|
::: MacOSX and Active-FTP server issue :::
Hi everybody
I hope that somebody can help me, because nobody at Apple was able too. I'm trying to login to our FTP server... which is set to Active mode by our ISP. I am able to connect to it by booting in Mac OS 9 but when I switch back to MacOSX.2.6. when I try to connect to the server all I get is "Retrieving list of files..." and it hang there. I tried different software to connect to it. Transmit, Fetch, the Terminal and even Connect to server from the Finder. Same result. At first I thought it was our Router/Firewall. It's can't be that if i'm able to connect to it when booting Mac OS 9. Also, I can't connect to any Active-FTP server using the ClassicMode in OSX. That problem only occure with Active-FTP server and everything is fine with Passive-FTP server (PASV). I even ask a Technician at Apple to connect to the server, we tried different setting... he was getting the same result. The answer I got was... Sir, we don't know. (am I suppose to pay for AppleCare?!) I'm connecting to the internet via Ethernet. Regards, TaKeo |
Is your OS X machine using an internal firewall?
|
Q : Is your OS X machine using an internal firewall?
A : Nope... it's off |
active vs passive FTP
When you say that the FTP servers are "active", do you mean that they don't support passive FTP? Most public FTP servers do support passive mode. Note that the choice between active & passive is made by the client (your machine) not the server.
There is a good explanation here: http://slacksite.com/other/ftp.html What I found is that I needed to click the checkbox "Use Passive FTP Mode (PASV)" which is under the "Proxies" tab in the Network preference panel. This is needed because otherwise my OS X firewall doesn't allow the FTP server to connect back to my machine. |
I tried both, with the box check and without, even in the software... still no result
(Firewall is off) here's the ftp address, if some of you want to try it it's client access only, so you won't be able to delete anything... ;) ftp.seguinlabelle.com log : client pass : slc Regards, TaKeo |
Turn off passive mode on your client:
Code:
% ftp ftp.seguinlabelle.com |
Reply to stetner
Hi,
This is what I got... ___________________ Last login: Tue Aug 12 09:27:04 on ttyp1 ftp> ftp ftp.seguinlabelle.com Connected to ftp.seguinlabelle.com. 220 lucienne Microsoft FTP Service (Version 5.0). Name (ftp.seguinlabelle.com:slc): client 331 Password required for client. Password: 230 User client logged in. Remote system type is Windows_NT. ftp> passive Passive mode: off; fallback to active mode: off. ftp> ls 500 'EPRT |1|192.168.0.4|55626|': command not understood 421 Service not available, remote server timed out. Connection closed ftp> ____________________________ I tried it also in PASV is also of in the preference panel. I tried to connect via Transmit (message = Could not read reply from control connection -- timed out. ), Fetch (message = Error: the server dropped the connection (it may be too busy), by turning off the PASV mode, but with no success. Can the router be the source of the problem? I have my doubt about that because I can connect to the FTP server if I use WinXP or MacOS9... But just in case this is what we have : Nexland Pro100 __________________________ Thanks for you time Regards, Eric a.k.a TaKeo |
Try ncftp (in fink).
Your client used an EPRT command which the MS server apparently doesn't understand. ncftp uses a regular PORT command which should work fine. Breen |
okay
I need some help here ! How do I do that and what do I do ? I don't have knowledge of Linux/Unix language regards Eric aka TaKeo |
Shot in the dark, I know...
Do you have FTP set up as a service in your system preferences? It seems that every time I shut it off I can't connect to our FTP servers on Windows machines. |
Eric --
Check the instructions at http://fink.sourceforge.net for instructions on installing fink. Once that's there you can install the ncftp installation. Breen |
I emailed this to Eric...
Code:
Hi Eric, |
OK every body...
Just run some test... and I still don't understand Booting in OSX if i use NetFinder for OS9 (classic) i can connect no problem. if i use NetFinder for OSX (Jaguar) i can connect but can't see any listing... there's is something wrong between with Darwin and WindowsNT servers (winsocK) the server doesn't send me the ls data. error 5005. Thanks every body for your help. Eric a.k.a. TaKeo p.s. and yes i turn on/off PASV, and turn on/off Firewall and every thing to see if it was the problem. |
You might also want to take a look at PureFTPd. There's a graphical user interface, plus a wizard to help with setup. The only catch is you need to authenticate as root to use the app properly (or so the documentation says).
PureFTPd app |
We can't even connect from a remote computer (no firewall, no router). One of the employee here, can't even connect from home.
