0

Why does Apache-Commons-Net's FTPClient sometimes make the wrong computation for the port number in the PORT command? This is in active mode. For example FTPClient it could send out PORT <some>,<ip>,<address>,<here>,235,181 when in fact the port number used is 60340. What's the cause for this wrong computation?

This could happen on version 3.3.

I know ftpClient.enterLocalPassiveMode(); could solve this, but I want to know the part where the active mode doesn't work as expected.

damat-perdigannat
  • 5,780
  • 1
  • 17
  • 33
  • What is the actual question? Do you wonder what the `235,181` means or why it's not `235,180`? – Martin Prikryl Aug 06 '14 at 15:44
  • Yes, I'm wondering why it's not 235,180 so I'm asking for apache-commons-net's logic behind the computation. Anyway, thanks for the answer on my other question at superuser. – damat-perdigannat Aug 06 '14 at 23:40
  • How do you tell what is the actual port number (the `60340`)? Can you include a piece of log file? – Martin Prikryl Aug 07 '14 at 05:53
  • I track the TCP packets and check the port used. Sorry, I didn't save logs. But I'm pretty sure it's 60340. – damat-perdigannat Aug 07 '14 at 05:56
  • The calculation is pretty straightforward: `port >>> 8` and `port & 0xff` – Martin Prikryl Aug 07 '14 at 05:56
  • What TCP packets? The port cannot be used. When a client reports wrong port to a server, the server can hardly connect to the port and send any packets. – Martin Prikryl Aug 07 '14 at 05:58
  • I meant I checked the TCP Packets being sent over the network. What first happens is apache-commons-net connects using port 60340. Then some commons-net class computes the port number and sends the port command using the wrong port number parameters i.e. 235,180. Then the wrong port command becomes "successful". However, the two machines still communicate at port 60340. And then, an error like "Can't open data connection" happens. – damat-perdigannat Aug 07 '14 at 06:20

1 Answers1

0

From your comments, I assume you mistake an FTP control connection with a data connection.

I assume that the 60340 is local port of the FTP control connection. When opening data connection, 60341 is assigned (hence the PORT ...,235,181).

Reasoning: In an FTP active mode, the client opens listening port for the expected data connection, which it then reports to the server via PORT command over an existing control connection. If the server cannot connect to the port, no TCP/IP packet can ever come to that port. As you claim that the "two machines still communicate at port 60340", it must be the control connection. There cannot be any communication on port, if the connection failed ("Can't open data connection").

The actual cause of the "Can't open data connection" error is likely that you are behind a firewall, so the server cannot connect back to the client. What is a common nowadays. That's what passive mode is good for.

Martin Prikryl
  • 188,800
  • 56
  • 490
  • 992