Thanks for the detailed analysis, Michael.
On 2/5/11 3:16:18 PM, Michael Wood wrote:
Have you tried "--ftp-port -" with the servers you need to talk to?
Are you always running this from the same client or are multiple
clients involved? If multiple clients are involved, then the firewall
on the client becomes more important when using --ftp-port, because
the server will have to make a connection back to the client and the
client's firewall might not allow the incoming connection from the
server.
Yes, I did try active mode ("--ftp-port -") just in case, and it didn't
work with the servers that dislike EPSV. It just gets to this point and
hangs there:
* Connect data stream actively
> TYPE A
< 200 TYPE is now ASCII
> LIST
I did some research and it's a known issue with the active mode.
Anyway I thought that active mode is a thing of the past and used very
rarely (that's at least my experience). Some 3 years ago I worked at a
large Canadian ad agency and we had over a thousand FTP destinations
(publications, service providers etc.), and only 2 or 3 required active
mode. With the current project I only heard about one site that required
active mode in the last 2 years.
That's also why I doubt that other FTP clients use active mode. As far
as I understand, passive mode is the widely accepted default.
I LOVE curl, but obviously I want to understand why I can't achieve
something that other FTP clients can - and if I can achieve this, then what
am I doing wrong?
Well in order to answer that question, it is necessary to find out
what these other FTP clients are doing differently. Perhaps you can
capture the network traffic between the client and server when running
these other FTP clients and use Wireshark to see what they do
differently from libcurl.
Here's two Cyberduck logs for the servers I described before. Cyberduck
connects to both of them instantly.
Do these logs help understanding anything?
1. This server doesn't like EPSV:
220 FTP Server 205 ready.
FEAT
211-Features:
EPRT
EPSV
MDTM
PASV
REST STREAM
SIZE
TVFS
211 End
USER FBISP
331 Please specify the password.
PASS ********
230 Login successful.
PWD
257 "/"
NOOP
200 NOOP ok.
SYST
215 UNIX Type: L8
STAT /
213-Status follows:
-rw-r--r-- 1 ftp ftp 283240 Nov 20 17:02
.pureftpd-upload.4ce7eeed.15.245f.5858c934
drwxr-xr-x 2 ftp ftp 1024 Feb 06 06:30
starpress_ball_des_sports
213 End of status
2. This server only likes EPSV and dislikes PASV:
220 ----------------------- xeen3d -------------------------
FEAT
211-Extended features supported:
LANG EN*
UTF8
AUTH TLS;TLS-C;SSL;TLS-P;
PBSZ
PROT C;P;
CCC
HOST
SIZE
MDTM
REST STREAM
211 END
USER ftptest
331 Password required for ftptest.
PASS ********
230-Welcome to xeen3d FTP Server
Directory has 28,280,451,072 bytes of disk space available.
230 User logged in.
OPTS UTF8 ON
200 OPTS UTF8 command successful - UTF8 encoding now ON.
PWD
257 "/" is current directory.
NOOP
200 NOOP command successful.
SYST
215 Windows_NT
STAT /
213-status of /:
drwxrwxrwx 1 owner group 0 Dec 11 2010
aspnet_client
-rwxrwxrwx 1 owner group 76464 Dec 8 2008
nosferatu.php
-rwxrwxrwx 1 owner group 930 Jan 3 0:10 web.config
213 End of status.
As a last test, I tried to connect with Firefox, and it could not
connect to the site that requires EPSV - which makes me think that
whatever FTP engine Firefox uses, it has EPSV disabled by default.
You could try contacting the people who look after the network where
each server lives and convince them that there is a problem and hope
they fix it. You could also try using --ftp-port and see if that
helps. Otherwise you could build up a list of known servers and the
options that are known to work with them and then be prepared to
update that list when things change. You could perhaps update the
list automatically if you detect a timeout with EPSV for a particular
server and that PASV works for example
Am I missing something? (BTW, the same question applies to
choosing between passive and active mode).
Indeed :)
Thanks - so at this point, I think that I'll just do this:
-Disable EPSV by default: it looks like it will work in almost all cases.
-Hardcode that one site that requires EPSV and the one that requires
active mode.
Not very elegant, but if it works for now...
I may also add a pop-up menu with 3 connection mode choices:
Default
Passive (EPSV)
Active
and advise users to try to change the mode if the connection could not
be established.
But still I'm curious if those Cyberduck logs help understand how it
connects to both sites seemingly automatically?
Thanks,
Leo
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
