IWETHEY v. 0.3.0 | TODO
1,095 registered users | 0 active users | 0 LpH | Statistics
Login | Create New User
IWETHEY Banner

Welcome to IWETHEY!

IWETHEY Home / IWETHEY Board / General Q&A Forum / ftp problem.
Post #332,895
by Andrew Grygus
Picture of Andrew Grygus
9/21/10 7:32:34 PM
Reply
New ftp problem.
I have a Debian Lenny server with wu-ftp. It is behind a NAT firewall with port forwarding, and the port is 4021, not 21.

FTPIT under OS/2 has no problem at all working with this server.

Every Windows ftp client i've tried (FileZilla, FireFTP (for Firefox), SmartFTP) logs in and shows the tree to the home directory, then fails trying to get a directory listing.

Why is that?
Post #332,903
by scoenye
9/21/10 11:12:21 PM
Reply
New Hardware firewall?
A lot of those things have a nasty habit to silently (and without documentation) reshape FTP connections to their liking with weird breakage as the usual result.

(Netscreen/Juniper used to kill all FTP connections regardless of the client, SonicWall leaves Windows FTP client alone but throttles APT to death.)

The quickest way out of this is to trace an FTP session on both ends of the connection.
Post #332,913
by crazy
9/22/10 9:05:07 AM
Reply
New Try PASV
FTP has 2 settings.

Standard requires a return port opening. 1 for commands, 1 for data. So you already started your outbound command session. Now it need to send data (such as directory listings back), and that involved the server opening up a new conneciton to the client.

In the case of NAT, there is supposed to be a transparent proxy in the firewall that recognizes the return channel open attempt, maps it as needed to the correct session.

But if you are using a non-standard port to start off with, I doubt the proxy recognizes it needs to be invoked.

Try the PASV setting, (ie: "passive"). This tells the server to not try to open a return channel, but to send the data in the current session. It loses a bit of control functionality, but most people (99.9999%) will never need it.
Post #332,917
by Andrew Grygus
Picture of Andrew Grygus
9/22/10 11:28:57 AM
Reply
New Well, all these ftp programs posted . . .
. . "Entering Passive Mode".

It does appear to be a firewall issue, but - how come the old OS/2 FtpIT has no problem at all? Is this just yet another example of the superiority of OS/2 software?**

**Several of my favorite Windows programs are ports from OS/2 - they are just so much cleaner and easier to use than Windows equivalents.
Post #332,919
by boxley
9/22/10 11:48:47 AM
Reply
New binding problem
the wu ftp server side is attempting to reset a high port and the ftp clients cant get there. OS2 probably doesnt use or can determine that highports doesnt work and switches to pasv. Most newer clients dont handle pasv very well unless invoked prior to connect time
Any opinions expressed by me are mine alone, posted from my home computer, on my own time as a free American and do not reflect the opinions of any person or company that I have had professional relations with in the past 55 years. meep
Post #333,017
by crazy
9/24/10 7:18:49 AM
Reply
New What he said
Go into the FTP program.
Don't connect.
Go into PASV.
Connect.
Or at least try.
     ftp problem. - (Andrew Grygus) - (5) - Sept. 21, 2010, 07:32:34 PM EDT
         Hardware firewall? - (scoenye) - Sept. 21, 2010, 11:12:21 PM EDT
         Try PASV - (crazy) - (1) - Sept. 22, 2010, 09:05:07 AM EDT
             Well, all these ftp programs posted . . . - (Andrew Grygus) - Sept. 22, 2010, 11:28:57 AM EDT
         binding problem - (boxley) - (1) - Sept. 22, 2010, 11:48:47 AM EDT
             What he said - (crazy) - Sept. 24, 2010, 07:18:49 AM EDT

import lrpdisms
130 ms