Re: Two problems

From: Maarten Wiltink (maarten_at_kittensandcats.net)
Date: 01/12/04


Date: Mon, 12 Jan 2004 11:36:34 +0100


"Nicolai Hansen" <nic@aub.dk> wrote in message
news:d96764ff.0401120146.281ac087@posting.google.com...
> > 2. This program also runs in a machine with bpftp server, and I would
> > like my program to be able to tell when a user logs in the ftp server;
> > my idea is to listen to the 21th port and when the server sends the
> > answer to the right log-in the program reads it and inserts an item in
> > a listbox. How can I do this?
>
> Had this been plain telnet or SSH or (almost) anything but FTP it
> would've been easy. You could move the FTP server to port 2000 and
> make a forwarding client program accepting connections on port 21 and
> forwarding these to port 2000 (which is closed to all other PCs).
> Unfortunately FTP is using more than one port and that makes it all
> very difficult. I am not an expert into FTP so I honestly do not know
> how it is doing it; but maybe we got an FTP expert among us somewhere

You rang, m'lord?

FTP uses a command connection and any number of data connections.
Data connections are set up in either passive or active mode; in
one, the server responds to a PASV command with a reply that says
what port it (the server) will be listening on, in the other, the
client sends a PORT command that tells the server where to connect
to.

For additional giggles, this PORT command names not only a port
number but also an IP address and may be on a different interface
or indeed a different server (the details having been acquired, of
course, through a PASV command on the command connection to the
other server).

A session is setup with USER and PASS commands at the very beginning.
The server replies to the first with a 300-class response (positive
intermediate), and to the second with a 200-class (permanent positive)
or 500-class (permanent negative) response.

So the required rewriting is done in the PORT command and PASV's
response, and the USER and PASS commands, and response to the latter,
tell you about login attempts. Further details in RFC 959.

Groetjes,
Maarten Wiltink