LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices


Reply
  Search this Thread
Old 09-03-2009, 02:11 AM   #1
MQMan
Member
 
Registered: Jan 2004
Location: Los Angeles
Distribution: Slack64 14.1
Posts: 576

Rep: Reputation: 38
PASV. No response when issued remotely


OK, I'm running vsftpd, and having problems setting up PASV mode correctly. So, I went back to "basics", and tried to connect to the ftp server via telnet.

Now here's the strange thing. When I enter the PASV command on my local lan, I get a response, but trying remotely it just hangs. Here is a dialog, from telnetting to my server, on port 21, from my local lan:
Code:
220 (vsFTPd 2.0.7)
user anonymous
331 Please specify the password.
pass
230 Login successful.
pasv
227 Entering Passive Mode (192,168,0,1,245,237)
But, when I try remotely, I get as far as entering the pasv command, but I never get a response:
Code:
220 (vsFTPd 2.0.7)
user anonymous
331 Please specify the password.
pass
230 Login successful.
pasv
And it hangs there, never to return.

Obviously, the server is up and running, otherwise I wouldn't get the user/password prompts, and also there can't be any firewall issues, at least on the control port, 21. But why should the pasv command be any different. I'm still talking to the same control port, 21, and the responses should still be coming back on the same port as the others.

So, what could be the issue here. Is it possible that a firewall could filter out just certain commands.

Cheers.
 
Old 09-03-2009, 02:41 AM   #2
repo
LQ 5k Club
 
Registered: May 2001
Location: Belgium
Distribution: Arch
Posts: 8,529

Rep: Reputation: 899Reputation: 899Reputation: 899Reputation: 899Reputation: 899Reputation: 899Reputation: 899
You should open the range of ports, configured in your conf file for passive transfer on the firewall/router
 
Old 09-03-2009, 03:05 AM   #3
MQMan
Member
 
Registered: Jan 2004
Location: Los Angeles
Distribution: Slack64 14.1
Posts: 576

Original Poster
Rep: Reputation: 38
Quote:
Originally Posted by repo View Post
You should open the range of ports, configured in your conf file for passive transfer on the firewall/router
They already are, but the server isn't responding back to the client about which ports to use. That's the issue.

All the current traffic should be taking place on the control port, 21.

Cheers.
 
Old 09-03-2009, 08:32 PM   #4
chrism01
LQ Guru
 
Registered: Aug 2004
Location: Sydney
Distribution: Centos 7.7 (?), Centos 8.1
Posts: 17,860

Rep: Reputation: 2596Reputation: 2596Reputation: 2596Reputation: 2596Reputation: 2596Reputation: 2596Reputation: 2596Reputation: 2596Reputation: 2596Reputation: 2596Reputation: 2596
Not sure if this will help(?), but it's a really good explanation/HOWTO of Active vs Passive FTP.

oops; see MQMAN post below. Anyway for anyone who might want it, http://slacksite.com/other/ftp.html

Last edited by chrism01; 09-03-2009 at 11:08 PM. Reason: missed out link :(
 
Old 09-03-2009, 10:07 PM   #5
MQMan
Member
 
Registered: Jan 2004
Location: Los Angeles
Distribution: Slack64 14.1
Posts: 576

Original Poster
Rep: Reputation: 38
There was no link. LOL

But I already know exactly how active/passive FTP work.

My issue, is why the 1st few commands, sent to port 21, get the response back correctly, but the pasv command doesn't. It's travelling over the same tcp connection as the others.

Cheers.
 
Old 09-04-2009, 01:05 AM   #6
repo
LQ 5k Club
 
Registered: May 2001
Location: Belgium
Distribution: Arch
Posts: 8,529

Rep: Reputation: 899Reputation: 899Reputation: 899Reputation: 899Reputation: 899Reputation: 899Reputation: 899
Quote:
* FTP server's port 21 from anywhere (Client initiates connection)
* FTP server's port 21 to ports > 1023 (Server responds to client's control port)
* FTP server's ports > 1023 from anywhere (Client initiates data connection to random port specified by server)
* FTP server's ports > 1023 to remote ports > 1023 (Server sends ACKs (and data) to client's data port)
Seems to me there is a problem with the firewall.
Did you read the link chrism01 gave you ?
 
Old 09-04-2009, 09:55 AM   #7
MQMan
Member
 
Registered: Jan 2004
Location: Los Angeles
Distribution: Slack64 14.1
Posts: 576

Original Poster
Rep: Reputation: 38
Now he's posted the link, yes I already have read that.

The issue is NOT with the high ports, that are to be used by pasv connections.

It's with the connection to port 21, the control port.

I connect, I get a response. I send the "user" command, I get a response. I send the "pass" command, I get a response. I send the "pasv" command, and I get NOTHING back.

Why should a firewall be involved in the returning results of the "pasv", that it wasn't for the previous 2 commands.

I ran a tcpdump, on my server, and I see the reply, to the pasv being sent, multiple times, before I kill the client side.

Cheers.
 
Old 09-07-2009, 07:44 PM   #8
MQMan
Member
 
Registered: Jan 2004
Location: Los Angeles
Distribution: Slack64 14.1
Posts: 576

Original Poster
Rep: Reputation: 38
Ha. It turned out to be my stupid a$$ VoIP adapter, which was sitting between my cable modem and my server. After pulling it out, everything works fine.

Why the ... can't those things be programmed to just pass ALL the traffic, in both directions, through untouched, if that's what I want.

Cheers.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: A Response to HIMSS "Call to Action" on the American Recovery and Response Act LXer Syndicated Linux News 0 02-13-2009 01:40 AM
proftpd + pasv lil_drummaboy Linux - Networking 0 12-05-2005 11:35 AM
use yast remotely, keyboard no response yumener Linux - Software 2 10-26-2005 02:16 PM
pasv mode dica Linux - Networking 3 04-15-2003 09:09 AM
Iptables + PASV jrmann1999 Linux - Networking 0 11-30-2001 04:01 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 06:19 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration