Re: [SLE] susefirewall2 and ftp

On Fri, 9 Dec 2005 14:24 +0100 (CET) Carlos E. R. wrote:
> The Friday 2005-12-09 at 07:52 +0200, Chadley Wilson wrote:
> > I am not sure I understand your point, so let ask this, what is the
> > difference between active and passive ftp ?
>
> Active ftp needs port 20/tcp (ftp-data) open in the _client_. The
> server, after getting the connection in his port 21, opens an outgoing
> connection to the client in port 20. There are thus two connections,
> one for control, another for data sent.
>
> Passive does not need that port open in the client.

Looks like it's related to the issue I'm dealing with.
Simply using gFTP as an ftp client.
Works well with all ftp servers except for one that needs passive mode
disabled.
(In gFTP: FTP > Options > tab FTP > uncheck 'Passive file transfers')
This only works if the firewall is stopped, although the above suggests
that opening port 20 would be sufficient.

>From the help text that pops up in gFTP:

Passive file transfers: if this is enabled, then the remote FTP
server will open up a port for the data connection. If you are behind
a firewall, you will need to enable this. Generally, it is a good
idea to keep this enabled unless you are connecting to an older FTP
server that doesn't support this. If this is disabled, then gFTP will
open up a port on the client side and the remote server will attempt
to connect to it.

>From the gFTP log, after logging in:

SYST
215 Windows_NT version 5.0
TYPE I
200 Type set to I.
PWD
257 "/" is current directory.
Loading directory listing / from server (LC_TIME=en_GB.UTF-8)
PORT 192,168,2,2,4,7
200 PORT command successful.
LIST -aL
150 Opening BINARY mode data connection for /bin/ls.

A status line says "Receiving file names...." and here it keeps hanging
forever, apparently something is waiting before a closed port.

S.H.

--
Check the headers for your unsubscription address
For additional commands send e-mail to suse-linux-e-help@xxxxxxxx
Also check the archives at http://lists.suse.com
Please read the FAQs: suse-linux-e-faq@xxxxxxxx

Relevant Pages

  • Re: Still cant connect to RWW or OWA remotely
    ... it certainly appears to be something about the SBS configuration. ... Meridian.local Ethernet adapter Local Area Connection: ... Windows SMALL BUSINESS SERVER 2003 Windows IP Configuration ... 192.168.254.254) directly to a port on the router and then ...
    (microsoft.public.windows.server.sbs)
  • Re: Still cant connect to RWW or OWA remotely
    ... it certainly appears to be something about the SBS configuration. ... Meridian.local Ethernet adapter Local Area Connection: ... Windows SMALL BUSINESS SERVER 2003 Windows IP Configuration ... 192.168.254.254) directly to a port on the router and then ...
    (microsoft.public.windows.server.sbs)
  • UPDATE Strange FTP problem
    ... 425 Can't build data connection: ... One suggestion is to use passive FTP. ... unless the client instructs the server to use PASV mode. ... As FTP uses dynamic port allocation, ...
    (Tru64-UNIX-Managers)
  • RE: VBscript Error on SBS2k3
    ... DHCP Server turned of SonicWALL with VPN Pass through request for IP to ... the problem should be caused by the 4125 port. ... > | Accessories and Communications and Remote Desktop Connection? ... > | 2.In Internet Explorer on the workstation you are connecting from, ...
    (microsoft.public.windows.server.sbs)
  • Re: interfaces lo:1 lo:2 lo:3? (for remote ssh tunnels)
    ... That's the problem tunneling (port forwarding) solves. ... >>can't get past the client firewall. ... > I don't understand why the server would be making the ... server initiates another connection to the client -- in this ...
    (Debian-User)