Cern proxy ftp URL fails, but anon ftp to same site works

Cern proxy ftp URL fails, but anon ftp to same site works

Post by Thomas Benjam » Sat, 22 Jul 1995 04:00:00



I am running CERN 3.0 on a HP800 in proxy mode.  From the proxy server
I can reach ftp.uu.net from the unix command line and download files.
Within netscape (either on the proxy or a separate client), pointing
to ftp://ftp.uu.net fails with the following message:

=====
Fatal Error 500

Can't Access Document: ftp://ftp.uu.net/.

Reason: FTP-server replies: Entering Passive Mode (192,48,96,9,12,175).

Reason: System call `NETWRITE' failed: No route to host.
=====

Diagnostic output (annotated) from httpd -v is listed below:

It appears there is a failed attempt to reach ftp.uu.net:3247
from the proxy (pandora).  This happens in PASV mode.

Next, there is an attempt to use PORT mode, which also fails.

The internet router ACLs for pandora allow outbound telnet, ftp,
and mail.  Outbound Tcp above 1024 is not allowed.  Inbound TCP
above 1024 is allowed for client ports.

Another Cern proxy host (Sun-SunOs 4.1.3) in our company succeeds
with ftp URL's.  The router ACLs are the same, save for the source
IP address, which is on the same class B subnet as my computer.  
The sys-admin is not curently unavilable to answer questions, and
he may not have compiled the proxy server.

Any suggestions?
Thanks. Tom Benjamin

=====
Default..... server type StandAlone (Port defined)
ServerType.. standalone (turning on forking)
Daemon...... Parsed address as port 80, inet 0.0.0.0
                                             ^^^^^^^          
                    should this be a real IP address?  (tom)

IP.......... Opened socket number 5
Daemon...... Master socket(), bind() and listen() all OK
PidFile..... /users/thomasb/build/WWW/Cern/WWW/server_root/httpd-pid
ServerLoop.. Unix standalone
Disabling... gc [caching not enabled either] #1
Gc.......... disabled altogether
No timeout.. not doing select()
Daemon...... accepting connection...
Accepted.... new socket 6
StandAlone.. Doing fork()
Child....... I'm alive
Linger...... no longer set by default
HTHandle.... fork() succeeded
Gc.......... disabled altogether
No timeout.. not doing select()
Daemon...... accepting connection...
TCP......... Peer name is `raven.austin.lockheed.com'
                           ^^^^^netscape client^^^^^ (tom)

Reading..... socket 6 from host 129.197.212.44
User-Agent.. Mozilla/1.1N (X11; I; SunOS 4.1.3 sun4)
HTSimplify.. `ftp://ftp.uu.net/' into
............ `ftp://ftp.uu.net/'
Pass........ rule matched "ftp://ftp.uu.net/" -> "ftp://ftp.uu.net/"
Passing..... "ftp://ftp.uu.net/"
AuthCheck... Translated path: "ftp://ftp.uu.net/" (method: GET)
AccessOk.... No protect rule for proxy access
Forwarding.. URL `ftp://ftp.uu.net/'
AA.......... check returned 200
Translated.. "ftp://ftp.uu.net/"
SysInfo..... httpd means user (httpd:*:33008:33002:...)
SysInfo..... httpd means group (httpd:*:33002:...)
Doing... setgid(33002) and setuid(33008)
No caching.. enabled
FindAnchor.. 40020d40 with hash 84 and address `ftp://ftp.uu.net/' created
HTAccess.... Loading document ftp://ftp.uu.net/
FTP......... Looking for `ftp://ftp.uu.net/'
HTDoConnect. Looking up `ftp.uu.net'
HostCache... Adding single-homed host `ftp.uu.net'
ParseInet... Parsed address as port 21 on 192.48.96.9
HTDoConnect. Created socket number 7
FTP......... Control connected, socket 7
FTP Rx...... 220 ftp.UU.NET FTP server (Version wu-2.4(3) Fri Nov 25 16:08:40 EST
1994) ready.
FTP Tx...... USER anonymous
FTP Rx...... 331 Guest login ok, send your complete e-mail address as password.
FTP Tx...... PASS ********
FTP Rx...... 230-
230-                Welcome to the UUNET archive.
[ remainder of UUNET Welcome message deleted (tom)]

