ftp and firewall problems

Discussion in 'Mac OS X 10.3 (Panther) Discussion' started by madru, Nov 24, 2003.

Most Liked Posts
  1. madru, Nov 24, 2003

    madru macrumors member

    Joined:
    Jun 11, 2003
    Location:
    Wa
    #1
    I noticed that when I start an ftp session to remote machine (both machines running 10.3), I can login, but I can't do much else. For example, entering 'ls' results in the following message,

    229 Entering Extended Passive Mode (|||49364|)

    Then, machine just sits there. However, If you disable the firewall, everything works fine. This tells me that the firewall is filtering the traffic on those extended ports (1024-65535), even if I tick an entry 'FTP Access' in Sys pref -> sharing -> firewall and 'Use Passive FTP Mode' in Sys pref -> Networking -> proxies.

    What am I missing? Has anyone else experienced this problem? ~ Thanks.
     
    share
    + Quote Reply
  2. tomf87, Nov 25, 2003

    tomf87 macrumors 65816

    tomf87

    Joined:
    Sep 10, 2003
    #2
    A little bit about passive and active modes in FTP:

    Active mode is where the data connection (ls, get, put, etc.) is generated from the FTP server to the client.

    Passive mode is where the data connection is generated from the client to the server.

    Now, from my understanding, the firewall built into Mac OS X is not stateful, meaning that it doesn't really realize an FTP session is happening.

    So the firewall on the client machine tries to create a new data connection to the FTP server, and the firewall on the FTP server drops the packet, since it doesn't realize the new connection is legitimate and related to the other FTP connection.

    I assume you just disabled the firewall on the FTP server?
     
    share
    + Quote Reply
(You must log in or sign up to post here.)

Share This Page