Opened 9 years ago

Closed 9 years ago

#10612 closed Bug report (rejected)

Fails to connect (retrieve directory listing) if Firewall is set above Minimum.

Reported by: Nikolai Petrovich Krakpotzky Owned by:
Priority: normal Component: FileZilla Client
Keywords: Fail to connect, Fail to retrieve directory listing, Firewall above Minimum Cc:
Component version: 3.12.0.2 Operating system type: Linux
Operating system version: 3.13.0-61-generic x86_64

Description

This has also happened on earlier versions.

Filezilla gives the message "Failed to retrieve directory listing" during connect. I can get around this by accessing my Cable Modem's Administrator function and changing my Firewall setting to "Minimum". I have to keep it at this level during the entire FileZilla session, through and including Disconnect.

Naturally, I do not appreciate having to leave myself vulnerable, even for a relatively short window. I'd prefer to keep the higher level set at all times.

The log, in its entirety, [minus the particulars of my site] reads:

Status:	Resolving address of [XXXXXXXXXX.XXX]
Status:	Connecting to [YY.YY.YY.YY]:21...
Status:	Connection established, waiting for welcome message...
Status:	Initializing TLS...
Status:	Verifying certificate...
Status:	TLS connection established.
Status:	Connected
Status:	Retrieving directory listing...
Command:	PWD
Response:	257 "/" is your current location
Command:	TYPE I
Response:	200 TYPE is now 8-bit binary
Command:	PASV
Response:	227 Entering Passive Mode ([YY,YY,YY,YY],197,52)
Command:	MLSD
Error:	Connection timed out after 20 seconds of inactivity
Error:	Failed to retrieve directory listing
Status:	Disconnected from server

... and it repeats once, except the second time, one line is different:

Command:	PASV
Response:	227 Entering Passive Mode ([YY,YY,YY,YY],197,46)

This is the only web-site to which I connect.

I do not know if this is a function of FileZilla in general, of my site in particular, or of my Site Manager configuration.

As to the latter, I do not have a Port specified. I don't know if the ":21..." refers to the default port, or what the ",197,52" or "197,46" means.

I would like to know if:
(a) Specifying a particular Port number will clear up this problem. (And, if so, what port number?)
(b) This is a "Bug" or a Feature",
and
(c) If the former, can it be fixed?

Thank you.

Change History (2)

comment:1 by Nikolai Petrovich Krakpotzky, 9 years ago

Here's the log with Debug Level 3 set:

Status:	Resolving address of [XXXXXXXXXX.XXX]
Status:	Connecting to [YY.YY.YY.YY]:21...
Status:	Connection established, waiting for welcome message...
Trace:	CFtpControlSocket::OnReceive()
Response:	220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
Response:	220-You are user number 13 of 500 allowed.
Response:	220-Local time is now 14:04. Server port: 21.
Response:	220-This is a private system - No anonymous login
Response:	220 You will be disconnected after 3 minutes of inactivity.
Trace:	CFtpControlSocket::SendNextCommand()
Command:	AUTH TLS
Trace:	CFtpControlSocket::OnReceive()
Response:	234 AUTH TLS OK.
Status:	Initializing TLS...
Trace:	CTlsSocket::Handshake()
Trace:	CTlsSocket::ContinueHandshake()
Trace:	CTlsSocket::ContinueHandshake()
Trace:	CTlsSocket::ContinueHandshake()
Trace:	TLS Handshake successful
Trace:	Protocol: TLS1.0, Key exchange: RSA, Cipher: AES-256-CBC, MAC: SHA1
Status:	Verifying certificate...
Status:	TLS connection established.
Trace:	CFtpControlSocket::SendNextCommand()
Command:	USER paktorbiz
Trace:	CFtpControlSocket::OnReceive()
Response:	331 User paktorbiz OK. Password required
Trace:	CFtpControlSocket::SendNextCommand()
Command:	PASS ************
Trace:	CFtpControlSocket::OnReceive()
Response:	230 OK. Current restricted directory is /
Trace:	CFtpControlSocket::SendNextCommand()
Command:	OPTS UTF8 ON
Trace:	CFtpControlSocket::OnReceive()
Response:	200 OK, UTF-8 enabled
Trace:	CFtpControlSocket::SendNextCommand()
Command:	PBSZ 0
Trace:	CFtpControlSocket::OnReceive()
Response:	200 PBSZ=0
Trace:	CFtpControlSocket::SendNextCommand()
Command:	PROT P
Trace:	CFtpControlSocket::OnReceive()
Response:	200 Data protection level set to "private"
Status:	Connected
Trace:	CFtpControlSocket::ResetOperation(0)
Trace:	CControlSocket::ResetOperation(0)
Trace:	Measured latency of 60 ms
Status:	Retrieving directory listing of "/"...
Trace:	CFtpControlSocket::SendNextCommand()
Trace:	CFtpControlSocket::ChangeDirSend()
Command:	CWD /
Trace:	CFtpControlSocket::OnReceive()
Response:	250 OK. Current directory is /
Trace:	CFtpControlSocket::SendNextCommand()
Trace:	CFtpControlSocket::ChangeDirSend()
Command:	PWD
Trace:	CFtpControlSocket::OnReceive()
Response:	257 "/" is your current location
Trace:	CFtpControlSocket::ResetOperation(0)
Trace:	CControlSocket::ResetOperation(0)
Trace:	CFtpControlSocket::ParseSubcommandResult(0)
Trace:	CFtpControlSocket::ListSubcommandResult()
Trace:	CFtpControlSocket::SendNextCommand()
Trace:	CFtpControlSocket::TransferSend()
Command:	TYPE I
Trace:	CFtpControlSocket::OnReceive()
Response:	200 TYPE is now 8-bit binary
Trace:	CFtpControlSocket::TransferParseResponse()
Trace:	CFtpControlSocket::SendNextCommand()
Trace:	CFtpControlSocket::TransferSend()
Command:	PASV
Trace:	CFtpControlSocket::OnReceive()
Response:	227 Entering Passive Mode ([YY,YY,YY,YY],196,249)
Trace:	CFtpControlSocket::TransferParseResponse()
Trace:	CFtpControlSocket::SendNextCommand()
Trace:	CFtpControlSocket::TransferSend()
Command:	MLSD
Error:	Connection timed out after 20 seconds of inactivity
Trace:	CFtpControlSocket::ResetOperation(2114)
Trace:	CControlSocket::ResetOperation(2114)
Trace:	CFtpControlSocket::ResetOperation(2114)
Trace:	CControlSocket::ResetOperation(2114)
Error:	Failed to retrieve directory listing
Status:	Disconnected from server

Version 0, edited 9 years ago by Nikolai Petrovich Krakpotzky (next)

comment:2 by Tim Kosse, 9 years ago

Resolution: rejected
Status: newclosed

Not a bug in FileZilla. As you said yourself, it works if you don't tell your firewall to disrupt too much common Internet functionality.

In other words, broken firewall, you should leave it disabled. Please contact your firewall vendor for assistance.

Note: See TracTickets for help on using tickets.