> > But I wonder if it was not better to trigger just an event
> > before PasvIpAddr will be used that would allow the component
> > user to do his individual checks, what do you think is better?

Maybe both ?
Compute a PasvIpAddr and pass it as var parameter to an event which can then
change it at will.

Contribute to the SSL Effort. Visit http://www.overbyte.be/eng/ssl.html
--
[EMAIL PROTECTED]
Author of ICS (Internet Component Suite, freeware)
Author of MidWare (Multi-tier framework, freeware)
http://www.overbyte.be


----- Original Message ----- 
From: "Arno Garrels" <[EMAIL PROTECTED]>
To: "ICS support mailing" <twsocket@elists.org>
Sent: Wednesday, October 25, 2006 2:10 PM
Subject: Re: [twsocket] FTP server, problem with property PasvIpAddr


> I need to check for the same subnet instead of
> private IPs, sometimes I'm too slow :)
>
> Arno Garrels wrote:
> > Arno Garrels wrote:
> >> Or modify the FTP server component in a way that
> >> PasvIpAddr can be set privately for a particular client
> >> depending on it's source IP (just an idea?).
> >
> > I need such an option as well. So I just changed the code
> > as mentioned above. New option ftpsNoPasvIpAddrInLan and
> > a function that checks whether the peer address is in a
> > private network or not.
> > But I wonder if it was not better to trigger just an event
> > before PasvIpAddr will be used that would allow the component
> > user to do his individual checks, what do you think is better?
> >
> > Currently I get the raw peer address in
> >
> > procedure TFtpCtrlSocket.Dup(newHSocket : TSocket);
> > var
> >     Len : Integer;
> > begin
> >     inherited Dup(newHSocket);
> > {$IFDEF CLR}
> >     if DesignMode then begin
> >         FPeerAddr := '';
> >         Exit;
> >     end;
> > {$ENDIF}
> >     //FPeerAddr := inherited GetPeerAddr;
> >     Len := SizeOf(TSockAddr);
> >     if WSocket_GetPeerName(newHSocket, FPeerSAddr, Len) = 0 then
> >         FPeerAddr := WSocket_inet_ntoa(FPeerSAddr.sin_addr)
> >     else begin
> >         SocketError('GetPeerName');
> >         Exit;
> >     end;
> > end;
> >
> > PeerSAddr is a new property, we need to get it just once.
> >
> >
> > function IsIpPrivate(saddr : TSockAddrIn): Boolean;
> > begin
> >     Result := (Byte(saddr.sin_addr.S_un_b.s_b1) = 10) or   // private
> > class A               (saddr.sin_addr.S_un_w.s_w1       = 4268) or //
> > private class B               (saddr.sin_addr.S_un_w.s_w1       =
> > 43200);  // private class C end;
> >
> >
> > {* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
> > * * * * *} procedure TFtpServer.CommandPASV(
> > ...
> >         else begin
> >             if (FPasvIpAddr = '') or
> >                ((ftpsNoPasvIpAddrInLan in FOptions) and
> >                IsIpPrivate(Client.PeerSAddr)) then
> >                 Answer := Format(msgPasvRemote,
> >                           [ord(IPAddr.S_un_b.s_b1),
> >                            ord(IPAddr.S_un_b.s_b2),
> >                            ord(IPAddr.S_un_b.s_b3),
> >                            ord(IPAddr.S_un_b.s_b4),
> >                            HiByte(DataPort),
> >                            LoByte(DataPort)])
> >             else begin
> > ...
> >
> >>
> >> ---
> >> Arno Garrels [TeamICS]
> >> http://www.overbyte.be/eng/overbyte/teamics.html
> >>
> >>
> >> Arnold FLUTEAUX wrote:
> >>> Ok, I understand that port 21 is an exception and the router
> >>> replaces automatically the private IP by the public IP.  It's not
> >>> the case for others
> >>> ports. OK.
> >>>
> >>> And for these others cases, we must use PASVIPAdress in which, we
> >>> set public
> >>> IP.
> >>>
> >>> So now, suppose that I've a server behind a router with IP public is
> >>> 194.206.244.150 for example and IP private would be 192.2.1.3.   I
> >>> set PASVIPAdress with 194.206.244.150 on port 1985 and I connect it
> >>> on from
> >>> outside lan. So it's OK.
> >>>
> >>> And now, if I want to connect it from inside LAN. So I connect it
> >>> with 192.2.1.3, always in passiv mode on 1985 port. But in this
> >>> case, it's not
> >>> good because the server response to PASV command the IP public
> >>> 194.206.244.150 and the client can't connect from inside to
> >>> 194.206.244.150.
> >>>
> >>> What can I do for this case ?
> >>>
> >>> Sorry it's difficult to explain that in English; I'm French !
> >>>
> >>>
> >>>
> >>> Arnold
> -- 
> To unsubscribe or change your settings for TWSocket mailing list
> please goto http://www.elists.org/mailman/listinfo/twsocket
> Visit our website at http://www.overbyte.be

-- 
To unsubscribe or change your settings for TWSocket mailing list
please goto http://www.elists.org/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be

Reply via email to