ip_masq_ftp does case sensitive comparisons of FTP commands when
snooping the control connection, and may thus miss legitimate PORT/PASV
negotiation. The culprit is the use of safe_mem_eq2 to match on the
commands, it catches them in either all-caps or all-lower-case (PASV,
pasv), but not in mixed case (PaSv) or with trailing whitespace ("PaSv
"), while RFC-959 (FTP) demands case insensitive handling of FTP
commands.
I don't currently have time to fix this myself and submit a patch,
sorry.
--
Matthias Andree
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
