>>>>> "DS" == Daniel Stenberg <daniel_at_haxx.se> writes:

    DS> On Mon, 12 Feb 2007, Jochen Hayek wrote:

>> "NAT + socks + FTP active mode" works for the ftp cmd line utility,
>> so it should work for curl as well.

    DS> Right, so why doesn't it? What's the difference?

Alright, I am going to try to show the difference.

short version:

    the socksified ftp cmd line *does* a "socks-bind",
    and that event gets logged by the socks-server.

    "curl --socks5" does *not* do any "socks-bind",
    at least none gets logged by the socks-server.

long version following below.

J.

####################################################################################################

this thing here does its job properly;
it does a "socks-bind" and the socks server logs it,
and also a "socks-bindreply" gets logged by the socks server:

    [2007-02-12 23:09:37] johayek_at_HayekJ $ socksify ftp -A -n ftp.this_domain.com
    ftp> user this_user this_password
    ---> USER this_user
    331 Password required for this_user.
    ---> PASS XXXX
    230 User this_user logged in.
    ---> SYST
    215 UNIX Type: L8
    Remote system type is UNIX.
    Using binary mode to transfer files.
    ---> FEAT
    211-Features:
     MDTM
     REST STREAM
     SIZE
    211 End
    features[0] = 1
    features[1] = 1
    features[2] = 0
    features[3] = 1
    features[4] = 1
    features[5] = 0
    ftp> epsv4
    EPSV/EPRT on IPv4 off.

    ================================================================================

    ftp> dir
    ftp: setsockopt (ignored): Permission denied
    ---> PORT 10,0,4,117,183,244

"PORT 10,0,4,117,183,244" ---> 183*256+244 = (+ (* 183 256) 244) = 47092 // the remote FTP server's port

socks server log:

  Feb 12 23:10:30 HayekH sockd[4550]: pass(1): tcp/bind [: 10.0.4.119.56451 -> 151.208.116.130.47092
  Feb 12 23:10:30 HayekH sockd[4550]: pass(2): tcp/bindreply [: 151.208.116.130.20 -> 10.0.4.119.56451

end of socks server log.

    200 PORT command successful

    ================================================================================

    ---> LIST
    150 Opening ASCII mode data connection for file list
    -rw-rw-rw- 1 8134 5405 38709 Dec 13 23:27 GILB_Constits_061213.csv
    [...]
    226 Transfer complete.

####################################################################################################

this thing here does not achieve its jobs;
*no* "socks-bind" gets logged by the socks server,
*no* "socks-bindreply" gets logged by the socks server,
so let's assume nothing like that happens at all:

on purpose we apply "--ftp-port 10.0.4.117", i.e. the socks server's internal address, not our own internal address.

    [2007-02-12 23:33:17] johayek@HayekJ $ /usr/local/src/tmp/curl-7.16.1-20070208/src/curl --verbose --ftp-port 10.0.4.117 --disable-eprt --socks5 10.0.4.117:1080 --list-only ftp://this_user:this_password@ftp.this_domain.com
    * About to connect() to proxy 10.0.4.117 port 1080 (#0)
    * Trying 10.0.4.117... connected
    * Connected to 10.0.4.117 (10.0.4.117) port 1080 (#0)
    < 220 ... FTP server
> USER this_user
    < 331 Password required for this_user.
> PASS this_password
    < 230 User this_user logged in.
> PWD
    < 257 "/" is current directory.
    * Entry path is '/'

    ================================================================================

neither before nor during this block any "socks-bind" gets executed:

> PORT 10,0,4,117,198,36
    < 200 PORT command successful
    * Connect data stream actively
> TYPE A
    < 200 Type set to A
> NLST
    < 425 Unable to build data connection: Connection refused

    ================================================================================

    * RETR response: 425
    * Connection #0 to host ftp.this_domain.com left intact
    curl: (19) RETR response: 425
> QUIT
    < 221 Goodbye.
    * Closing connection #0
Received on 2007-02-13