Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 13 Dec 2005 11:24:20 +0100
From:      Pietro Cerutti <pietro.cerutti@gmail.com>
To:        Imran Imtiaz <imran@darkstar.thelakecity.com.pk>,  FreeBSD <freebsd-questions@freebsd.org>
Subject:   Re: ftp problem
Message-ID:  <e572718c0512130224w7f4173b9ye1c62e4ffb184b67@mail.gmail.com>
In-Reply-To: <200512130744.jBD7iUUj073920@darkstar.thelakecity.com.pk>
References:  <200512130744.jBD7iUUj073920@darkstar.thelakecity.com.pk>
next in thread | previous in thread | raw e-mail | index | archive | help 
On 12/13/05, Imran Imtiaz <imran@darkstar.thelakecity.com.pk> wrote:
> I am running a ftp server on my computer it works fine if i do not enable=
 the firewall but as I enable the firewall on my system ftp doesn't works a=
lthough I have open port 21 in firewall. my ftp client do gets connected bu=
t when i try to dir or any other commands its say no route. below is the ou=
tput of my ftp client
> C:\Documents and Settings\Asif>ftp darkstar.thelakecity.com.pk
> Connected to darkstar.thelakecity.com.pk.
> 220 ProFTPD 1.2.10 Server (ProFTPD Default Installation) [202.59.74.139]
> User (darkstar.thelakecity.com.pk:(none)): anonymous
> 331 Anonymous login ok, send your complete email address as your password=
.
> Password:
> 230 Anonymous access granted, restrictions apply.
> ftp> dir
> 200 PORT command successful
> 425 Unable to build data connection: No route to host
> ftp> quti
> Invalid command.
> ftp> quit
> 221 Goodbye.

FTP works in a two-channel mode.
One channel is used for commands, while the other is the data channel,
where your files go through...

Example of sockstat on the server, during an ftp connection

COMMAND   PID     FD  PROTO    LOCAL ADDRESS    FOREIGN ADDRESS
ftpd               55377 6     tcp4        192.168.1.6:21        =20
192.168.1.3:58121
ftpd               55377 9     tcp4        192.168.1.6:53808   =20
192.168.1.3:60020

As you can see, the first line is the command channel (local port 21
used), while the second line is the data channel (local port 53808
(could be any)).

Your firewall accepts connections on port 21, but doesn't allow the
data channel to be extabilished.

Can you post the relevant lines in your firewall rules file?

--
Pietro Cerutti
<pietro.cerutti@gmail.com>

Beansidhe - SwiSS Death / Thrash Metal
<www.beansidhe.ch>

Windows: "Where do you want to go today?"
Linux: "Where do you want to go tomorrow?"
FreeBSD: "Are you guys coming or what?"

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?e572718c0512130224w7f4173b9ye1c62e4ffb184b67>