The last two numbers give the port information to the client so the client can connect back to the server for sending/receiving data. The actual port number is calculated using (256*n1) + n2. Of course, this is the standard syntax defined in the FTP protocol.
Regards, Sai Pullabhotla On Fri, Mar 12, 2010 at 8:21 AM, Aidan Diffey <[email protected]> wrote: > Just out of interest, what do the numbers mean in the line: > > *227 Entering Passive Mode (10,101,64,144,173,138)* > > I can see the 10 101 64 144 is the IP address of the server, but what about > the 173, 138 numbers? > > On Fri, Mar 12, 2010 at 2:07 PM, Aidan Diffey > <[email protected]>wrote: > >> Sorry, that IP tables entry should have been: >> >> >> *DNAT tcp -- anywhere anywhere tcp dpt:ftp >> to:10.101.64.144:10121 >> * >> >> >> >> On Fri, Mar 12, 2010 at 1:56 PM, Niklas Gustavsson >> <[email protected]>wrote: >> >>> On Fri, Mar 12, 2010 at 2:46 PM, Niklas Gustavsson <[email protected]> >>> wrote: >>> > In these case, are you really running behind iptables? Because, it >>> > struck me that since you map the ports, the client will try to connect >>> > to the server on 10120 since that's what the server told him to do in >>> > the response to the PASV command. He will not know to connect on port >>> > 20. >>> >>> That being said, we currently support providing an "external" IP >>> address for passive connection, for use when we're behind a NAT. But, >>> we do not support providing an "external" port, for this kind of use. >>> We surely could, if people are really interested in port mapping >>> passive connections. I doubt it is that useful, but who knows :-) >>> >>> /niklas >>> >> >> >
