> I will not explain the benefit of dropping packets silently. This is
> something we will not change, even if it is only for ident protocol.
> The problem deals with public ftp servers, like university or other
> research/company and we can't reconfigure them. If we keep in mind that our
> firewal
well, sometimes you can't configure everything on your network, and your
connectivity depends from other.
I know my context was very specific, but I was thinking that other people
have already seen this issue.
Thanks for your responses,
On Tue, Jan 12, 2010 at 11:38 AM, Henning Brauer
wrote:
* Tiery DENYS [2010-01-12 09:47]:
> > A higher value is stupid, because you then end up waiting forever
> > for connections to these anyway.. Are you gonna sit there for
> > 45 seconds before you connect? no, of course not, you're gonna thing
> > it's screwed.
> Yes I prefer waiting here instead o
On Tue, Jan 12, 2010 at 10:01 AM, Paul de Weerd wrote:
> On Tue, Jan 12, 2010 at 09:38:32AM +0100, Tiery DENYS wrote:
> | On Mon, Jan 11, 2010 at 2:08 PM, Bob Beck wrote:
> | Yes I prefer waiting here instead of sending any response on ident port.
> | (silent fw)
>
> How can you claim 'silent fw
On Tue, Jan 12, 2010 at 09:38:32AM +0100, Tiery DENYS wrote:
| On Mon, Jan 11, 2010 at 2:08 PM, Bob Beck wrote:
| Yes I prefer waiting here instead of sending any response on ident port.
| (silent fw)
How can you claim 'silent fw' if it was the source of an ftp
connection ?
| I will not explain
On Mon, Jan 11, 2010 at 2:08 PM, Bob Beck wrote:
> > ex:
> > - There are some public ftp servers missconfigurated who use ident
> protocol
> > and wait 30 seconds on ident port before sending banner.
> > With the default connect_timeout value, it is not possible to connect to
> > theses servers w
> ex:
> - There are some public ftp servers missconfigurated who use ident protocol
> and wait 30 seconds on ident port before sending banner.
> With the default connect_timeout value, it is not possible to connect to
> theses servers with fw filtering ident port. With a higher value, it will
> suc
Does somebody know who currently work on ftp-proxy ?
On Thu, Jan 7, 2010 at 3:02 PM, Tiery DENYS wrote:
> Hi,
>
> I would like to propose a patch for ftp-proxy. This patch implement an
> option concerning specific timeout (connect_timeout).
> It add an option for setting connect_timeout varia
Hi,
I would like to propose a patch for ftp-proxy. This patch implement an
option concerning specific timeout (connect_timeout).
It add an option for setting connect_timeout variable while starting
ftp-proxy (this variable is currently set to 30 in code). Setting this
variable to another value c
