfc_mode, session_count, timeout, verbose; +int anonymous_only, connect_timeout, daemonize, id_count, ipv6_mode, loglevel, + max_sessions, rfc_mode, session_count, timeout, verbose; extern char *__progname; void @@ -506,7 +505,7 @@ handle_connection(const int listen_fd, short event, vo logmsg(LOG_CRIT, "#%d bufferevent_new server failed", s->id); goto fail; } - bufferevent_settimeout(s->server_bufev, CONNECT_TIMEOUT, 0); + bufferevent_settimeout(s->server_bufev, connect_timeout, 0); bufferevent_enable(s->server_bufev, EV_READ | EV_TIMEOUT); return; @@ -592,6 +591,7 @@ main(int argc, char *argv[]) /* Defaults. */ anonymous_only = 0; + connect_timeout = 30; daemonize = 1; fixed_proxy = NULL; fixed_server = NULL; @@ -611,7 +611,7 @@ main(int argc, char *argv[]) id_count = 1; session_count = 0; - while ((ch = getopt(argc, argv, "6Aa:b:D:dm:P:p:q:R:rT:t:v")) != -1) { + while ((ch = getopt(argc, argv, "6Aa:b:c:D:dm:P:p:q:R:rT:t:v")) != -1) { switch (ch) { case '6': ipv6_mode = 1; @@ -625,6 +625,11 @@ main(int argc, char *argv[]) case 'b': listen_ip = optarg; break; + case 'c': + connect_timeout = strtonum(optarg, 0, 86400, &errstr); + if (errstr) + errx(1, "connect timeout %s", errstr); + break; case 'D': loglevel = strtonum(optarg, LOG_EMERG, LOG_DEBUG, &errstr); @@ -1119,8 +1124,9 @@ void usage(void) { fprintf(stderr, "usage: %s [-6Adrv] [-a address] [-b address]" - " [-D level] [-m maxsessions]\n [-P port]" - " [-p port] [-q queue] [-R address] [-T tag]\n" - " [-t timeout]\n", __progname); + " [-c connect_timeout] \n [-D level]" + " [-m maxsessions] [-P port] [-p port] [-q queue]\n" + " [-R address] [-T tag] [-t timeout]\n" + , __progname); exit(1); } Only in ftp-proxy: ftp-proxy.c.orig