Re: [gentoo-user] setsockopt SO_DEBUG - ftp connection problems

2011-07-05 Thread Mick
On Tuesday 05 Jul 2011 20:50:55 Paul Hartman wrote:
> On Tue, Jul 5, 2011 at 2:34 PM, Mick  wrote:
> > On Tuesday 05 Jul 2011 19:42:53 Paul Hartman wrote:
> >> On Tue, Jul 5, 2011 at 6:58 AM, Mick  wrote:
> >> > 200 Switching to ASCII mode.
> >> > tnftp: setsockopt SO_DEBUG (ignored): Permission denied
> >> > ---> EPSV
> >> > 229 Entering Extended Passive Mode (|||62430|)
> >> > 229 Entering Extended Passive Mode (|||62430|)
> >> 
> >> Don't use EPSV, use PASV instead, hopefully that will work.
> > 
> > I tried defining passive when in the session.  It was in passive by
> > default, so I had to toggle it back on again:
> > 
> > got remotecwd as `/'
> > ---> TYPE I
> > 200 Switching to Binary mode.
> > ftp> passive
> > Passive mode: off; fallback to active mode: off.
> > ftp> passive
> > Passive mode: on; fallback to active mode: on.
> > ftp> ls
> > ---> TYPE A
> > 200 Switching to ASCII mode.
> > tnftp: setsockopt SO_DEBUG (ignored): Permission denied
> > ---> EPSV
> > 229 Entering Extended Passive Mode (|||9832|)
> > 229 Entering Extended Passive Mode (|||9832|)
> > 
> > How can I control it to not go into extended passive?
> > 
> > PS. The server reports EPSV in its features, so I am not sure why it
> > would not work with EPSV.
> 
> FTP is the bastard protocol from hell. There are more ways it can go
> wrong than right. :) 

Yes, I can attest to this!  :@

> Firewalls especially love to silently rewrite FTP
> commands and port mappings. It can be a real PITA to debug. So, even
> if your client supports EPSV and your server supports EPSV, if
> firewall/router in-between does not then it could still break things.

I've turned off my machine's firewall thinking that all this passive/active 
malarkey was causing the problem, but couldn't do anything about the router's 
firewall.


> Even if you wireshark the session on your computer, what you see may
> not match what's being sent to the remote server, and vice-versa.
> 
> Standard PASV mode is much more widely supported than EPSV mode, so
> that's the line of thought that brought me to suggest trying that.
> 
> I've never used tnftp but from the manpage I googled, it looks like
> "epsv4 off " is the command to toggle EPSV off.

YES!  :-)

That's what was causing the problem, it was EPSV.  I assume that Konqueror 
switches it off and tnftp has it on by default.

Thank you very much.
-- 
Regards,
Mick


signature.asc
Description: This is a digitally signed message part.


Re: [gentoo-user] setsockopt SO_DEBUG - ftp connection problems

2011-07-05 Thread Paul Hartman
On Tue, Jul 5, 2011 at 2:34 PM, Mick  wrote:
> On Tuesday 05 Jul 2011 19:42:53 Paul Hartman wrote:
>> On Tue, Jul 5, 2011 at 6:58 AM, Mick  wrote:
>> > 200 Switching to ASCII mode.
>> > tnftp: setsockopt SO_DEBUG (ignored): Permission denied
>> > ---> EPSV
>> > 229 Entering Extended Passive Mode (|||62430|)
>> > 229 Entering Extended Passive Mode (|||62430|)
>>
>> Don't use EPSV, use PASV instead, hopefully that will work.
>
> I tried defining passive when in the session.  It was in passive by default,
> so I had to toggle it back on again:
>
> got remotecwd as `/'
> ---> TYPE I
> 200 Switching to Binary mode.
> ftp> passive
> Passive mode: off; fallback to active mode: off.
> ftp> passive
> Passive mode: on; fallback to active mode: on.
> ftp> ls
> ---> TYPE A
> 200 Switching to ASCII mode.
> tnftp: setsockopt SO_DEBUG (ignored): Permission denied
> ---> EPSV
> 229 Entering Extended Passive Mode (|||9832|)
> 229 Entering Extended Passive Mode (|||9832|)
>
> How can I control it to not go into extended passive?
>
> PS. The server reports EPSV in its features, so I am not sure why it would not
> work with EPSV.

