{"id":197,"date":"2020-06-13T19:49:10","date_gmt":"2020-06-13T18:49:10","guid":{"rendered":"https:\/\/blog.thomarite.uk\/?p=197"},"modified":"2020-06-13T19:49:10","modified_gmt":"2020-06-13T18:49:10","slug":"ftp-passive","status":"publish","type":"post","link":"https:\/\/blog.thomarite.uk\/index.php\/2020\/06\/13\/ftp-passive\/","title":{"rendered":"FTP Passive"},"content":{"rendered":"\n

I have a supplier at my employer that requires to use a FTP server to send big files when you open a support ticket. For a long time (a couple of years) whenever I had to upload big files, I had to use my personal VM because my ftp connections failed from the office. I always blamed the super-smart firewall.<\/p>\n\n\n\n

One day, I decided to fix the issue and allow the connection in our corporate firewall. I failed. Still couldnt upload files from the office. So keep using my personal VM.<\/p>\n\n\n\n

This week I had to upload again a big file. This time I am working from home, so pretty much it is going to work the upload. Wrong! It fails. Ok, I checked a bit and got to the conclusion that it is my ISP or modem at home that is blocking FTP. Most ISP use CGN<\/a> to stretch as much as possible the limited IPv4. I have IPv6 at home and my VM has IPv6 too… but the ftp server doesnt.<\/p>\n\n\n\n

I checked the internet if there was any know issue with my ISP and FTP connections. No luck. I connected to my modem, nothing obvious messing around with FTP.<\/p>\n\n\n\n

I decided to give it a proper go to this issue. I knew that it worked from my VM and it didnt from home. I noticed that I was running the same ftp client version in the VM and at home. So let’s debug the ftp client and take a packet capture in both locations.<\/p>\n\n\n\n

CLI from the VM:<\/p>\n\n\n\n

$ ftp -vd b.b.b.b\nftp: setsockopt: Bad file descriptor\nName: ftp\n---> USER ftp\n331 Please specify the password.\nPassword:\n---> PASS XXXX\n230 Login successful.\n---> SYST\n215 UNIX Type: L8\nRemote system type is UNIX.\nUsing binary mode to transfer files.\nftp> cd support\n---> CWD support\n250 Directory successfully changed.\nftp> cd 211211\n---> CWD 211211\n250 Directory successfully changed.\nftp> put TEST.txt\nlocal: TEST.txt remote: TEST.txt\n---> TYPE I\n200 Switching to Binary mode.\nftp: setsockopt (ignored): Permission denied\n---> PORT a,a,a,a,162,57\n200 PORT command successful. Consider using PASV.\n---> STOR TEST.txt\n150 Ok to send data.\n226 Transfer complete.\n28 bytes sent in 0.00 secs (854.4922 kB\/s)\nftp> quit\n---> QUIT<\/pre>\n\n\n\n
And this is the packet capture:<\/p>\n\n\n\n
\"\"<\/figure>\n\n\n\n
After typing “put” in packet 33, I see a “PASV” message from the server and a new connection (initiated by the server!) is established for the data transfer. All good.<\/p>\n\n\n\n
So now, make the same from home and compare.<\/p>\n\n\n\n
CLI from home without debug:<\/p>\n\n\n\n
$ ftp b.b.b.b\nConnected to b.b.b.b.\nName: ftp\n331 Please specify the password.\nPassword:\n230 Login successful.\nRemote system type is UNIX.\nUsing binary mode to transfer files.\nftp> cd support\n250 Directory successfully changed.\nftp> cd 211211\n250 Directory successfully changed.\nftp> put TEST.txt\nlocal: TEST.txt remote: TEST.txt\n500 Illegal PORT command.\nftp: bind: Address already in use\nftp> quit\n221 Goodbye.<\/pre>\n\n\n\n
CLI from home with debug:<\/p>\n\n\n\n
$ ftp -vd b.b.b.b\nftp: setsockopt: Bad file descriptor\nName: ftp\n---> USER ftp\n331 Please specify the password.\nPassword:\n---> PASS XXXX\n230 Login successful.\n---> SYST\n215 UNIX Type: L8\nRemote system type is UNIX.\nUsing binary mode to transfer files.\nftp> cd support\n---> CWD support\n250 Directory successfully changed.\nftp> cd 211211\n---> CWD 211211\n250 Directory successfully changed.\nftp> put TEST.txt\nlocal: TEST.txt remote: TEST.txt\n---> TYPE I\n200 Switching to Binary mode.\nftp: setsockopt (ignored): Permission denied\n---> PORT 192,168,1,158,202,145\n500 Illegal PORT command.\nftp: bind: Address already in use\nftp> quit\n---> QUIT\n221 Goodbye.<\/pre>\n\n\n\n
So with and without debug I keep seeing “ftp: bind: Address already in use”…..<\/p>\n\n\n\n
And this is the packet capture from home:<\/p>\n\n\n\n
\"\"<\/figure>\n\n\n\n
So after I type “put” in packet 32, the answer from the server is a “500”.<\/p>\n\n\n\n
I wasnt clearly paying attention to the clues. I was still banging my head why the server was sending a “500 Ilegal PORT command”.<\/p>\n\n\n\n
I was comparing both captures and both debug outputs… but still didnt it.<\/p>\n\n\n\n
I thought I understood FTP. I knew that you use port TCP 21 to establish the control session and the data session \/ transfer is via new TCP session using a random port. That’s one of the reasons that using NAT or CGN can screw up your FTP sessions.<\/p>\n\n\n\n
So I assumed that the issues wasnt my ISP. So it had to be my side (or me).<\/p>\n\n\n\n
So finally, I decided to search for “ftp: bind: Address already in use” as it was the message that came up with and without debugging.<\/p>\n\n\n\n
Oh boy, first entry in the face!<\/p>\n\n\n\n
https:\/\/www.linuxquestions.org\/questions\/linux-distributions-5\/problems-with-ftp-server-bind-address-allready-in-use-213509\/<\/a><\/p>\n\n\n\n
An entry from 2004…. it can’t fix my problem for sure…. keep reading and update from 2020… it says it works…. oh boy II<\/p>\n\n\n\n
try using a passive connection with \"ftp -p\" instead, see if it helps...<\/pre>\n\n\n\n
There we go:<\/p>\n\n\n\n
$ ftp -vdp b.b.b.b\nftp: setsockopt: Bad file descriptor\nName: ftp\n---> USER ftp\n331 Please specify the password.\nPassword:\n---> PASS XXXX\n230 Login successful.\n---> SYST\n215 UNIX Type: L8\nRemote system type is UNIX.\nUsing binary mode to transfer files.\nftp> cd support\n---> CWD support\n250 Directory successfully changed.\nftp> cd 211211\n---> CWD 211211\n250 Directory successfully changed.\nftp> put TEST.txt\nlocal: TEST.txt remote: TEST.txt\n---> TYPE I\n200 Switching to Binary mode.\nftp: setsockopt (ignored): Permission denied\n---> PASV\n227 Entering Passive Mode (b,b,b,b,46,248).\n---> STOR TEST.txt\n150 Ok to send data.\n226 Transfer complete.\n26 bytes sent in 0.00 secs (12.5386 kB\/s)\nftp> quit\n---> QUIT\n221 Goodbye.<\/pre>\n\n\n\n
it worked !!!<\/p>\n\n\n\n
\"\"<\/figure>\n\n\n\n
I felt embarrassed.  Time to search for FTP passive vs active…<\/p>\n\n\n\n
\n
What is the Difference Between Active and Passive FTP?<\/a><\/blockquote>