Firewall is off, PASV is OFF. The Terminal... I have no problem using it... but doesn't work either. Also... hard to explain to a client (50years old+ using a Mac), that they need to use the Terminal to connect to our FTP server. Most of them don't even know it exist. The more I talk about it (on different forum) the more I hear it's a Windows issue (TCP capability of NT). Regards, Eric a.k.a. TaKeo |
Server Problem
Eric,
What is happening here is that the MAC OS X has been written to be RFC2428 compliant which is in a nutshell extensions to FTP so that it will work in IPv4 and IPv6 environments. Normally this is not a problem however the FTP server that you are trying to connect to is NT and I suspect that it is having trouble interpreting these commands. According to the RFC, The EPSV command requests that a server listen on a data port and wait for a connection. Thus the server is correct in forcing the FTP connection to passive mode. Why it is then hanging on your PC is a mystery to me. I had the terminal FTP session "hang" for about 20 secs as the FTP switched ports, etc.. to passive but then everything seemed to operate properly. Now everyone has asked about the firewall and passive ftp on your MAC and that is all well and good. However I would ask that you explain how you are connecting to the Internet in order to reach this server? Is there NAT involved there or perhaps a Firewall of some sort? Tom |
Reply to : tothomas
Ok... this is how "we" connect.
Ethernet Router : Nexland ISB Pro100 (So no, Network Address Translation (NAT)). Switchbox : PureData PDC8023UAS-32 PLUS Type of connection : DSL / PPPoE OS version : 10.2.6 with Firewall/OFF and PASV/OFF Reminder : Able to connect in Classic mode / Unable to connect to the same FTP address from a remote cpu (OSX 10.2.6 with Firewall/OFF and PASV/OFF). Also, no problem using a Mac running os9 or a PC runnning WinXP on the same router/network or from a remote computer. Server type : Microsoft FTP Service (Version 5.0) using Active-Mode. Regards, Eric address : ftp.seguinlabelle.com log : client pass : slc Network Address Translation (NAT) |
Was able to connect today...
But only one time... Tried to do it again... nothing... Can't get list of files.... Damn... |
Can you do a 'sudo tcpdump dst ftp.seguinlabelle.com' in one terminal window and then try to connect from another terminal window like this:
Code:
% ftp ftp.seguinlabelle.comCode:
% sudo tcpdump dst ftp.seguinlabelle.com |
replying to stetner
Here's what I got :
First window : ----------------------- % ftp ftp.seguinlabelle.com Connected to ftp.seguinlabelle.com. 220 lucienne Microsoft FTP Service (Version 5.0). Name (ftp.seguinlabelle.com:slc): client 331 Password required for client. Password: 230 User client logged in. Remote system type is Windows_NT. ftp> ls 500 'EPSV': command not understood 227 Entering Passive Mode (206,108,58,240,5,84). 421 Service not available, remote server timed out. Connection closed ftp> ----------------------- Second window : ----------------------- % sudo tcpdump dst ftp.seguinlabelle.com Password: tcpdump: listening on en0 09:47:57.144789 192.168.0.4.50341 > ip240.cactuscom.com.ftp: S 264832786:264832786(0) win 32768 <mss 1460,nop,wscale 0,nop,nop,timestamp 1834401933 0> (DF) 09:47:57.193700 192.168.0.4.50341 > ip240.cactuscom.com.ftp: . ack 1293822256 win 34080 <nop,nop,timestamp 1834401933 0> (DF) 09:47:57.250180 192.168.0.4.50341 > ip240.cactuscom.com.ftp: . ack 52 win 34080 <nop,nop,timestamp 1834401933 57653899> (DF) [tos 0x10] 09:48:03.201232 192.168.0.4.50341 > ip240.cactuscom.com.ftp: P 0:13(13) ack 52 win 34080 <nop,nop,timestamp 1834401945 57653899> (DF) [tos 0x10] 09:48:03.250905 192.168.0.4.50341 > ip240.cactuscom.com.ftp: . ack 