cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: FTP_IGNORE_PASSIV_IP

From: Dan Fandrich <dan_at_coneharvesters.com>
Date: Thu, 23 Sep 2004 17:42:38 -0700

On Thu, Sep 23, 2004 at 07:14:47PM -0400, ED_Hingsbergen_at_cisgi.com wrote:
>
> I don't understand how it's wildly misconfigured. Although I agree that it

The server is providing the wrong address to the client. That's a bug.

> would be best if the FTPS host was advertising the public IP address in the
> PASV response, that host has no reliable way of knowing what the public IP
> address is. Their FTPS server is reporting its actual (private) IP address,

There are a number of ways for the FTPS host to find out the public IP
address to which incoming connections should go. In this case, the address
may be static, or the FTPS host could use SOCKS or UPnP to connect to the
firewall and get the address that way.

> but the host is being accessed through the Internet via a NAT firewall. I
> agree it is a shortcoming of the server, but do you know of a server that
> has an option to report its IP address as something other than the host IP?

I don't know if any ftp servers that can actually cope with this kind of
network setup, but this arrangement seems a bit odd to me. There's no
technical reason an ftp server couldn't do this.

> (Not that the vendors whose sites I am accessing could or would change
> their server software)

Why bother when you can get the clients to work around your misconfiguration
for you?

> Thanks for the feedback!

Have you considered avoiding PASV mode in your application? If your machine
is not behind its own NAT firewall, you should be able to use an unmodified
curl to communicate.

>>> Dan

-- 
http://www.MoveAnnouncer.com              The web change of address service
          Let webmasters know that your web site has moved
Received on 2004-09-24