Passive=>1

I've covered this previously for a couple of others experiencing the same problem - When connecting to a FTP server, two socket streams are used for communications - The first is the control connection initiated by your FTP client between which the FTP client and server exchange commands and replies (TCP socket 21). The second is a full-duplex connection over which data is transferred in a specified mode and type. The data transferred may be part of a file, an entire file or a listing of files within a directory. Typically, this data port is the port adjacent to the control port (TCP socket 20). In general, it is the FTP server's responsibility to initiate and maintain the data connection.

According to the output supplied, it appears that the poster of this question is attempting to connect to the FTP from a machine with a private class address - This host address, along with the preferred socket for data communications, are sent to the server via the PORT command. I would suspect that the poster is connecting to the FTP server host through a network firewall or layer of address translation and as such, the data connection from the server to your machine is failing because the FTP server is unable to reach your private machine.

The means by which to fix this is to switch to passive FTP transfer mode via the PASV command - This command changes the default behaviour of data port negotiation, shifting the onus for responsibility for data port establishment and maintenance back to the client. This allows the client to control its only data connection through the network firewall or translation layer, allowing normal FTP communications to occur. eg.

use Net::FTP;

#   Passive mode can be set with object initiation
my $ftp = Net::FTP->new( $hostname, Debug => 1, Passive => 1 ) or die 
+$!;
$ftp->login( $user, $password );

#   Or with $object->pasv;
$ftp->pasv;
[download]

Further information on this topic can be found in RFC documents File Transfer Protocol, Requirements for Internet hosts - communication layers and Firewall-Friendly FTP.

 

What confuses me is that setting Passive and using pasv() result in different commands beeing sent.
When using pasv(), the PORT command is still beeing sent:

debug using Passive=>1:

Net::FTP=GLOB(0x829328c)<<< 230 Logged in anonymously.
Net::FTP=GLOB(0x829328c)>>> CWD /z2/privacy/crypto/etext^M
Net::FTP=GLOB(0x829328c)<<< 250 "/z2/privacy/crypto/etext" is new cwd.
Net::FTP=GLOB(0x829328c)>>> PASV^M
Net::FTP=GLOB(0x829328c)<<< 227 Entering Passive Mode (192,35,244,50,2
+32,18)
Net::FTP=GLOB(0x829328c)>>> RETR ug.ps.gz^M
Net::FTP=GLOB(0x829328c)<<< 150 Data connection accepted from 62.116.6
+2.82:44135; transfer starting for ug.ps.gz (73235 bytes).
Net::FTP=GLOB(0x829328c)<<< 226 Transfer completed.
[download]


Debug using pasv():

Net::FTP=GLOB(0x8293280)<<< 230 Logged in anonymously.
Net::FTP=GLOB(0x8293280)>>> PASV^M
Net::FTP=GLOB(0x8293280)<<< 227 Entering Passive Mode (192,35,244,50,2
+32,0)
Net::FTP=GLOB(0x8293280)>>> CWD /z2/privacy/crypto/etext^M
Net::FTP=GLOB(0x8293280)<<< 250 "/z2/privacy/crypto/etext" is new cwd.
[download]

Net::FTP=GLOB(0x8293280)>>> PORT 62,116,62,82,172,96^M
Net::FTP=GLOB(0x8293280)<<< 200 PORT command successful.
[download]

Net::FTP=GLOB(0x8293280)>>> RETR ug.ps.gz^M
Net::FTP=GLOB(0x8293280)<<< 150 Opening ASCII mode data connection for
+ ug.ps.gz (73235 bytes).
Net::FTP=GLOB(0x8293280)<<< 226 Transfer completed.
[download]


---- amphiplex

Edit by tye to change PRE tags to CODE tags

Amphiplex, respect. I will ++ this tomorrow and yes :

$ftp = Net::FTP->new($destination, Debug => 1, Passive =>1) || die "Co
+uldn't connect! $!\n";
[download]

does indeed fix the problem under Linux.

Bukowski - aka Dan (dcs@black.hole-in-the.net)
"Coffee for the mind, Pizza for the body, Sushi for the soul" -Userfriendly

Net::FTP=GLOB(0x82456bc)>>> PORT 192,168,1,125,172,80
[download]

I think the error is here, you can't use a private address for the PORT command...

Ciao, Valerio

You chopped off the top of the dubug output, what version of Net::FTP do you have installed ?

As someone else noticed you have a private IP, is the server on the other side of a firewall ?

If yes, you must use passive mode, as the remote server will not be able to connect back to you. But that is a different problem.