[squid-users] Problem with squid connecting to an FTP server

From: Neil A. Hillard <hillardn@dont-contact.us>
Date: Thu, 06 Oct 2005 11:52:04 +0100

Hi,

One of my users has reported a problem connecting to a specific FTP
server via our proxy (running 2.5stable10).

The problem that's been reported is with an FTP site that uses
authentication so we're using ftp://username:password@ftp.site.com/path/
in the browser.

The error the user is getting is (502 Bad Gateway):

(107) Transport endpoint is not connected

I've performed a packet capture and see the following events:

o Squid connects, logs in and changes to the correct directory.

o Squid issues a PORT command (Active FTP connection).

o FTP server acknowledges with a 200.

o Squid issues LIST command

o FTP server establishes data connection to Squid (three-way handshake
   successful).

o FTP server issues:

   125 Data connection already open; transfer starting.

   response

o Squid returns 502 Bad Gateway error to client within 2ms of the
   previous response.

This would indicate that Squid isn't happy with the 125 response from
the FTP server. The following is the debug output from Squid:

2005/10/06 11:06:23| ftpParseControlReply: s = {125 Data connection
already open; transfer starting.
}
2005/10/06 11:06:23| 125 Data connection already open; transfer starting.
2005/10/06 11:06:23| ftpHandleControlReply: state=9, code=125
2005/10/06 11:06:23| This is ftpReadList
2005/10/06 11:06:23| commSetSelect: FD 95 type 1
2005/10/06 11:06:23| commSetTimeout: FD 83 timeout -1
2005/10/06 11:06:23| commSetTimeout: FD 95 timeout 900
2005/10/06 11:06:23| comm_poll: 1+0 FDs ready
2005/10/06 11:06:23| comm_poll: FD 95 ready for reading
2005/10/06 11:06:23| comm_select: slow FD 95 selected for reading
2005/10/06 11:06:23| ftpDataRead: FD 95, Read -1 bytes
2005/10/06 11:06:23| ftpDataRead: read error: (107) Transport endpoint
is not connected
2005/10/06 11:06:23| fwdFail: ERR_READ_ERROR "Bad Gateway"
         ftp://username:password@ftp.site.com/path/

I've checked through the patches and can't find anything related to this
issue. I saw the one for a 250 response when a 226 is expected but
nothing about a 125.

I can successfully connect to the FTP server from the command line on
the proxy.

Any advice on this issue would be appreciated.

Many thanks in advance,

                                Neil. 

-- 
Neil Hillard                    hillardn@whl.co.uk
Westland Helicopters Ltd.       http://www.whl.co.uk/
Disclaimer: This message does not necessarily reflect the
             views of Westland Helicopters Ltd.
Received on Thu Oct 06 2005 - 04:50:06 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Nov 01 2005 - 12:00:04 MST