Beefy Boxes and Bandwidth Generously Provided by pair Networks
Welcome to the Monastery
 
PerlMonks  

FTP Connections and Firewalls

by ikegami (Pope)
on Oct 14, 2004 at 15:37 UTC ( #399234=note: print w/ replies, xml ) Need Help??


in reply to Re^2: problem with put function
in thread problem with put function

Sure thing.

Say SERVER is 1.2.3.4.
Say SERVER runs an FTP server on port 21.
Say CLIENT is 5.6.7.8.

In active (PORT) mode, the dialog for a file transfer looks something like this:

+--------+ +--------+ | CLIENT | | SERVER | | |Makes connection to 1.2.3.4, port 21. | | | |>------------------------------------------>| | | |This is the control connection. | | | | | | | | | | | |Starts listening on a random port.[*] | | | | | | | | | | | |Sends "PORT 5,6,7,8,45,35" | | | |>------------------------------------------>| | | |over the control connection. | | | | | | | | | | | | Makes connection to 5.6.7.8, port 11555.| | | |<==========================================<| | | | This is the data connection.| | | | | | | | | | | |Sends retrieve command ("RETR filename") | | | |>------------------------------------------>| | | |over the control connection. | | | | | | | | | | | | Sends file "filename"| | | |<==========================================<| | | | over the data connection.| | | | | | +--------+ +--------+
[*]
The arguments to PORT are the bytes of the IP address (in decimal) and the bytes of the port to which the server should connect in (decimal), each byte seperated by a comma. The port is randomly assigned to allow multiple connections between the two machines. I used port 11555 in the example, where 11555 = 0x2D23, 0x2D = 45, and 0x23 = 35.

Firewalls which are not specifically aware of FTP don't know that the incoming (data) connection shouldn't be blocked, and NAT routers which not are not specifically aware of FTP don't know to which machine to forward the incoming (data) connection.

In passive (PASV) mode, the dialog for a file transfer looks something like this:

+--------+ +--------+ | CLIENT | | SERVER | | |Makes connection to 1.2.3.4, port 21. | | | |>------------------------------------------>| | | |This is the control connection. | | | | | | | | | | | |Sends "PASV" | | | |>------------------------------------------>| | | |over the control connection. | | | | | | | | | | | | Starts listening on a random port.[*]| | | | | | | | | | | | Sends a response with the port num 11555| | | |<------------------------------------------<| | | | over the control connection.| | | | | | | | | | | | Makes connection to 1.2.3.4, port 11555.| | | |>==========================================>| | | | This is the data connection.| | | | | | | | | | | |Sends retrieve command ("RETR filename") | | | |>------------------------------------------>| | | |over the control connection. | | | | | | | | | | | | Sends file "filename"| | | |<==========================================<| | | | over the data connection.| | | | | | +--------+ +--------+

In this scenerio, the client doesn't need to accept any incoming connection. Many FTP clients now default to passive mode due to the popularity of NAT for home machines.

Notes

FTP's multiple connections has been very troublesome to people configuring firewalls and requires firewalls to be aware of FTP specifically (while they don't need to know about anything HTTP, for example). If you have trouble getting a directory listing from a FTP server after supplying your user name and your password, it's probably because of firewall/NAT issues, since directory listings treated like a file transfer. Try switching between active and passive mode.


Comment on FTP Connections and Firewalls
Select or Download Code

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://399234]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others meditating upon the Monastery: (3)
As of 2014-09-21 06:25 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    How do you remember the number of days in each month?











    Results (166 votes), past polls