Re: [gentoo-user] setsockopt SO_DEBUG - ftp connection problems
On Tuesday 05 Jul 2011 20:50:55 Paul Hartman wrote: > On Tue, Jul 5, 2011 at 2:34 PM, Mick wrote: > > On Tuesday 05 Jul 2011 19:42:53 Paul Hartman wrote: > >> On Tue, Jul 5, 2011 at 6:58 AM, Mick wrote: > >> > 200 Switching to ASCII mode. > >> > tnftp: setsockopt SO_DEBUG (ignored): Permission denied > >> > ---> EPSV > >> > 229 Entering Extended Passive Mode (|||62430|) > >> > 229 Entering Extended Passive Mode (|||62430|) > >> > >> Don't use EPSV, use PASV instead, hopefully that will work. > > > > I tried defining passive when in the session. It was in passive by > > default, so I had to toggle it back on again: > > > > got remotecwd as `/' > > ---> TYPE I > > 200 Switching to Binary mode. > > ftp> passive > > Passive mode: off; fallback to active mode: off. > > ftp> passive > > Passive mode: on; fallback to active mode: on. > > ftp> ls > > ---> TYPE A > > 200 Switching to ASCII mode. > > tnftp: setsockopt SO_DEBUG (ignored): Permission denied > > ---> EPSV > > 229 Entering Extended Passive Mode (|||9832|) > > 229 Entering Extended Passive Mode (|||9832|) > > > > How can I control it to not go into extended passive? > > > > PS. The server reports EPSV in its features, so I am not sure why it > > would not work with EPSV. > > FTP is the bastard protocol from hell. There are more ways it can go > wrong than right. :) Yes, I can attest to this! :@ > Firewalls especially love to silently rewrite FTP > commands and port mappings. It can be a real PITA to debug. So, even > if your client supports EPSV and your server supports EPSV, if > firewall/router in-between does not then it could still break things. I've turned off my machine's firewall thinking that all this passive/active malarkey was causing the problem, but couldn't do anything about the router's firewall. > Even if you wireshark the session on your computer, what you see may > not match what's being sent to the remote server, and vice-versa. > > Standard PASV mode is much more widely supported than EPSV mode, so > that's the line of thought that brought me to suggest trying that. > > I've never used tnftp but from the manpage I googled, it looks like > "epsv4 off " is the command to toggle EPSV off. YES! :-) That's what was causing the problem, it was EPSV. I assume that Konqueror switches it off and tnftp has it on by default. Thank you very much. -- Regards, Mick signature.asc Description: This is a digitally signed message part.
Re: [gentoo-user] setsockopt SO_DEBUG - ftp connection problems
On Tue, Jul 5, 2011 at 2:34 PM, Mick wrote: > On Tuesday 05 Jul 2011 19:42:53 Paul Hartman wrote: >> On Tue, Jul 5, 2011 at 6:58 AM, Mick wrote: >> > 200 Switching to ASCII mode. >> > tnftp: setsockopt SO_DEBUG (ignored): Permission denied >> > ---> EPSV >> > 229 Entering Extended Passive Mode (|||62430|) >> > 229 Entering Extended Passive Mode (|||62430|) >> >> Don't use EPSV, use PASV instead, hopefully that will work. > > I tried defining passive when in the session. It was in passive by default, > so I had to toggle it back on again: > > got remotecwd as `/' > ---> TYPE I > 200 Switching to Binary mode. > ftp> passive > Passive mode: off; fallback to active mode: off. > ftp> passive > Passive mode: on; fallback to active mode: on. > ftp> ls > ---> TYPE A > 200 Switching to ASCII mode. > tnftp: setsockopt SO_DEBUG (ignored): Permission denied > ---> EPSV > 229 Entering Extended Passive Mode (|||9832|) > 229 Entering Extended Passive Mode (|||9832|) > > How can I control it to not go into extended passive? > > PS. The server reports EPSV in its features, so I am not sure why it would not > work with EPSV. FTP is the bastard protocol from hell. There are more ways it can go wrong than right. :) Firewalls especially love to silently rewrite FTP commands and port mappings. It can be a real PITA to debug. So, even if your client supports EPSV and your server supports EPSV, if firewall/router in-between does not then it could still break things. Even if you wireshark the session on your computer, what you see may not match what's being sent to the remote server, and vice-versa. Standard PASV mode is much more widely supported than EPSV mode, so that's the line of thought that brought me to suggest trying that. I've never used tnftp but from the manpage I googled, it looks like "epsv4 off " is the command to toggle EPSV off.
