Your best friend for file transfer.

Fetch application logoFetch

Fetch 3.03 & NAT filters (5 posts)

This is an archived topic. The information in it is likely to be out-of-date and no longer applicable to current versions of Fetch.
  • Started 13 years ago by brashquido
  • Latest reply 13 years ago from Jim Matthews
  • brashquido Member

    Hi All,

    Hope somebody can help me, I've got a user running a G3 with OS 8.6 and Fetch 3.03. This is the only Mac on the network. Internet access is provided through Network Address Translation on a Windows 2000 Server. For the most part all works fine. However, when I try to configure input filters for NAT to increase security, Fetch stops working. I've opened TCP ports 20 & 21 for both outgoing and incoming connections for FTP access on the server and set Fetch to connect via PASV mode using ports 20 through to 21 on the Mac without the desired results. Fetch seems to authenticate, but won't give a directory listing. I spose in short, what protocol (TCP,UDP or ICMP)and port number(s) do I have to leave open for Fetch 3.03 to get through. Or how can I find out what protocol and port number fetch is trying to use. I getting pretty desperate for help as the server has already been hacked once and without the filters, it's wide open! Thanks.

    Posted 13 years ago #

  • brashquido Member

    Hi All,

    Managed to get a bit further. I created a filter to allow TCP with ports 20 & 21, TCP(established) with ports 20 & 21 and UDP with ports 20 & 21 access. Fetch will now login and display the root directory, but won't list any of the sub-direcories. The FTP server in question is a UNIX server.

    230-
    230 Logged in.
    SYST
    215 UNIX Type: L8
    PWD
    257 "/user/b/e/benryan" is cwd.
    CWD /export/home/netspace
    250 "/export/home/netspace" is new cwd.
    PWD
    257 "/export/home/netspace" is cwd.
    CWD docs
    250 "/export/home/netspace/docs" is new cwd.
    PWD
    257 "/export/home/netspace/docs" is cwd.
    CWD draft6
    250 "/export/home/netspace/docs/draft6" is new cwd.
    PWD
    257 "/export/home/netspace/docs/draft6" is cwd.
    PASV
    227 Entering Passive Mode (210,15,254,254,135,186)
    LIST

    And thats where it seems to hang

    Posted 13 years ago #

  • brashquido Member

    Correction, back to square one. The only way I can get it working is to add a filter to NAT that has no restriction what so ever. Any ideas?

    Posted 13 years ago #

  • brashquido Member

    Finally got round the problem. More of a work round than a fix, but it'll do. It seems even though I specified only to use ports 1024 to 1040 in the Fetch, it was still trying to use ports from 1024 to 65535. Whether this is a server or client thing, I have no idea. I ended up allowing the IP of the FTP servers in question wide open access to the network. THe only problem is, the user in question is a Web Designer, and needs access to different FTP servers every few months.

    Posted 13 years ago #

  • Jim Matthews Administrator

    FTP clients use two TCP connections for each session, the control connection and the data connection. The control connection is made from the client to the server, usually to port 21 on the server. The data connection might be made from the client (if the PASV command is used) or from the server. If it's made from the client, it's made to an address picked by the server, so it's difficult to say in advance what port that will be. If PORT is used (instead of PASV) the client picks the port that the server will connect to.

    In that case Fetch picks a random port. It used to let the user specify a range of ports to use, but that preference was confusing to a lot of users, and was removed in Fetch 4.0.

    I hope this helps,

    Jim Matthews
    Fetch Softworks

    Posted 13 years ago #

Topic closed

This topic has been closed.