FTP......... Logged in at `ftp.uu.net' as `anonymous'
FTP Tx...... PASV
FTP Rx...... 227 Entering Passive Mode (192,48,96,9,12,175)
FTP......... Server is listening on port 3247
HTDoConnect. Looking up `192.48.96.9'
ParseInet... Parsed address as port 3247 on 192.48.96.9
HTDoConnect. Created socket number 8
TCP errno... 242 after call to connect() failed.
............ No route to host
Message..... Handle: 0  Code:   0       Message: `System call `%s' failed: '
Severity: 1    Parameter: `System call `connect' failed: No route to host'
Where: `connect'
FTP......... Data connection failed using PASV, let's try PORT instead
HTListen.... Created socket number 8
FTP......... This host is `129.197.213.4'
FTP......... Bound to port 4861 on 129.197.213.4
FTP......... Data socket number 8 listening
FTP Tx...... PORT 129,197,213,4,18,253
FTP......... Error sending command
TCP errno... 242 after call to NETWRITE() failed.
............ No route to host
Message..... Handle: 0  Code:   0       Message: `System call `%s' failed: '
Severity: 1    Parameter: `System call `NETWRITE' failed: No route to host'
Where: `NETWRITE'
Message..... Handle: 1  Code:   0       Message: `FTP-server replies'   Severity: 1
Parameter: `Entering Passive Mode (192,48,96,9,12,175)'  Where: `HTLoadFTP'
FTP......... Aborting ctrl socket 7
FTP......... Closing data socket 8
Message..... Handle: 2  Code: 500       Message: `Can't Access Document'
Severity: 1    Parameter: `ftp://ftp.uu.net/'  Where: `HTLoadFTP'
HTError..... Generating error message.
HTTP header. length: 152 bytes
............ Headers for the client
HTTP/1.0 500 Internal error
MIME-Version: 1.0
Server: CERN/3.0
Date: Friday, 21-Jul-95 22:46:28 GMT
Content-Type: text/html
Content-Length: 389

............ End of headers
HTAccess: Can't access `ftp://ftp.uu.net/'
Socket...... 6 disconnected by peer
Child....... exiting with status 0
Parent...... child pid 23820 has finished
Gc.......... disabled altogether
No timeout.. not doing select()
Daemon...... accepting connection...
--

Computer Systems Support     512.386.2887
Lockheed Austin Division     Org. 5T-31, Bldg 310, 6800 Burleson Rd.
                             Austin, TX  78744

 
 
 

1. how do I use the cern ftp proxy with non web ftp clients?

I have a working cern server which does all the right proxying/caching
when accessed through a web browser client.

I can't however make ordinary ftp clients ( such as ws_ftp, ftptool)
which support proxy servers connect to ftp sites through the cern
proxy.

Am I attempting to use the ftp proxy in a way it wasnt intended to or
is there some technical mumble that I need to understand.
opinions expressed are exclusively  |  Sunil Gupta: software engineer |


or its associated companies.

2. ActiveX Hijinks, was Re: Summary of OS Wars (My Opinion)

3. UnixWare FTP sites for my FTP sites FAQ?

4. Ahh Another SCSI Prob

5. FTP: New Linux FTP site: ftp.kernel.org

6. IRQ setting for SB16

7. ftp from netscape or ie to linux fails, but ftp from command line in win2k works

8. Non-blinking block cursor

9. only anon ftp access? 5.2 ftp question

10. FTP - And Shadow - Can't login as anyone except anon via ftp

11. ftp only accounts using anon ftp help please....