LQ Newbie
Registered: Jun 2015
Posts: 1
Rep:
|
FTP Client/Server using old Data connection - is it right ?
Hi All,
If any one have any RFC reference related to following behavior of FTP client please do share.
We are starting an FTP session from a Linux m/c to BSD m/c via router. After some amount of data transfer, pressing CTRL + C and followed by bye to close the FTP connection. So FTP control session gets closed, but still I see ftp data connection remains open. So in router o/p is some thing like below;
Service Set: tdf-service-set, Session: 167772161, ALG: none, Flags: 0x0080, IP Action: no, Offload: no, Asymmetric: no
TCP 11.11.11.11:53686 -> 110.110.120.121:53936 Forward I 9
TCP 110.110.120.121:53936 -> 11.11.11.11:53686 Forward O 0
Again we are starting the FTP from the same client towards the same server. Please note I m downloading the same file.
mams-3/2/0 (ams1)
Service Set: tdf-service-set, Session: 268435458, ALG: none, Flags: 0x2000, IP Action: no, Offload: no, Asymmetric: no
TCP 11.11.11.11:44158 -> 110.110.120.121:61434 Forward I 102
TCP 110.110.120.121:61434 -> 11.11.11.11:44158 Forward O 285
Service Set: tdf-service-set, Session: 201326596, ALG: none, Flags: 0x0000, IP Action: no, Offload: no, Asymmetric: no
TCP 11.11.11.11:35044 -> 110.110.120.121:21 Forward I 29
TCP 110.110.120.121:21 -> 11.11.11.11:35044 Forward O 20
Service Set: tdf-service-set, Session: 167772161, ALG: none, Flags: 0x0080, IP Action: no, Offload: no, Asymmetric: no
TCP 11.11.11.11:53686 -> 110.110.120.121:53936 Forward I 9
TCP 110.110.120.121:53936 -> 11.11.11.11:53686 Forward O 0
Now did a rule/policy change (you can consider putting a firewall filter to block ftp data port). We observed that client is trying to push data over the old data connection:-
mams-3/2/0 (ams1)
Service Set: tdf-service-set, Session: 268435458, ALG: none, Flags: 0x2000, IP Action: no, Offload: no, Asymmetric: no
TCP 11.11.11.11:44158 -> 110.110.120.121:61434 Forward I 151
TCP 110.110.120.121:61434 -> 11.11.11.11:44158 Forward O 440
Service Set: tdf-service-set, Session: 201326596, ALG: none, Flags: 0x0000, IP Action: no, Offload: no, Asymmetric: no
TCP 11.11.11.11:35044 -> 110.110.120.121:21 Forward I 30
TCP 110.110.120.121:21 -> 11.11.11.11:35044 Forward O 21
Service Set: tdf-service-set, Session: 167772161, ALG: none, Flags: 0x0080, IP Action: no, Offload: no, Asymmetric: no
TCP 11.11.11.11:53686 -> 110.110.120.121:53936 Forward I 9
TCP 110.110.120.121:53936 -> 11.11.11.11:53686 Forward O 0
---(refreshed at 2015-06-04 04:18:59 PDT)---
mams-3/2/0 (ams1)
Service Set: tdf-service-set, Session: 268435458, ALG: none, Flags: 0x2000, IP Action: no, Offload: no, Asymmetric: no
TCP 11.11.11.11:44158 -> 110.110.120.121:61434 Forward I 151
TCP 110.110.120.121:61434 -> 11.11.11.11:44158 Forward O 441
Service Set: tdf-service-set, Session: 201326596, ALG: none, Flags: 0x0000, IP Action: no, Offload: no, Asymmetric: no
TCP 11.11.11.11:35044 -> 110.110.120.121:21 Forward I 30
TCP 110.110.120.121:21 -> 11.11.11.11:35044 Forward O 21
Service Set: tdf-service-set, Session: 167772161, ALG: none, Flags: 0x00C0, IP Action: no, Offload: no, Asymmetric: no
TCP 11.11.11.11:53686 -> 110.110.120.121:53936 Forward I 10 <<<<<<<<<<<<<< It is increased from 9 to 10
TCP 110.110.120.121:53936 -> 11.11.11.11:53686 Forward O 1 <<<<<<<<<<<<<< It is increased from 0 to 1
---(refreshed at 2015-06-04 04:19:04 PDT)—
NOTE:
FTP server (Version 6.00LS)
|