Reply

FTP masquerade bug

gatsu
Follower

FTP masquerade bug

As of the latest firmware for readynas 6.10.6 the "Use Masquerade Address" option from frontview isn't properly implemented. Right now when you enable that option and add a domain it adds a single line inside of the proftp main configuration with the address specified. 

 

In the case of using a domain this breaks any passive connections that don't use this domain. For example. if you used test.com and while on the local network tried to connect to the FTP server via the local address 192.168.1.10 for example the connection would fail because proftp would report the ip address of test.com to communicate on. 

 

This problem can be easily solved by adding these lines to the configuration instead of declaring MasqueradeAddress in the main section:

<IfModule mod_ifsession.c>
  <Class internal>
    From 192.168.0.0/16
    From 10.0.0.0/8
    From 172.16.0.0/12
  </Class>

  <IfClass !internal>
    MasqueradeAddress test.com
  </IfClass>
</IfModule>

 

 

 

 

The CIDR and addresses used here would encompass the all of the private addresses specified in RFC 1918. The would solve many problems and fit almost all use cases. for all other special cases users could use the override file to add their modificaitons.

 

Until netgear fixes this issue simply paste the above code block into the /etc/frontview/proftpd/proftpd.conf.overrides file of your readynas.

 

Message 1 of 1
Top Contributors
Discussion stats
  • 0 replies
  • 468 views
  • 0 kudos
  • 1 in conversation
Announcements