Hi,
I would like to propose a patch for ftp-proxy. This patch implement an
option concerning specific timeout (connect_timeout).
It add an option for setting connect_timeout variable while starting
ftp-proxy (this variable is currently set to 30 in code). Setting this
variable to another value can solve many troubles with some ftp server:
ex:
- There are some public ftp servers missconfigurated who use ident protocol
and wait 30 seconds on ident port before sending banner.
With the default connect_timeout value, it is not possible to connect to
theses servers with fw filtering ident port. With a higher value, it will
succeed
- It can be also usefull to change these value and set it to a lower value
in order to drop these kind of servers quickly.
That's why I think adding a knob can be usefull.
What do you thing about this idea ? Other people should have had troubles
with the default value.
Kind regards,
Tiery
-----
diff -u -p -r -r ftp-proxy.orig/ftp-proxy.8 ftp-proxy/ftp-proxy.8
--- ftp-proxy.orig/ftp-proxy.8 Tue Jan 5 11:31:39 2010
+++ ftp-proxy/ftp-proxy.8 Tue Jan 5 16:41:34 2010
@@ -26,6 +26,7 @@
.Op Fl 6Adrv
.Op Fl a Ar address
.Op Fl b Ar address
+.Op Fl c Ar connect_timeout
.Op Fl D Ar level
.Op Fl m Ar maxsessions
.Op Fl P Ar port
@@ -95,6 +96,9 @@ connection to a server.
.It Fl b Ar address
Address where the proxy will listen for redirected control connections.
The default is 127.0.0.1, or ::1 in IPv6 mode.
+.It Fl c Ar connect_timeout
+Number of seconds that the connection will wait before
+assuming that the server is down. The default is 30 seconds.
.It Fl D Ar level
Debug level, ranging from 0 to 7.
Higher is more verbose.
Only in ftp-proxy: ftp-proxy.8.orig
diff -u -p -r -r ftp-proxy.orig/ftp-proxy.c ftp-proxy/ftp-proxy.c
--- ftp-proxy.orig/ftp-proxy.c Tue Jan 5 11:31:39 2010
+++ ftp-proxy/ftp-proxy.c Tue Jan 5 16:49:21 2010
@@ -44,7 +44,6 @@
#include "filter.h"
-#define CONNECT_TIMEOUT 30
#define MIN_PORT 1024
#define MAX_LINE 500
#define MAX_LOGLINE 300
@@ -115,8 +114,8 @@ char ntop_buf[NTOP_BUFS][INET6_ADDRSTRLEN];
struct sockaddr_storage fixed_server_ss, fixed_proxy_ss;
char *fixed_server, *fixed_server_port, *fixed_proxy, *listen_ip,
*listen_port,
*qname, *tagname;
-int anonymous_only, daemonize, id_count, ipv6_mode, loglevel, max_sessions,
- rfc_mode, session_count, timeout, verbose;
+int anonymous_only, connect_timeout, daemonize, id_count, ipv6_mode,
loglevel,
+ max_sessions, rfc_mode, session_count, timeout, verbose;
extern char *__progname;
void
@@ -506,7 +505,7 @@ handle_connection(const int listen_fd, short event, vo
logmsg(LOG_CRIT, "#%d bufferevent_new server failed", s->id);
goto fail;
}
- bufferevent_settimeout(s->server_bufev, CONNECT_TIMEOUT, 0);
+ bufferevent_settimeout(s->server_bufev, connect_timeout, 0);
bufferevent_enable(s->server_bufev, EV_READ | EV_TIMEOUT);
return;
@@ -592,6 +591,7 @@ main(int argc, char *argv[])
/* Defaults. */
anonymous_only = 0;
+ connect_timeout = 30;
daemonize = 1;
fixed_proxy = NULL;
fixed_server = NULL;
@@ -611,7 +611,7 @@ main(int argc, char *argv[])
id_count = 1;
session_count = 0;
- while ((ch = getopt(argc, argv, "6Aa:b:D:dm:P:p:q:R:rT:t:v")) != -1) {
+ while ((ch = getopt(argc, argv, "6Aa:b:c:D:dm:P:p:q:R:rT:t:v")) != -1)
{
switch (ch) {
case '6':
ipv6_mode = 1;
@@ -625,6 +625,11 @@ main(int argc, char *argv[])
case 'b':
listen_ip = optarg;
break;
+ case 'c':
+ connect_timeout = strtonum(optarg, 0, 86400, &errstr);
+ if (errstr)
+ errx(1, "connect timeout %s", errstr);
+ break;
case 'D':
loglevel = strtonum(optarg, LOG_EMERG, LOG_DEBUG,
&errstr);
@@ -1119,8 +1124,9 @@ void
usage(void)
{
fprintf(stderr, "usage: %s [-6Adrv] [-a address] [-b address]"
- " [-D level] [-m maxsessions]\n [-P port]"
- " [-p port] [-q queue] [-R address] [-T tag]\n"
- " [-t timeout]\n", __progname);
+ " [-c connect_timeout] \n [-D level]"
+ " [-m maxsessions] [-P port] [-p port] [-q queue]\n"
+ " [-R address] [-T tag] [-t timeout]\n"
+ , __progname);
exit(1);
}
Only in ftp-proxy: ftp-proxy.c.orig
