0

I'm writing an FTP client from scratch and have trouble opening a PASV connection. The server seems to send the right port, but the client receives a different raw string and subsequently cannot connect.

This is the server log (Filezilla):

2018.07.19 16:29:44 - (not logged in) (x.x.10.33)> Connected on port 21, sending welcome message...
2018.07.19 16:29:44 - (not logged in) (x.x.10.33)> 220 Hello from FileZilla Server 0.9.60 beta
2018.07.19 16:29:44 - (not logged in) (x.x.10.33)> USER test
2018.07.19 16:29:44 - (not logged in) (x.x.10.33)> 331 Password required for test
2018.07.19 16:29:45 - (not logged in) (x.x.10.33)> PASS test
2018.07.19 16:29:45 - test (x.x.10.33)> 230 Logged on
2018.07.19 16:29:45 - test (x.x.10.33)> PASV
2018.07.19 16:29:45 - test (x.x.10.33)> 227 Entering Passive Mode (y,y,105,118,93,232)

And this is the client log (my program):

> USER test
2018.07.19 14.29.02 - 220 Hello from FileZilla Server 0.9.60 beta
2018.07.19 14.29.02 - 331 Password required for test
> PASS test
2018.07.19 14.29.02 - 230 Logged on
> PASV
2018.07.19 14.29.03 - 227 Entering Passive Mode (y,y,105,118,214,224)

The shown output is the raw data received from the socket. All server output arrives, but the 227 response has the wrong port numbers. I'm confused how this is even possible.

The connection is via VPN (OpenVPN) from Vietnam to Germany, the server is located in Germany, too. I have verified that Filezilla and my client work together when run on the same machine (no internet traffic). I've also verified that my client works with an independent server (both locally and over unsecured internet), so the problem seems to be with Filezilla?

mafu
  • 31,798
  • 42
  • 154
  • 247
  • Crossposted to https://forum.filezilla-project.org/viewtopic.php?f=6&t=49365 – mafu Jul 19 '18 at 15:30
  • 1
    Maybe a NAT on the server end is changing the port number on you? – Gil Hamilton Jul 19 '18 at 15:32
  • 1
    Some NATs/routers are aware of the FTP protocol and will automatically handle routing of FTP data connections for you, altering `PORT` and `PASV` commands accordingly as they pass through – Remy Lebeau Jul 19 '18 at 23:59
  • Thanks for the pointers, good idea, I will check! – mafu Jul 20 '18 at 01:19
  • It seems NAT is not involved. The routers under my control do no NAT. Also, with the exact same settings (ports, PASV range), the Filezilla connection changes the string while another server does not. – mafu Jul 20 '18 at 02:31
  • The logs do not seem to be from the same session. Note the 40 seconds time difference. – Martin Prikryl Jul 21 '18 at 06:48
  • @MartinPrikryl Same session, just NTP being NTP – mafu Jul 21 '18 at 17:04

0 Answers0