RE: [gftp] Problem with gftp

[Bret Busby <bret@xxxxxxxxx>]

On Wed, 2 Jul 2008, Dan Koester wrote:

> As far as "passive" file transfers goes, that was added to the FTP spec
> as a later addition due to the popularity of firewalls that would block
> incoming connection requests from the server.  FTP uses multiple port
> connections per the protocol.  Passive and Active modes define the ways
> in which those connections are made.  In Active the client opens a port
> and waits for the server to connect to it (impossible through many
> firewalls).  In Passive the server opens a port and waits for the client
> to connect (also impossible if the SERVER is behind a firewall).

Regarding the issue of this "Passive Mode" thing, it has now got 
(slightly) more complicated.

I was advised, in my local Linux User Group mailing list, to use forced 
passive mode ( -p switch) with the command line ftp utility and to see 
what happened. I ran two sessions; one with -pv and one with -v. The 
first session failed, the second session was okay.

So, I emailed the ISP, and said that the problem was apparently in the 
Passive Mode handling at the ISP end, and asked them to get someone 
there to ftp in to their server, with the -p switch, and advise me of 
the results. They had no problem.

Below is from the latest mesage that I posted to my local Linux User 
Group. I am including it here, in the hope that, if the queries cannot 
be answered in my local Linux User Group, they can be answered here, as 
I hope that people on this list are more knowledgeable about FTP and 
gftp.

> > 
> > I did it using the ftp command line utility, with the switches -pv and then with -v, on another of my web sites, with the same ISP hosting the web site,
> > and the results clearly showed that the issue is with the passive mode.
> > 
> > The ISP uses PLESK, and their "PLESK specialist" advised them that passive mode is allowed, and that no such problem should be occurring. The "PLESK
> > specialist suggested that they check their "nat config", to ensure that the problem does not lie there.
> > 
> > I emailed the output of the "ftp -pv" and the "ftp -v" sessions to the ISP, as it appears to me, that the problem lies at their end.
> > 
> > Now, I wait and see...
> > 
> > --
> > Bret Busby
> > Armadale
> > West Australia
> > ..............
> > 
> > 
>
> Okay.
>
> The ISP had no problem.
>
> So, this appears to have got a bit more technical.
>
> In looking at the three sessions below, some differences are notable.
>
> The first session below, is me "ftp'ing" into one of my web sites at the ISP, using the switches -pv (passive mode and verbose mode).
>
> "
> ~$ ftp -pv <domain name>
> Connected to <domain name>.
> 220 ProFTPD 1.3.0 Server (ProFTPD) [203.113.228.30]
> Name <domain name><username>
> 331 Password required for <user name>.
> Password:
> 230 User <user name> logged in.
> Remote system type is UNIX.
> Using binary mode to transfer files.
> ftp> ls
> 227 Entering Passive Mode (203,113,228,30,135,177).
> ftp: connect: Connection refused
> ftp> bye
> 221 Goodbye.
> "
>
> The second session is me "ftp'ing" into the web site, using only verbose mode.
>
> "
> ~$ ftp -v <domain name>
> Connected to <domain name>.
> 220 ProFTPD 1.3.0 Server (ProFTPD) [203.113.228.30]
> Name <domain name> <user name>
> 331 Password required for <user name>.
> Password:
> 230 User <user name> logged in.
> Remote system type is UNIX.
> Using binary mode to transfer files.
> ftp> ls
> 200 PORT command successful
> 150 Opening ASCII mode data connection for file list
> <directory listing>
> 226-Transfer complete.
> 226 Quotas off
> ftp> bye
> 421 No Transfer Timeout (300 seconds): closing control connection.
> "
>
> The third session, is the ISP support person "ftp'ing" into a web site 
there, using passive mode.
> "
> $ ftp -p <domian name>
> Connected to <domain name>.
> 220 ProFTPD 1.3.0 Server (ProFTPD) [203.113.228.30]
> Name <domain name><user name>
> 331 Password required for <user name>.
> Password:
> 230 User <user name> logged in.
> Remote system type is UNIX.
> Using binary mode to transfer files.
> ftp> ls
> 229 Entering Extended Passive Mode (|||37379|)
> 150 Opening ASCII mode data connection for file list
> <directory listing>
> "
>
> The primary difference between the three sessions, from what I see, is the line of response that immediately follows the ls command in each case, as it is
> different, especially the three digit number at the start of the linel, which, I assume, is some kind of message indicator.
>
> For my unsuccessful attempt, I get
> "227 Entering Passive Mode (203,113,228,30,135,177).".
>
> For the ISP support person, the equivalent response is
> "229 Entering Extended Passive Mode (|||37379|)".
>
> Now, the questions are;
>
> firstly, what is the difference between the 227 and the 229 codes, and,
>
> the second question is, what is the difference between the "Passive Mode" and the "Extended Passive Mode", and,
>
> the third question is, what is the significance of the difference between the numbers in the parentheses at the end of my unsuccessful response line, and,
> the number (and the vertical bars) in the parentheses at the end of the ISP's support person's successful response line?
>
> Thanks in anticipation.

Thank you in anticipation for your assistance.

--
Bret Busby
Armadale
West Australia
..............

"So once you do know what the question actually is,
 you'll know what the answer means."
- Deep Thought,
  Chapter 28 of Book 1 of
  "The Hitchhiker's Guide to the Galaxy:
  A Trilogy In Four Parts",
  written by Douglas Adams,
  published by Pan Books, 1992

....................................................