commons-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Damon Dan (JIRA)" <j...@apache.org>
Subject [jira] Commented: (NET-363) Can't connect to a server behind firewall in passive mode
Date Wed, 09 Mar 2011 17:48:59 GMT

    [ https://issues.apache.org/jira/browse/NET-363?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13004682#comment-13004682
] 

Damon Dan commented on NET-363:
-------------------------------

Yes,  I confirm that your changes work.  I tested it on the original situation where the FTP
server is behind a NAT firewall and provides a private address.  I also tested it on another
FTP server that is on the same private address as the FTP Client. I assume your patch has
special code to handle this situation because it works OK.  The only other place that it might
fail would be from one private network to another - different network.  Say, from 192.168.xxx.xxx
to 10.xxx.xxx.xxx.  I can imagine a scenario where it might cause a failure, but it seems
remote.

> Can't connect to a server behind firewall in passive mode
> ---------------------------------------------------------
>
>                 Key: NET-363
>                 URL: https://issues.apache.org/jira/browse/NET-363
>             Project: Commons Net
>          Issue Type: Bug
>          Components: FTP
>    Affects Versions: 2.2
>         Environment: Windows Client with Zos mainframe server behind a firewall.  However
I think any client/server will demonstrate the issue as long as the server is behind a firewall.
>            Reporter: daniel damon
>            Priority: Blocker
>             Fix For: 3.0
>
>
> When the FTP server is behind a firewall, FTPClient can connect, but it cannot transfer
data. This is because the FTP server provides it's own address instead of the firewall address
to make the connection. I have confirmed the problem by hacking a copy of FTPClient to set
the __passiveHost to the appropriate internet address. With this hack, I can transfer data.
> Perhaps the FTP server could be configured differently to fix the issue. Unfortunately,
I do not have access to the server configuration. I do know that the commercial product IpswitchFtp
does deal with the issue as this extract from it's log shows:
> ------------
> PASV
> 227 Entering Passive Mode (192,168,13,11,195,129)
> connecting data channel to 192.168.13.11:195,129(50049)
> Substituting connection address 159.106.121.79 for private address 192.168.13.11 from
PASV
> data channel connected to 159.106.121.79:195,129(50049)
> LIST
> 125 List started OK
> transferred 4157 bytes in 0.078 seconds, 425.688 kbps ( 53.211 kBps), transfer succeeded.
> 250 List completed successfully.
> QUIT
> ----------------------------
> I can take a shot at a fix if you want. I'll set some timeout, and  if that fails, I'll
use the original address

--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message