Jump to content
nouvakis

TIcsFtpMulti WaitUntilReady

Recommended Posts

I am trying to upload to a server (it reports UNIX Type: L8) using SSL.

it fails when trying to get Dir List (using TIcsFtpMulti waiting Timeout=600)

 

Is there any way to overcome this problem?

 

PS: the same server responds well if I don't use SSL

Edited by nouvakis

Share this post


Link to post
1 hour ago, nouvakis said:

I am trying to upload to a server (it reports UNIX Type: L8) using SSL.

it fails when trying to get Dir List (using TIcsFtpMulti waiting Timeout=600)

 

Is there any way to overcome this problem?

 

PS: the same server responds well if I don't use SSL

Searching with google, I found this:

https://superuser.com/questions/1195462/server-sent-passive-reply-with-unroutable-address-in-filezilla

 

I think that the server is not configured correctly, and it answers with its local address to PASV command

Indeed, debugging I found that original address is

Quote

< 220 GSN (sch.gr) ftp Server
FTP Session Connected OK to: 194.63.239.5:21

but later I get

Quote

< 227 Entering Passive Mode (10,2,34,21,196,235).
02:02:07:732 TWSocket will connect to 10.2.34.21:50411

 

I assume that 10.2.34.21 is its local address and this is the problem.

In the above article, the writer says:

Quote

When encountering this, FileZilla tries to connect to the primary address of the FTP server instead, as that is usually the correct address to use. So in most cases you won't notice the problem at all.

 

Share this post


Link to post

Yes this issue was discussed here last week relating to the ICS FTP server behind a NAT router.  In the past, routers were able to manipulate the control channel to change the private IP address to public, but it seems FTP is now considered a legacy protocol and newer routers don't bother.  Also SSL stops the router seeing the control channel, one reason you can configure SSL on data but leave the control channel clear. 

 

I like FileZilla's idea of re-using the earlier public address, I'll have a look and see if that can be done in ICS, as an option. 

 

Angus

 

Share this post


Link to post

In general, a peer couldn't reliably know its external address unless it connects to some remote server and asks him "what's my ip dude".

That's why servers that require knowing their own external address usually have a manually editable setting.

I'd say that FTP server is configured incorrectly and besides tweaking your side you could write to its owner.

Share this post


Link to post

Misconfiguration of NAT'd FTP servers is common, I only corrected one of mine this week.  So if the client can help, it's worth a little effort. 

 

The STUN protocol allow determination of public IP address behind NAT, and a STUN component has been on my ICS wish list for a few years, maybe I'll finally write it.  Won't help me though, since my development servers behind NAT have several different IPv4 and IPv6 addresses on two different ISPs.

 

Angus

 

Share this post


Link to post
1 hour ago, Angus Robertson said:

So if the client can help, it's worth a little effort.

Misconfig affects all users... and too tolerate client tools are making admins too lazy xDDD

Share this post


Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×