Re: [gentoo-user] setsockopt SO_DEBUG - ftp connection problems
On Tuesday 05 Jul 2011 19:42:53 Paul Hartman wrote: > On Tue, Jul 5, 2011 at 6:58 AM, Mick wrote: > > 200 Switching to ASCII mode. > > tnftp: setsockopt SO_DEBUG (ignored): Permission denied > > ---> EPSV > > 229 Entering Extended Passive Mode (|||62430|) > > 229 Entering Extended Passive Mode (|||62430|) > > Don't use EPSV, use PASV instead, hopefully that will work. I tried defining passive when in the session. It was in passive by default, so I had to toggle it back on again: got remotecwd as `/' ---> TYPE I 200 Switching to Binary mode. ftp> passive Passive mode: off; fallback to active mode: off. ftp> passive Passive mode: on; fallback to active mode: on. ftp> ls ---> TYPE A 200 Switching to ASCII mode. tnftp: setsockopt SO_DEBUG (ignored): Permission denied ---> EPSV 229 Entering Extended Passive Mode (|||9832|) 229 Entering Extended Passive Mode (|||9832|) How can I control it to not go into extended passive? PS. The server reports EPSV in its features, so I am not sure why it would not work with EPSV. -- Regards, Mick signature.asc Description: This is a digitally signed message part.
Re: [gentoo-user] setsockopt SO_DEBUG - ftp connection problems
On Tue, Jul 5, 2011 at 6:58 AM, Mick wrote: > 200 Switching to ASCII mode. > tnftp: setsockopt SO_DEBUG (ignored): Permission denied > ---> EPSV > 229 Entering Extended Passive Mode (|||62430|) > 229 Entering Extended Passive Mode (|||62430|) Don't use EPSV, use PASV instead, hopefully that will work.
Re: [gentoo-user] setsockopt SO_DEBUG - ftp connection problems
On 07/05/2011 11:29 AM, Mick wrote: >> >> log_ftp_protocol >> > > Thanks Michael, where am I supposed to set this up? I do not have access to > the ftp server, or its logs. Oh. It would have gone in vsftpd.conf. Um, wireshark your FTP conversation?
Re: [gentoo-user] setsockopt SO_DEBUG - ftp connection problems
On Tuesday 05 Jul 2011 14:48:24 Michael Orlitzky wrote: > On 07/05/2011 07:58 AM, Mick wrote: > > If I try the same thing with Konqueror there is no problem, I login and > > Konqueror immediately lists the directory contents. How can I see what > > Konqueror's ftp client sends to and receives from the server? > > log_ftp_protocol > > When enabled, all FTP requests and responses are logged, providing > the option xferlog_std_format is not enabled. Useful for debugging. > > Default: NO Thanks Michael, where am I supposed to set this up? I do not have access to the ftp server, or its logs. -- Regards, Mick signature.asc Description: This is a digitally signed message part.
Re: [gentoo-user] setsockopt SO_DEBUG - ftp connection problems
On 07/05/2011 07:58 AM, Mick wrote: > > If I try the same thing with Konqueror there is no problem, I login and > Konqueror immediately lists the directory contents. How can I see what > Konqueror's ftp client sends to and receives from the server? log_ftp_protocol When enabled, all FTP requests and responses are logged, providing the option xferlog_std_format is not enabled. Useful for debugging. Default: NO