commons-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Sebb (JIRA)" <>
Subject [jira] Commented: (NET-363) Can't connect to a server behind firewall in passive mode
Date Sat, 05 Mar 2011 01:24:45 GMT


Sebb commented on NET-363:

In NET-296 I wrote:

bq. But can a local address ever be valid if the original address was not local? I suspect

If this is true, then the code that handles the PASV reply can set __passiveHost accordingly,
and there would be no need to use the try/catch (or cache the result in __useRemoteHost).

> Can't connect to a server behind firewall in passive mode
> ---------------------------------------------------------
>                 Key: NET-363
>                 URL:
>             Project: Commons Net
>          Issue Type: Bug
>          Components: FTP
>    Affects Versions: 2.2
>         Environment: Windows Client with Zos mainframe server behind a firewall.  However
I think any client/server will demonstrate the issue as long as the server is behind a firewall.
>            Reporter: daniel damon
>            Priority: Blocker
> When the FTP server is behind a firewall, FTPClient can connect, but it cannot transfer
data. This is because the FTP server provides it's own address instead of the firewall address
to make the connection. I have confirmed the problem by hacking a copy of FTPClient to set
the __passiveHost to the appropriate internet address. With this hack, I can transfer data.
> Perhaps the FTP server could be configured differently to fix the issue. Unfortunately,
I do not have access to the server configuration. I do know that the commercial product IpswitchFtp
does deal with the issue as this extract from it's log shows:
> ------------
> 227 Entering Passive Mode (192,168,13,11,195,129)
> connecting data channel to,129(50049)
> Substituting connection address for private address from
> data channel connected to,129(50049)
> 125 List started OK
> transferred 4157 bytes in 0.078 seconds, 425.688 kbps ( 53.211 kBps), transfer succeeded.
> 250 List completed successfully.
> ----------------------------
> I can take a shot at a fix if you want. I'll set some timeout, and  if that fails, I'll
use the original address

This message is automatically generated by JIRA.
For more information on JIRA, see:


View raw message