Opened 21 years ago
Last modified 21 years ago
#1934 closed Feature request
FileZilla Client - PASV Mode remote port range specifier
Reported by: | anonymous | Owned by: | |
---|---|---|---|
Priority: | normal | Component: | Other |
Keywords: | Cc: | Tim Kosse | |
Component version: | Operating system type: | ||
Operating system version: |
Description
Given the fact that most users are behind some sort of
firewall or NAT setup, they are left with Passive mode
for FTP transfers. If the server itself is also behind
a NAT or firewall, then this causes major problems with
Passive mode as well unless you want to put the server
in a "DMZ." A sure-fire method of fixing this while
still keeping both client and server behind firewalls
is to only allow a fixed number data channel ports to
be forwarded/unfiltered to the server while keeping it
firewalled/NAT'd and out of the DMZ. The server
administrator could configure however many ports they
wish, but then the client software also needs to be
aware of the exact remote ports that are being
forwarded so that the ports will not be blocked when
building the data channel.
This feature would only apply to the clients when in
Passive mode. It would also only apply to the remote
port relative to the client, not the locals one. A
configurable range would be great, it would also be
advisable to have it site specific, not global, since
different sites may use different firewall rules.
Hosting an FTP server behind a firewall/NAT device has
always been a pain in the ass. This functionality
would make it much easier for both the admin and
client. Thanks.
John Urbanek
jurbanek AT uwm DOT edu
Change History (2)
comment:1 by , 21 years ago
comment:2 by , 21 years ago
This feature has already been implemented in both FileZilla
and FileZilla Server. You can specify which ports to use in
passive mode.
Logged In: NO
This is John, author of the above feature request. After
spending time researching this problem and solution further
(and reading more about PASV mode FTP) this feature request
should be ignored. The functionality required to fulfill my
request should (and is) be implemented in the FTP server
itself. I apologize for requesting a feature when I did not
have a true understanding of the problem at hand.
Like mentioned earlier, this functionality is best left to
the FTP server itself (Pure FTP supports this for example).
Ignore my above request.
Thanks.
John Urbanek
jurbanek AT uwm DOT edu