Mailing List Archive: 49091 messages
  • Home
  • Script library
  • AltME Archive
  • Mailing list
  • Articles Index
  • Site search
 

how to properly set-up proxy for ftp?

 [1/6] from: petr:krenzelok:trz:cz at: 19-Jun-2001 16:17


Hi, our admins changed the way our proxy works probably, so I can't get thru ... All I know is I can get thru using following aproach: - I open ugly Windows default ftp - I type in: open proxy.sec.trz.cz - I am asked for name and I have to type: [target-account-name--moon--rebol--cz] - I am asked for: target-account-password - I am connected to account:[password--moon--rebol--cz] How to set-up protocols in Rebol to make it work? If I want to get thru for http protocol, I use 3128 port on proxy.sec.trz.cz Thanks a lot, -pekr-

 [2/6] from: gjones05:mail:orion at: 20-Jun-2001 13:46


Hi, Petr, Again, I am probably amongst the least qualified to really answer these questions, but no one else has taken the bait, so I'll give it a try. From: "Petr Krenzelok"
> what is also strange, I can't "open" remote > ftp connection and do "insert"?
I don't know, but I do know that if you did, many of the returns come back on the sub-port specification, so it wouldn't get you very far.
> How do I manually command ftp port?
Very tough directly through REBOL, because, again, commands are sent over the port specifications, and most info returns on the sub-port. You can also experiment with telnet but you won't get much more than what trace/net is showing you. AR posted an interactive ftp scheme last week, but he said it does not support proxy servers.
> Net-log: {230-moon.moravia-steel.cz FTP server (Version wu-2.6.0(1) Fri Jun 23 > 09:17:44 EDT 2000) ready.} > Net-log: {230 User can logged in. Access restrictions apply.}
I could easily be wrong, but this line suggests to me that you are only now at the point of being ready to log on to the correct ftp server. The proxy port on dumped you into that account, but didn't pass on the user:pass stuff. Just a guess.
> Net-log: [ > "PASV" "227"] > Net-log: "227 Entering Passive Mode (194,196,81,131,6,255)"
This sequence shows that the the ftp server itself can accept passive mode. The 6 and 255 at the end of the 6 numeral tuple are the suggested sub-port (6 x 256 + 255). This number may change each time. When your network admin said that ftp also uses port 20, that is the port used by the active mode. In this mode the server attempts to hook up to the client; note that in this case the client *is* the server. This method is potentially not secure, so many configure firewalls/proxies to only accept passive mode, in which the server suggests another port, to which the client may connect as a client only.
> Uh, I need a break probably :-)
Yes, this is probably the case. It can be sooooo frustrating trying to get some thing to work. Here is what I think may be going on. I apologize in advance if I overlooked this information earlier in the thread. I think what you need to do is set up REBOL to work through a proxy (set-net stuff). This may be the same port used for http, but I do not know. Check the following to be sure that REBOL/Core is set-up correctly: http://www.rebol.com/docs/core23/rebolcore-3.html#pgfId-297391 You may need to specifically specify passive mode, as explained here: http://www.rebol.com/docs/core23/rebolcore-13.html#pgfId-956772 Then I believe you will be able to directly use the following: ftp://can:[pass-here--moon--rebol--cz]/ The proxy should then know to forward you to the correct ftp server, where your user:pass will log you in. I hope I am not misleading you. Good luck (timewise it looks like you'll have to wait until tomorrow;). --Scott Jones

 [3/6] from: gjones05:mail:orion at: 20-Jun-2001 6:14


Hi, Petr, Again, my usual disclaimers that I am not the ideal person to be answering these questions. With that said, here it goes anyway:) From: "Petr Krenzelok"
> I still can't to sort it out. I contacted our admin and he told me, that we > use typical port 21 for ftp connection, but separate port 20 for data > connection, uh, is that normal case?
If I recall correctly, the active connection mode uses port 20 for the second port (or the sub-port in REBOL).
> I connected to required host using Rebol and followind aproach: > my-ftp: open/lines [scheme: 'tcp host: "proxy.sec.trz.cz" port-id: 21]
<<quoted lines omitted: 9>>
> Can I escape "@" in my direct > ftp://[can--moon--rebol--cz]:[my-pass-here--proxy--sec--trz--cz] somehow?
It looks like you may have uncovered another buglet. I thought that the URL parser picked out the "@"s in either the USER or PASS part, but experimentation readily confirmed what you found. Escaping with a %40 did not help. On further inspection, the parser uses the following bitset as valid characters for the USER part. I have previously asked if there is a way to get characters back from a bitset, but there was no response. Most of the following is my explanation of what and why I did, in case you were interested. Otherwise, skip to "Summary" and give the result a try. The following is the bitset for the USER part:
>> net-utils/url-parser/user-char
== make bitset! #{ 00000000F87CFF2BFEFFFF87FEFFFF1700000000000000000000000000000000 } This is the bitset for "@":
>> make bitset! #"@"
== make bitset! #{ 000000000000000001000000000000000000000000000000000000000000000 } So I performed a union of the two and got:
>> union net-utils/url-parser/user-char make bitset! #"@"
== make bitset! #{ 00000000F87CFF2BFFFFFF87FEFFFF1700000000000000000000000000000000 } which shows that a bit is flipped (E to F). Then I reset the user-char bitset to the following:
>> net-utils/url-parser/user-char: union net-utils/url-parser/user-char make
bitset! #"@" == make bitset! #{ 00000000F87CFF2BFFFFFF87FEFFFF1700000000000000000000000000000000 } With this change, url-parse seems to correctly parse an "@" in USER name. IT is possible that that the FTP specification does not allow an "@" in the USER part, or perhaps RT did not anticipate this possibility. :) End of win-bag explanation ... Petr, wake up, hey Petr... ;-) *****Summary******: Try this line before your normal ftp usage: net-utils/url-parser/user-char: union net-utils/url-parser/user-char make bitset! #"@" If this works, perhaps we should submit a possible bug alert to RT. Best wishes, --Scott Jones