87 win 34045 <nop,nop,timestamp 1834401945 57653959> (DF) [tos 0x10] 09:48:05.465290 192.168.0.4.50341 > ip240.cactuscom.com.ftp: P 13:23(10) ack 87 win 34080 <nop,nop,timestamp 1834401949 57653959> (DF) [tos 0x10] 09:48:05.532054 192.168.0.4.50341 > ip240.cactuscom.com.ftp: P 23:29(6) ack 115 win 34080 <nop,nop,timestamp 1834401949 57653981> (DF) [tos 0x10] 09:48:05.588781 192.168.0.4.50341 > ip240.cactuscom.com.ftp: P 29:35(6) ack 143 win 34080 <nop,nop,timestamp 1834401950 57653982> (DF) [tos 0x10] 09:48:05.645333 192.168.0.4.50341 > ip240.cactuscom.com.ftp: P 35:40(5) ack 179 win 34080 <nop,nop,timestamp 1834401950 57653983> (DF) [tos 0x10] 09:48:05.851229 192.168.0.4.50341 > ip240.cactuscom.com.ftp: . ack 216 win 34080 <nop,nop,timestamp 1834401950 57653983> (DF) [tos 0x10] 09:48:11.849302 192.168.0.4.50341 > ip240.cactuscom.com.ftp: P 40:46(6) ack 216 win 34080 <nop,nop,timestamp 1834401962 57653983> (DF) [tos 0x10] 09:48:44.554440 192.168.0.4.50342 > ip240.cactuscom.com.ndm-server: S 1196261009:1196261009(0) win 32768 <mss 1460> (DF)57654045> (DF) [tos 0x10] 09:49:08.556588 192.168.0.4.50342 > ip240.cactuscom.com.ndm-server: S 1196261009:1196261009(0) win 32768 <mss 1460> (DF)scale 0,nop,nop,timestamp 1834401962 0> (DF) 09:49:26.558718 192.168.0.4.50341 > ip240.cactuscom.com.ftp: P 52:78(26) ack 302 win 34080 <nop,nop,timestamp 1834402112 57654046> (DF) [tos 0x10] 09:49:28.058421 192.168.0.4.50341 > ip240.cactuscom.com.ftp: P 52:78(26) ack 302 win 34080 <nop,nop,timestamp 1834402114 57654046> (DF) [tos 0x10] 834401967 0> (DF) 09:49:31.058782 192.168.0.4.50341 > ip240.cactuscom.com.ftp: P 52:78(26) ack 302 win 34080 <nop,nop,timestamp 1834402120 57654046> (DF) [tos 0x10] 834401973 0> (DF) 09:49:37.059310 192.168.0.4.50341 > ip240.cactuscom.com.ftp: P 52:78(26) ack 302 win 34080 <nop,nop,timestamp 1834402132 57654046> (DF) [tos 0x10] 09:49:49.060358 192.168.0.4.50341 > ip240.cactuscom.com.ftp: P 52:78(26) ack 302 win 34080 <nop,nop,timestamp 1834402156 57654046> (DF) [tos 0x10] 09:50:13.062456 192.168.0.4.50341 > ip240.cactuscom.com.ftp: P 52:78(26) ack 302 win 34080 <nop,nop,timestamp 1834402204 57654046> (DF) [tos 0x10] 09:50:26.560492 192.168.0.4.50341 > ip240.cactuscom.com.ftp: F 78:78(0) ack 302 win 34080 <nop,nop,timestamp 1834402231 57654046> (DF) [tos 0x10] 09:50:45.065560 192.168.0.4.50341 > ip240.cactuscom.com.ftp: FP 52:78(26) ack 302 win 34080 <nop,nop,timestamp 1834402268 57655392> (DF) [tos 0x10] 09:51:49.071478 192.168.0.4.50341 > ip240.cactuscom.com.ftp: FP 52:78(26) ack 302 win 34080 <nop,nop,timestamp 1834402396 57655392> (DF) [tos 0x10] ----------------------- Voila Regards, Eric a.k.a. TaKeo |
Somebody using a Linux box is having the same problem at :
http://www.linuxquestions.org/questi...003/03/1/48062 Regards, Eric a.k.a. TaKeo |
Interesting that a linux users is seeing the same thing, may be another indication it is firewall or something.
I see that your box is trying to open a connection to the second port on the server, but it does not look like it is happening. I should asked you to do this the first time, but can you repeat that tcp dump with: Code:
sudo tcpdump host ftp.seguinlabelle.comEdit: corrected command line |
Damn, just when I think I understand something, it comes back and bites me. The trace of mine below seems to show that my system tries to open a port to the server (server port 1942), probably times out, and then I see the server open a port back to me(59227 !) which should not happen due to my router.
Code:
08:57:14.129917 strider.59223 > ip240.cactuscom.com.1942: S 2102151341:2102151341(0) win 65535 <mss 1452> (DF) |
OK, apparently my router realizes that this is an active outbound ftp connection and allows the server's connection back in.
