Opened 6 months ago
#13100 new Bug report
Prefer EPSV mode over PASV
Reported by: | Fr0sT | Owned by: | |
---|---|---|---|
Priority: | normal | Component: | FileZilla Client |
Keywords: | Cc: | ||
Component version: | 3.67.0 | Operating system type: | Windows |
Operating system version: | 7 |
Description
Would be nice if FZ preferred EPSV command over PASV to handle complicated network setups where IP reported in answer to PASV could be incorrect.
Here's the log of trying to connect to a server (FZ 3.67.0 @ Windows => vsftpd 3.0.3 @ Debian)
15:51:10 Status: Connecting to 172.1.2.3:21... 15:51:10 Status: Connection established, waiting for welcome message... 15:51:10 Response: 220 Welcome to FTP service 15:51:10 Command: AUTH TLS 15:51:10 Response: 530 Please login with USER and PASS. 15:51:10 Command: AUTH SSL 15:51:10 Response: 530 Please login with USER and PASS. 15:51:10 Status: Insecure server, it does not support FTP over TLS. 15:51:10 Command: USER ftp 15:51:10 Response: 331 Please specify the password. 15:51:10 Command: PASS ********** 15:51:11 Response: 230 Login successful. 15:51:11 Command: SYST 15:51:11 Response: 215 UNIX Type: L8 15:51:11 Command: FEAT 15:51:11 Response: 211-Features: 15:51:11 Response: EPRT 15:51:11 Response: EPSV 15:51:11 Response: MDTM 15:51:11 Response: PASV 15:51:11 Response: REST STREAM 15:51:11 Response: SIZE 15:51:11 Response: TVFS 15:51:11 Response: 211 End 15:51:11 Status: Server does not support non-ASCII characters. 15:51:11 Status: Logged in 15:51:12 Status: Retrieving directory listing... 15:51:12 Command: PWD 15:51:12 Response: 257 "/" is the current directory 15:51:12 Command: TYPE I 15:51:12 Response: 200 Switching to Binary mode. 15:51:12 Command: PASV 15:51:12 Response: 227 Entering Passive Mode (172,17,0,2,39,156). 15:51:12 Command: LIST 15:51:22 Response: 425 Failed to establish connection.
Note that server reports another IP because of network config. This issue won't happen with EPSV command as the main IP would be used for data connection.
Any of these options would help:
- Always prefer EPSV over PASV
- Make it optional (server-level or app-level)
- Try EPSV if IP reported by PASV is unreachable
- Try IP of control channel if IP reported by PASV is unreachable (this, I guess, is cool option anyway because it could bypass many issues with improperly configured FTP servers)
Note:
See TracTickets
for help on using tickets.