Your best friend for file transfer.Fetch
Updated Fetch - now can't connect (6 posts)
- Started 9 years ago by kevb
- Latest reply 9 years ago from kevb
I've just updated Fetch to 5.2 from, I believe, 5.1 and I'm now having problems connecting to a couple of FTP sites through my keychain access. These worked fine before through the earlier version but now I get an error message saying:
Connection is refused. Server responded " Entering passive mode (212,32,9,169,8,xxx).
Any help would be much appreciated.
Just as a footnote - read the topic 'Firewall help' and decided to try the connections with my Firewall turned off and, hey presto, they worked.
But, obviously, this is not a permanent solution.
Scott McGuire Administrator
We'd like some more information to help diagnose the problem.
Could you please do the following?
* Turn on your firewall.
* Quit Fetch, if it's open.
* Open Fetch again.
* Choose Preferences from the Fetch menu.
* Click the General tab.
* Make sure that the "Use passive mode transfers (PASV)" is checked.
* Try to connect to one of the problem servers.
* Then choose Fetch Transcript from the Window menu, copy the entire contents of the transcript window, and paste them into a reply to this message.
We'll take a look and see if we can figure out what the problem might be.
Thanks for replying. I think I've found a solution by enabling ftp access in my firewall settings - this seems to have done the trick (the administrator for the ftp site I was attempting to connect to said that they didn't accept passive mode transfers). Anyway, here's the transcript requested:
Fetch 5.2.1 (5C263) PowerPC running on Mac OS X 10.3.9 (7W98) PowerPC English
StuffIt Engine 0x820, StuffIt SDK Version 10.1.1b1
Partial serial FETCH5X001-DN57-VLBW T
Connecting to ftp.pubint.co.uk port 21 (Mac OS X firewall is on) (7/6/07 2:24:22 pm)
Connected to 184.108.40.206 port 21 (7/6/07 2:24:22 pm)
220 mcweb02 Microsoft FTP Service (Version 5.0).
331 Password required for ftppubint.
230 User ftppubint logged in.
215 Windows_NT version 5.0
257 "/" is current directory.
500 'MACB ENABLE': command not understood
250 CWD command successful.
257 "/FTPFiles" is current directory.
200 Type set to A.
227 Entering Passive Mode (212,32,9,169,9,145).
Making data connection to 220.127.116.11 port 2449
ftp_setup_dataconn() passive mode dataconn failed, result = 1,61
200 PORT command successful.
150 Opening ASCII mode data connection for /bin/ls.
Active mode connection blocked by Mac OS X firewall, port 50840
425 Can't open data connection.
225 ABOR command successful.
ftp_list: 1,61 (state == GETTING_LIST)
Scott McGuire Administrator
Yes, the problem appears to be that the server doesn't support passive mode connections and the firewall was blocking active mode connections.
You should be aware that the "FTP access" setting in your Firewall settings solves the problem by opening up quite a range of ports in your firewall, so it decreases the security of your firewall. And also, you're now running an FTP server on your Mac, which could also be a security hazard.
In general, it might be safer to turn the firewall off temporarily when you need to FTP to the servers in question, than running a server and leaving the ports open in the firewall all the time.
(And as advance warning for the future, Apple changed the behavior of the "enable FTP Access" in Mac OS X 10.4 so that it doesn't open up all the ports, which is more secure, but it means it doesn't fix the active mode FTP vs. firewall problem anymore.)
Unfortunately, if the administrators will not enable passive mode support, then you have no choice but to either disable the firewall, or open up a lot of ports in it. You might want to ask them if they support, or would think about supporting, SFTP access to the site - SFTP does not have these problems with firewalls, and is more secure overall in addition.
And coming back to your original question, I think it's unilkely it's the upgrade to Fetch 5.2 that caused this problem; the problems you're encountering affect all versions of Fetch (and all FTP clients, in fact). They may appear to be new because the FTP sites have made changes on their end - new firewalls for the servers, changes in server configurations, etc.
Anyway, I wish we could provide a better solution for you, but basically these are problems related to limitations of the FTP protocol. But please let me know if you have further questions.
Thanks for your help Scott. I was aware that enabling FTP access isn't a great idea, so I'll probably do as you suggest and turn the firewall off temporarily in future.
- Page 1