FTP is the bastard protocol from hell. There are more ways it can go
wrong than right. :) Firewalls especially love to silently rewrite FTP
commands and port mappings. It can be a real PITA to debug. So, even
if your client supports EPSV and your server supports EPSV, if
firewall/router in-between does not then it could still break things.
Even if you wireshark the session on your computer, what you see may
not match what's being sent to the remote server, and vice-versa.

Standard PASV mode is much more widely supported than EPSV mode, so
that's the line of thought that brought me to suggest trying that.

I've never used tnftp but from the manpage I googled, it looks like
"epsv4 off " is the command to toggle EPSV off.



Re: [gentoo-user] setsockopt SO_DEBUG - ftp connection problems

2011-07-05 Thread Mick
On Tuesday 05 Jul 2011 19:42:53 Paul Hartman wrote:
> On Tue, Jul 5, 2011 at 6:58 AM, Mick  wrote:
> > 200 Switching to ASCII mode.
> > tnftp: setsockopt SO_DEBUG (ignored): Permission denied
> > ---> EPSV
> > 229 Entering Extended Passive Mode (|||62430|)
> > 229 Entering Extended Passive Mode (|||62430|)
> 
> Don't use EPSV, use PASV instead, hopefully that will work.

I tried defining passive when in the session.  It was in passive by default, 
so I had to toggle it back on again:

got remotecwd as `/'
---> TYPE I
200 Switching to Binary mode.
ftp> passive
Passive mode: off; fallback to active mode: off.
ftp> passive
Passive mode: on; fallback to active mode: on.
ftp> ls
---> TYPE A
200 Switching to ASCII mode.
tnftp: setsockopt SO_DEBUG (ignored): Permission denied
---> EPSV
229 Entering Extended Passive Mode (|||9832|)
229 Entering Extended Passive Mode (|||9832|)

How can I control it to not go into extended passive?

PS. The server reports EPSV in its features, so I am not sure why it would not 
work with EPSV.
-- 
Regards,
Mick


signature.asc
Description: This is a digitally signed message part.


Re: [gentoo-user] setsockopt SO_DEBUG - ftp connection problems

2011-07-05 Thread Paul Hartman
On Tue, Jul 5, 2011 at 6:58 AM, Mick  wrote:
> 200 Switching to ASCII mode.
> tnftp: setsockopt SO_DEBUG (ignored): Permission denied
> ---> EPSV
> 229 Entering Extended Passive Mode (|||62430|)
> 229 Entering Extended Passive Mode (|||62430|)

Don't use EPSV, use PASV instead, hopefully that will work.



Re: [gentoo-user] setsockopt SO_DEBUG - ftp connection problems

2011-07-05 Thread Michael Orlitzky
On 07/05/2011 11:29 AM, Mick wrote:
>>
>> log_ftp_protocol
>>
> 
> Thanks Michael, where am I supposed to set this up?  I do not have access to 
> the ftp server, or its logs.

Oh. It would have gone in vsftpd.conf.

Um, wireshark your FTP conversation?



Re: [gentoo-user] setsockopt SO_DEBUG - ftp connection problems

2011-07-05 Thread Mick
On Tuesday 05 Jul 2011 14:48:24 Michael Orlitzky wrote:
> On 07/05/2011 07:58 AM, Mick wrote:
> > If I try the same thing with Konqueror there is no problem, I login and
> > Konqueror immediately lists the directory contents.  How can I see what
> > Konqueror's ftp client sends to and receives from the server?
> 
> log_ftp_protocol
> 
>   When enabled, all FTP requests and responses are logged, providing
>   the option xferlog_std_format is not enabled. Useful for debugging.
> 
>   Default: NO

Thanks Michael, where am I supposed to set this up?  I do not have access to 
the ftp server, or its logs.
-- 
Regards,
Mick


signature.asc
Description: This is a digitally signed message part.


Re: [gentoo-user] setsockopt SO_DEBUG - ftp connection problems

2011-07-05 Thread Michael Orlitzky
On 07/05/2011 07:58 AM, Mick wrote:
> 
> If I try the same thing with Konqueror there is no problem, I login and 
> Konqueror immediately lists the directory contents.  How can I see what 
> Konqueror's ftp client sends to and receives from the server?

log_ftp_protocol

  When enabled, all FTP requests and responses are logged, providing
  the option xferlog_std_format is not enabled. Useful for debugging.

  Default: NO