Francois Piette wrote: >>> But I wonder if it was not better to trigger just an event >>> before PasvIpAddr will be used that would allow the component >>> user to do his individual checks, what do you think is better? > > Maybe both ? > Compute a PasvIpAddr and pass it as var parameter to an event which > can then change it at will.
OK, one another question: Is it possible to get the netmask of current IP without using IpHlpApi? I found a sample that calls WSAIoctl with SIO_GET_INTERFACE_LIST but that requires some structures i.e. INTERFACE_INFO or sockaddr_gen not being defined in both Winsock.pas as well as WSocket.pas. I need the network mask to check whether a peer address is in the same subnet, would be nice to have it in WSocket.pas as another utility function. Is IpHlpApi working on Win9x winsock2? --- Arno Garrels [TeamICS] http://www.overbyte.be/eng/overbyte/teamics.html > > Contribute to the SSL Effort. Visit > http://www.overbyte.be/eng/ssl.html -- > [EMAIL PROTECTED] > Author of ICS (Internet Component Suite, freeware) > Author of MidWare (Multi-tier framework, freeware) > http://www.overbyte.be > > > ----- Original Message ----- > From: "Arno Garrels" <[EMAIL PROTECTED]> > To: "ICS support mailing" <twsocket@elists.org> > Sent: Wednesday, October 25, 2006 2:10 PM > Subject: Re: [twsocket] FTP server, problem with property PasvIpAddr > > >> I need to check for the same subnet instead of >> private IPs, sometimes I'm too slow :) >> >> Arno Garrels wrote: >>> Arno Garrels wrote: >>>> Or modify the FTP server component in a way that >>>> PasvIpAddr can be set privately for a particular client >>>> depending on it's source IP (just an idea?). >>> >>> I need such an option as well. So I just changed the code >>> as mentioned above. New option ftpsNoPasvIpAddrInLan and >>> a function that checks whether the peer address is in a >>> private network or not. >>> But I wonder if it was not better to trigger just an event >>> before PasvIpAddr will be used that would allow the component >>> user to do his individual checks, what do you think is better? >>> >>> Currently I get the raw peer address in >>> >>> procedure TFtpCtrlSocket.Dup(newHSocket : TSocket); >>> var >>> Len : Integer; >>> begin >>> inherited Dup(newHSocket); >>> {$IFDEF CLR} >>> if DesignMode then begin >>> FPeerAddr := ''; >>> Exit; >>> end; >>> {$ENDIF} >>> //FPeerAddr := inherited GetPeerAddr; >>> Len := SizeOf(TSockAddr); >>> if WSocket_GetPeerName(newHSocket, FPeerSAddr, Len) = 0 then >>> FPeerAddr := WSocket_inet_ntoa(FPeerSAddr.sin_addr) >>> else begin >>> SocketError('GetPeerName'); >>> Exit; >>> end; >>> end; >>> >>> PeerSAddr is a new property, we need to get it just once. >>> >>> >>> function IsIpPrivate(saddr : TSockAddrIn): Boolean; >>> begin >>> Result := (Byte(saddr.sin_addr.S_un_b.s_b1) = 10) or // >>> private class A (saddr.sin_addr.S_un_w.s_w1 = >>> 4268) or // private class B >>> (saddr.sin_addr.S_un_w.s_w1 = 43200); // private class C end; >>> >>> >>> {* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * >>> * * * * *} procedure TFtpServer.CommandPASV( >>> ... >>> else begin >>> if (FPasvIpAddr = '') or >>> ((ftpsNoPasvIpAddrInLan in FOptions) and >>> IsIpPrivate(Client.PeerSAddr)) then >>> Answer := Format(msgPasvRemote, >>> [ord(IPAddr.S_un_b.s_b1), >>> ord(IPAddr.S_un_b.s_b2), >>> ord(IPAddr.S_un_b.s_b3), >>> ord(IPAddr.S_un_b.s_b4), >>> HiByte(DataPort), >>> LoByte(DataPort)]) >>> else begin >>> ... >>> >>>> >>>> --- >>>> Arno Garrels [TeamICS] >>>> http://www.overbyte.be/eng/overbyte/teamics.html >>>> >>>> >>>> Arnold FLUTEAUX wrote: >>>>> Ok, I understand that port 21 is an exception and the router >>>>> replaces automatically the private IP by the public IP. It's not >>>>> the case for others >>>>> ports. OK. >>>>> >>>>> And for these others cases, we must use PASVIPAdress in which, we >>>>> set public >>>>> IP. >>>>> >>>>> So now, suppose that I've a server behind a router with IP public >>>>> is 194.206.244.150 for example and IP private would be 192.2.1.3. >>>>> I set PASVIPAdress with 194.206.244.150 on port 1985 and I >>>>> connect it on from >>>>> outside lan. So it's OK. >>>>> >>>>> And now, if I want to connect it from inside LAN. So I connect it >>>>> with 192.2.1.3, always in passiv mode on 1985 port. But in this >>>>> case, it's not >>>>> good because the server response to PASV command the IP public >>>>> 194.206.244.150 and the client can't connect from inside to >>>>> 194.206.244.150. >>>>> >>>>> What can I do for this case ? >>>>> >>>>> Sorry it's difficult to explain that in English; I'm French ! >>>>> >>>>> >>>>> >>>>> Arnold >> -- >> To unsubscribe or change your settings for TWSocket mailing list >> please goto http://www.elists.org/mailman/listinfo/twsocket >> Visit our website at http://www.overbyte.be -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
