Firewall Wizards mailing list archives
Re: Anybody have a clue why...
From: "Michael H. Warfield" <mhw () wittsend com>
Date: Thu, 3 Jun 1999 08:33:00 -0400 (EDT)
Will Kempf enscribed thusly:
...passive ftp won't work from command line through Firewall-1?
Windows clients such as WS_FTP and Netscape work just fine when set to passive mode. When I do a "quote PASV" in a command line ftp session (Unix or Windows command line clients), the server says its entering passive mode, but a list or file transfer in either direction just hangs.
Time out! Both sides have to understand passive. If you do a "quote PASV", all you have done is send a PASV command over to the server. It doesn't mean that your client understands passive mode. If you just do an "ls" or "dir", the client is still going to attempt to do active "PORT" mode unless you switch the client to passive mode (and some clients are not capable). On Linux, simply typing "passive" at the "ftp>" prompt is sufficient (and you don't have to do the "quote PASV"). You can also use the command "pftp" and ftp comes up defaulting to passive mode. Not all ftp clients support this, however, and if you are not on a recently version of Linux or *BSD or you are on some other flavor of *NIX like Solaris, HP/UX, or SCO, chances are your client does not understand passive. Try typing the command "passive" (no "quote") at the "ftp>" prompt. If you get an error, you probably need to get a different ftp client. Get one of the open source flavors that supports passive ftp.
The Firewall-1 policy has "enable passive ftp transfers" selected in the properties.
TIA Will
Mike -- Michael H. Warfield | (770) 985-6132 | mhw () WittsEnd com (The Mad Wizard) | (770) 925-8248 | http://www.wittsend.com/mhw/ NIC whois: MHW9 | An optimist believes we live in the best of all PGP Key: 0xDF1DD471 | possible worlds. A pessimist is sure of it!
Current thread:
- Anybody have a clue why... Will Kempf (Jun 02)
- Re: Anybody have a clue why... Ge' Weijers (Jun 03)
- Re: Anybody have a clue why... Andrew Brown (Jun 03)
- Re: Anybody have a clue why... Michael H. Warfield (Jun 03)
- <Possible follow-ups>
- Re: Anybody have a clue why... Geva Patz (Jun 03)
- Re: Anybody have a clue why... Steven M. Bellovin (Jun 03)