Opened 21 years ago
Last modified 17 years ago
#2011 closed Feature request
Allow a specific range of ports to use for PASV connection
Reported by: | rickst29 | Owned by: | Alexander Schuch |
---|---|---|---|
Priority: | normal | Component: | FileZilla Client |
Keywords: | Cc: | rickst29, Alexander Schuch, twelvebaud | |
Component version: | Operating system type: | ||
Operating system version: |
Description
It seems that I must currently set my firewall to allow
outgoing connections on ANY port > 1024. Could we
please allow the user to specify a limited range of
ports for Filezilla Client to use, allowing the
firewall to be configured more tightly? Maybe the GUI
could be integrated with Feature Request 875817, also
related to PASV connections. And, my thanks for this
great software!
Change History (3)
comment:1 by , 21 years ago
comment:2 by , 17 years ago
Can you please be a little more specific?
As already mentioned, the FTP server commands the FTP client where to connect to (using passive mode) and expects the FTP client to connect to the given host address and port number in order to establish a transfer connection.
I am not much into firewalls myself, but I haven't seen a firewall which checks the source port of a connection - all firewalls I used only checked the target port (and host address).
If you are talking about active mode, FileZilla 3 can be configured to take the ports it uses from a given port range.
comment:3 by , 17 years ago
This Tracker item was closed automatically by the system. It was
previously set to a Pending status, and the original submitter
did not respond within 14 days (the time period specified by
the administrator of this Tracker).
Target ports on the target server are set by the server, not
the client. Also, for the local end of the connection, ports are
randomly given out by the OS. You would have to set your
firewall to allow outgoing connections on ANY port > 1024
anyway. In theory it is possible to request a specific local
port for outgoing connections, but it's much more difficult to
program, and is not available with any free WinSock
marshaller I know of and thus must be manually programmed.
If you have a software firewall, post the product name and
publisher and I'll see if I can disinter some documentation
about how to set settings per program, so you can keep your
other outgoing ports closed. I know for a fact that BlackIce
PC Defender by ISS does this.