TaKeo, maybe your router (or your clients) do not do this (but why does OS9 work)? It still might be worth seeing the tcpdump of traffic in both directions. I must admit I was surprised mine did this. I really expected an active connection to fail for me. Quote:
|
Here's what i got by doing
------------------- % sudo tcpdump host ftp.seguinlabelle.com Password: tcpdump: listening on en0 08:25:46.250576 192.168.0.4.52430 > ip240.cactuscom.com.ftp: S 3492907941:3492907941(0) win 32768 <mss 1460,nop,wscale 0,nop,nop,timestamp 1834564864 0> (DF) 08:25:46.299424 ip240.cactuscom.com.ftp > 192.168.0.4.52430: S 1991559605:1991559605(0) ack 3492907942 win 64240 <mss 1432,nop,wscale 0,nop,nop,timestamp 0 0> (DF) 08:25:46.299485 192.168.0.4.52430 > ip240.cactuscom.com.ftp: . ack 1 win 34080 <nop,nop,timestamp 1834564864 0> (DF) 08:25:46.349803 ip240.cactuscom.com.ftp > 192.168.0.4.52430: P 1:52(51) ack 1 win 64240 <nop,nop,timestamp 58468550 1834564864> (DF) 08:25:46.483350 192.168.0.4.52430 > ip240.cactuscom.com.ftp: . ack 52 win 34080 <nop,nop,timestamp 1834564864 58468550> (DF) [tos 0x10] 08:25:51.844281 192.168.0.4.52430 > ip240.cactuscom.com.ftp: P 1:14(13) ack 52 win 34080 <nop,nop,timestamp 1834564875 58468550> (DF) [tos 0x10] 08:25:51.893688 ip240.cactuscom.com.ftp > 192.168.0.4.52430: P 52:87(35) ack 14 win 64227 <nop,nop,timestamp 58468605 1834564875> (DF) 08:25:52.083795 192.168.0.4.52430 > ip240.cactuscom.com.ftp: . ack 87 win 34080 <nop,nop,timestamp 1834564875 58468605> (DF) [tos 0x10] 08:25:53.180616 192.168.0.4.52430 > ip240.cactuscom.com.ftp: P 14:24(10) ack 87 win 34080 <nop,nop,timestamp 1834564878 58468605> (DF) [tos 0x10] 08:25:53.247500 ip240.cactuscom.com.ftp > 192.168.0.4.52430: P 87:115(28) ack 24 win 64217 <nop,nop,timestamp 58468619 1834564878> (DF) 08:25:53.248717 192.168.0.4.52430 > ip240.cactuscom.com.ftp: P 24:30(6) ack 115 win 34080 <nop,nop,timestamp 1834564878 58468619> (DF) [tos 0x10] 08:25:53.302550 ip240.cactuscom.com.ftp > 192.168.0.4.52430: P 115:143(28) ack 30 win 64211 <nop,nop,timestamp 58468620 1834564878> (DF) 08:25:53.304354 192.168.0.4.52430 > ip240.cactuscom.com.ftp: P 30:36(6) ack 143 win 34080 <nop,nop,timestamp 1834564878 58468620> (DF) [tos 0x10] 08:25:53.353697 ip240.cactuscom.com.ftp > 192.168.0.4.52430: P 143:179(36) ack 36 win 64205 <nop,nop,timestamp 58468620 1834564878> (DF) 08:25:53.355127 192.168.0.4.52430 > ip240.cactuscom.com.ftp: P 36:41(5) ack 179 win 34080 <nop,nop,timestamp 1834564878 58468620> (DF) [tos 0x10] 08:25:53.404732 ip240.cactuscom.com.ftp > 192.168.0.4.52430: P 179:216(37) ack 41 win 64200 <nop,nop,timestamp 58468621 1834564878> (DF) 08:25:53.484023 192.168.0.4.52430 > ip240.cactuscom.com.ftp: . ack 216 win 34080 <nop,nop,timestamp 1834564878 58468621> (DF) [tos 0x10] 08:26:01.205011 192.168.0.4.52430 > ip240.cactuscom.com.ftp: P 41:47(6) ack 216 win 34080 <nop,nop,timestamp 1834564894 58468621> (DF) [tos 0x10] 08:26:01.254114 ip240.cactuscom.com.ftp > 192.168.0.4.52430: P 216:252(36) ack 47 win 64194 <nop,nop,timestamp 58468699 1834564894> (DF) 08:26:01.260382 192.168.0.4.52430 > ip240.cactuscom.com.ftp: P 47:53(6) ack 252 win 34080 <nop,nop,timestamp 1834564894 58468699> (DF) [tos 0x10] 08:26:01.309957 ip240.cactuscom.com.ftp > 192.168.0.4.52430: P 252:303(51) ack 53 win 64188 <nop,nop,timestamp 58468700 1834564894> (DF) 08:26:01.313537 192.168.0.4.52431 > ip240.cactuscom.com.2159: S 3102587044:3102587044(0) win 32768 <mss 1460,nop,wscale 0,nop,nop,timestamp 1834564894 0> (DF) 08:26:01.484565 192.168.0.4.52430 > ip240.cactuscom.com.ftp: . ack 303 win 34080 <nop,nop,timestamp 1834564894 58468700> (DF) [tos 0x10] 08:26:04.088135 192.168.0.4.52431 > ip240.cactuscom.com.2159: S 3102587044:3102587044(0) win 32768 <mss 1460,nop,wscale 0,nop,nop,timestamp 1834564899 0> (DF) 08:26:07.088352 192.168.0.4.52431 > ip240.cactuscom.com.2159: S 3102587044:3102587044(0) win 32768 <mss 1460,nop,wscale 0,nop,nop,timestamp 1834564905 0> (DF) 08:26:10.088522 192.168.0.4.52431 > ip240.cactuscom.com.2159: S 3102587044:3102587044(0) win 32768 <mss 1460> (DF) 08:26:13.088676 192.168.0.4.52431 > ip240.cactuscom.com.2159: S 3102587044:3102587044(0) win 32768 <mss 1460> (DF) 08:26:16.088847 192.168.0.4.52431 > ip240.cactuscom.com.2159: S 3102587044:3102587044(0) win 32768 <mss 1460> (DF) 08:26:22.089235 192.168.0.4.52431 > ip240.cactuscom.com.2159: S 3102587044:3102587044(0) win 32768 <mss 1460> (DF) 08:26:34.089631 192.168.0.4.52431 > ip240.cactuscom.com.2159: S 3102587044:3102587044(0) win 32768 <mss 1460> (DF) 08:26:58.090452 192.168.0.4.52431 > ip240.cactuscom.com.2159: S 3102587044:3102587044(0) win 32768 <mss 1460> (DF) 08:27:16.091206 192.168.0.4.52430 > ip240.cactuscom.com.ftp: P 53:79(26) ack 303 win 34080 <nop,nop,timestamp 1834565044 58468700> (DF) [tos 0x10] 08:27:17.591019 192.168.0.4.52430 > ip240.cactuscom.com.ftp: P 53:79(26) ack 303 win 34080 <nop,nop,timestamp 1834565046 58468700> (DF) [tos 0x10] 08:27:20.591171 192.168.0.4.52430 > ip240.cactuscom.com.ftp: P 53:79(26) ack 303 win 34080 <nop,nop,timestamp 1834565052 58468700> (DF) [tos 0x10] 08:27:26.591495 192.168.0.4.52430 > ip240.cactuscom.com.ftp: P 53:79(26) ack 303 win 34080 <nop,nop,timestamp 1834565064 58468700> (DF) [tos 0x10] 08:27:38.591866 192.168.0.4.52430 > ip240.cactuscom.com.ftp: P 53:79(26) ack 303 win 34080 <nop,nop,timestamp 1834565088 58468700> (DF) [tos 0x10] 08:28:02.592603 192.168.0.4.52430 > ip240.cactuscom.com.ftp: P 53:79(26) ack 303 win 34080 <nop,nop,timestamp 1834565136 58468700> (DF) [tos 0x10] 08:28:16.090486 192.168.0.4.52430 > ip240.cactuscom.com.ftp: F 79:79(0) ack 303 win 34080 <nop,nop,timestamp 1834565163 58468700> (DF) [tos 0x10] 08:28:16.138659 ip240.cactuscom.com.ftp > 192.168.0.4.52430: . ack 53 win 64188 <nop,nop,timestamp 58470048 1834564894> (DF) 08:28:34.593517 192.168.0.4.52430 > ip240.cactuscom.com.ftp: FP 53:79(26) ack 303 win 34080 <nop,nop,timestamp 1834565200 58470048> (DF) [tos 0x10] -------------------- Just a reminder, somebody else from the office can't also connect to our ftp server. No firewall, no router. Straight connection. Something weird here... other than that...well i love Jaguar, can't wait for Panther :) Eric a.k.a. TaKeo |
Hi TaKeo
I do not see any packets coming back from the server trying to open a data connection to your machine Code:
Originally posted by TaKeo Code:
08:57:26.131393 strider.59223 > ip240.cactuscom.com.1942: S 2102151341:2102151341(0) win 65535 <mss 1452> (DF)Quote:
|
| All times are GMT -5. The time now is 07:41 PM. |
Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.
Site design © IDG Consumer & SMB; individuals retain copyright of their postings
but consent to the possible use of their material in other areas of IDG Consumer & SMB.