FTP to FTPS: brocken?

Question

FTP to FTPS: brocken?

mifritscher opened this issue 2 years ago · 3 comments

I'm using ftp_proxy as reverse proxy - from debian bullseye (proxy being 0.7-1+b1, proftpd itself 1.3.7a+dfsg-12+deb11u2 )

I want to use it to enable ftps on a TLS-less FTP server, just like this:

 client --- FTPS ---> proxy --- FTP ---> server

my config:

LoadModule mod_tls.c
LoadModule mod_proxy.c

# https://htmlpreview.github.io/?https://github.com/Castaglia/proftpd-mod_proxy/blob/master/mod_proxy.html#ProxyReverseServers
ProxyEngine on
ProxyLog /var/log/proftpd/proxy.log
ProxyRole reverse
ProxySourceAddress 10.8.0.1
ProxyReverseServers ftp://10.8.0.2:21
ProxyOptions ShowFeatures
#UseReverseProxyAuth
# ProxyOptions  UseReverseProxyAuth
ProxyTables /var/lib/proftpd/proxy
ProxyDataTransferPolicy PASV

The problem is that instead of handling AUTH TLS/SSL on the proxy, it seems to pass through the AUTH TLS / AUTH SSL commands (verified by tcpdump).

How can I setup mod_proxy that it intercepts the AUTH TLS/SSL commands?

Answer 1 · 2022-11-20T22:18:43.000Z

Can you provide the full ProFTPD configuration that you're using for the proxy setup, so that I can see what might be missing?

Answer 2 · 2022-11-20T23:27:57.000Z

Sorry, it seems that due a failure in the firewal, the wrong FTP server was accessed. After fixing it it works flawlessly :-)

Answer 3 · 2022-11-20T23:33:17.000Z

No worries. I'm glad to hear that it working for you as you need. Cheers!