Your best friend for file transfer.

Fetch 5.3, transparent proxy, pasv command (5 posts)
- Started 14 years ago by guybrush
- Latest reply 14 years ago from guybrush
-
guybrush Member
-
guybrush Member
Hi
Here is some more information.
From the Fetch Transcript:
227 Entering Passive Mode (192,168,1,1,105,72)
Making data connection to 130.59.10.36 port 26952
ABOR
500 Unknown command.
PORT 192,168,1,10,192,21
200 PORT command successful.
LIST -al
150 Here comes the directory listing.
Active mode connection blocked by Mac OS X firewall, port 49173
ABORSo it seems to me that fetch tries to connect to the (wrong) IP (not the proxy but the original server) and eventually times out. It then tries active FTP which does not work either because of the firewall.
I found that if I use curl on the commandline, it works, unless I use --ftp-skip-pasv-ip (which makes sense). So it seems to me curl's --ftp-skip-pasv-ip is Fetch's default behaviour (maybe for security reasons?).
For the curl man page, see http://developer.apple.com/documentation/Darwin/Reference/ManPages/man1/curl.1.html
Can anyone make sense of this?
Kind regards
guybrush -
Jim Matthews Administrator
Hi,
That's correct, as of Fetch 5.2 we have the same behavior as curl's --ftp-skil-pasv-ip option. We made the change to make Fetch compatible with servers behind port-mapping Network Address Translation (NAT) devices. But this behavior seems like a bug in your situation.
Could you post (or email to bugs at fetchsoftworks dot com) a complete transcript of a connection attempt? It would also be helpful to know the name of the transparent ftp proxy server software you are using.
Thanks,
-
guybrush Member
Hi JimMatthews
Thank you for coming back to me.
I sent you a complete transcript by mail to the address you indicated. And I am posting the same transcript here for reference.
Fetch 5.3 (5D161) PowerPC running on Mac OS X 10.4.11 (8S165) PowerPC English
StuffIt Engine 0x820, StuffIt SDK Version 10.1.1b1
Partial serial FETCHED001-M445-3MTR T
Connecting to mirror.switch.ch port 21 (Mac OS X firewall is on) (1/7/09 9:59:28 PM)
Connected to 130.59.10.36 port 21 (1/7/09 9:59:28 PM)
220 FTP proxy (v0.13.5) ready
ADAT
530 Login incorrect. Expected USER command
AUTH This command is checking whether this server supports Kerberos or GSS security, see RFC 2228
530 Login incorrect. Expected USER command
USER anonymous
331-SWITCHmirror (formerly known as Swiss SunSITE) welcomes you!
331-
331 Please specify the password.
PASS
230- Welcome to SWITCHmirror ftp://mirror.switch.ch/
230- ----------------------- http://mirror.switch.ch/
230-
230- SWITCHmirror is located in Zurich, Switzerland and
230- operated by SWITCH: http://www.switch.ch/
230-
230- If you have problems downloading and are seeing "Access denied"
230- or "Permission denied", please make sure that you started your
230- FTP client in a directory to which you have write permission.
230-
230- Contact address: switchmirror@switch.ch
230-
230- NOTE: ALL transfers are logged and any misuse will be acted upon.
230-
230 Login successful.
SYST
215 UNIX Type: L8
PWD
257 "/"
MACB ENABLE
500 Unknown command.
PWD
257 "/"
TYPE A
200 Type set to A
PASV
227 Entering Passive Mode (192,168,1,1,105,88)
Making data connection to 130.59.10.36 port 26968
ABOR
500 Unknown command.
PORT 192,168,1,10,192,19
200 PORT command successful.
LIST -al
150 Here comes the directory listing.
Active mode connection blocked by Mac OS X firewall, port 49171
ABOR
ftp_list: 2,-30031 (state == GETTING_LIST)
QUIT
send_cmd():con_conn->Putline() returns 2,32767
Update check skipped at 01/07/2009 10:01 PM (next check after 01/12/2009 01:15 PM)The proxy-software I am using is jftpgw v0.13.5 ( http://www.mcknight.de/jftpgw/ ).
Any help is greatly appreciated. If you (or anyone) needs more information, I will be happy to provide it.
Kind regards
guybrush -
guybrush Member
Hi Everyone
Jim Matthews provided me with a experimental version of Fetch that can do what curl can do with the (not) --ftp-skip-pasv-ip option. This works like a charm.
The (configurable) option will be part of a future version of Fetch. Thank you very much! This was the most exceptional support I ever encountered (can you say so? I am not a native english speaker...).
Kind regards
guybrush
- Page 1
Hi
I try to get my transparent ftp-proxy setup up and running. And I am stumbling a bit.
It seems to me, that Fetch *always* tries to open its data connection to the IP-address it originally wanted to connect to.
This means, if the proxy sends its IP with the "Entering Passive Mode" message, Fetch won't connect to the proxy, but tries to connect to the original server (which is not reachable because of the firewall, hence the proxy...).
Is this "by design"? Or is this "a bug"? Or am I getting something conceptually wrong here?
Kind regards
guybrush
Posted 14 years ago #