 [4/6] from: petr:krenzelok:trz:cz at: 20-Jun-2001 13:48


GS Jones wrote:
> Hi, Petr, > Again, my usual disclaimers that I am not the ideal person to be answering these
<<quoted lines omitted: 62>>
> net-utils/url-parser/user-char: union net-utils/url-parser/user-char make > bitset! #"@"
hey, it works :-)
> If this works, perhaps we should submit a possible bug alert to RT.
but I am not sure it is a bug. After all - I want to connect to 'moon.rebol.cz, account 'can, not to 'proxy.sec.trz.cz, so I want to do: print read ftp://can:[pass-here--moon--rebol--cz] ... the issue is, I was not able to find any acceptable solution using ftp/proxy object, which is used when you try to open port. Maybe there is not solved my scenario in ftp scheme? I looked at the source and saw where it hangs ... either all [ port/proxy/host bp: not in-bypass port/host port/proxy/bypass find [socks4 socks5 socks] port/proxy/type ] [ port/sub-port: net-utils/connect-proxy/sub-protocol port 'connect subproto ] [ sub-port: system/words/open/lines compose [ scheme: (to-lit-word subproto) host: either all [port/proxy/type = 'generic generic bp] [port/proxy/host] [port/proxy/host: none port/host] user: port/user pass: port/pass port-id: either all [port/proxy/type = 'generic generic bp] [port/proxy/port-id] [port/port-id] ] port/sub-port: sub-port as you can see - the big difference is if you use 'generic proxy or not. I don't understand, where does 'generic word comes from, but it is set to 'none (I mean the part of code in 'all condition block ... ) So, how to set-up proxy properly, to allow it work in a default way? -pekr-

 [5/6] from: petr:krenzelok:trz:cz at: 20-Jun-2001 14:24


Hi once again :-) what is also strange, I can't "open" remote ftp connection and do "insert"? How do I manually command ftp port? ->> ble: open/lines ftp://[can--moon--rebol--cz]:[my-pass-here--proxy--sec--trz--cz] URL Parse: [can--moon--rebol--cz] my-pass-here proxy.sec.trz.cz none none none Net-log: ["Opening" "tcp" "for" "FTP"] connecting to: proxy.sec.trz.cz tcp proxy.sec.trz.cz [can--moon--rebol--cz] 21 Net-log: [ none ["220" "230"]] Net-log: {220 Netfinity FTP Proxy Server/Gateway ready / problemy pisemne k [root--trz--cz] /} Net-log: [ ["USER" port/user] "331"] Net-log: "331 Password required for can." Net-log: [ ["PASS" port/pass] "230"] Net-log: "230-welcome to the lucky pit" Net-log: "230-" Net-log: "230-" Net-log: {230-moon.moravia-steel.cz FTP server (Version wu-2.6.0(1) Fri Jun 23 09:17:44 EDT 2000) ready.} Net-log: {230 User can logged in. Access restrictions apply.} Net-log: [ "SYST" "*"] Net-log: "215 UNIX Type: L8" Net-log: [ "PASV" "227"] Net-log: "227 Entering Passive Mode (194,196,81,131,6,255)" Net-log: [ ["CWD" either empty? port/path ["./"] [join "./" port/path]] "250"] Net-log: "250 CWD command successful." Net-log: [ ["TYPE A"] ["200"]] Net-log: "200 Type set to A." Net-log: [ ["LIST"] ["150" "125"]] Net-log: {150 Opening ASCII mode data connection for directory listing.} Net-log: [ none "226"] Net-log: "226 Transfer complete." ->> huh: insert ble "LIST" ** Script Error: Cannot use insert on this type port ** Near: huh: insert ble "LIST" Uh, I need a break probably :-) -pekr-

 [6/6] from: petr:krenzelok:trz:cz at: 20-Jun-2001 11:17


Hi, I still can't to sort it out. I contacted our admin and he told me, that we use typical port 21 for ftp connection, but separate port 20 for data connection, uh, is that normal case? I connected to required host using Rebol and followind aproach: my-ftp: open/lines [scheme: 'tcp host: "proxy.sec.trz.cz" port-id: 21] insert my-ftp "USER [can--moon--rebol--cz]" ; account and host I want to connect to ... insert my-ftp "PASS my-password-here" then I am finally logged to 'can account on 'moon.rebol.cz server ... But how to get thru using ftp scheme? I echoed my ftp scheme and found out, that it can't open sub-port ... PS: aha! :-) Is it kind of forwarding or what? Following works: ble: read [scheme: 'ftp host: "proxy.sec.trz.cz" user: "[can--moon--rebol--cz]" pass: "my-pass-here"] Can I escape "@" in my direct ftp://[can--moon--rebol--cz]:[my-pass-here--proxy--sec--trz--cz] somehow? Thanks, -pekr- Petr Krenzelok wrote:

Notes
  • Quoted lines have been omitted from some messages.
    View the message alone to see the lines that have been omitted