FTP issue

Hi,

Normally i use SmartFTP for my FTP needs, but now and then i use the built in one from DO. There is one site I go to, that no matter what I try will never work with DO. The log is below. I set it to Explicit SSL on port 990, the same way it is configured in SmartFTP, yet nothing.

Any ideas where I am going wrong?

220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
220-You are user number 2 of 5 allowed.
220-Local time is now 13:52. Server port: 990.
220-This is a private system - No anonymous login
220 You will be disconnected after 15 minutes of inactivity.
234 AUTH TLS OK.
331 User fathertime OK. Password required
230-User fathertime has group access to: fatherti
230 OK. Current restricted directory is /
200 PBSZ=0
534 Fallback to [C]
215 UNIX Type: L8
211-Extensions supported:
EPRT
IDLE
MDTM
SIZE
REST STREAM
MLST type*;size*;sizd*;modify*;UNIX.mode*;UNIX.uid*;UNIX.gid*;unique*;
MLSD
TVFS
ESTP
PASV
EPSV
SPSV
ESTA
AUTH TLS
PBSZ
PROT
211 End.
200 TYPE is now 8-bit binary
257 "/" is your current location
500 I won't open a connection to 192.168.0.195 (only to 74.56.37.216)

Looks like you need to turn on passive (PASV) mode.

When I do that, i get the following:

Opening Connection www.fathertime.ws:990
220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
220-You are user number 1 of 5 allowed.
220-Local time is now 15:07. Server port: 990.
220-This is a private system - No anonymous login
220 You will be disconnected after 15 minutes of inactivity.
234 AUTH TLS OK.
331 User fathertime OK. Password required
230-User fathertime has group access to: fatherti
230 OK. Current restricted directory is /
200 PBSZ=0
534 Fallback to [C]
215 UNIX Type: L8
211-Extensions supported:
EPRT
IDLE
MDTM
SIZE
REST STREAM
MLST type*;size*;sizd*;modify*;UNIX.mode*;UNIX.uid*;UNIX.gid*;unique*;
MLSD
TVFS
ESTP
PASV
EPSV
SPSV
ESTA
AUTH TLS
PBSZ
PROT
211 End.
200 TYPE is now 8-bit binary
257 "/" is your current location
227 Entering Passive Mode (82,94,247,110,38,163)
150 Accepted data connection
RecvList() - [0] No Error
** WSA returns ERROR **
RecvList() - WSAECONNRESET: Connection reset by peer
FD_CLOSE - WSAECONNABORTED: Software caused connection abort
226-ASCII
226-Options: -a -F -l
226 8 matches total

Can you tell if SmartFTP is using PASV mode or not?

In your first log the error, I won't open a connection to 192.168.0.195 (only to 74.56.37.216), is because your PC is connected to the Internet through NAT and the computers IP address (192.168.0.195) only has meaning on the LAN while on the Internet it appears (through NAT) to be 74.56.37.216 (which is presumably a router or firewall). Even if Opus told the server the external IP address this would probably never work because the data connection would be made to the router/firewall which probably would not know what to do with it or which machine to forward it on to. (I'm not an expert at this so I might be wrong.)

In the second log the error seems to be that one of the machines (or a firewall between them) won't allow the connection to be made in that direction (or perhaps to the chosen port).

Maybe this is relevant?

jeanmatthieu.free.fr/pureftpd/doc/adv/rm/nf.html

I don't know whether or not Opus uses the newer EPSV command which confuses the firewall mentioned but if it does then that could explain it.

PASV is enabled in smartFTP.... Below is the log from SmartFTP

[07:27:57] 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
[07:27:57] 220-You are user number 1 of 5 allowed.
[07:27:57] 220-Local time is now 13:31. Server port: 990.
[07:27:57] 220-This is a private system - No anonymous login
[07:27:57] 220 You will be disconnected after 15 minutes of inactivity.
[07:27:57] AUTH TLS
[07:27:57] 234 AUTH TLS OK.
[07:27:57] Connected. Exchanging encryption keys...
[07:27:57] Session Cipher: 128 bit RC4
[07:27:57] TLS encrypted session established.
[07:27:57] PBSZ 0
[07:27:57] 200 PBSZ=0
[07:27:57] USER fathertime
[07:27:57] 331 User fathertime OK. Password required
[07:27:57] PASS (hidden)
[07:27:57] 230-User fathertime has group access to: fatherti
[07:27:58] 230 OK. Current restricted directory is /
[07:27:58] SYST
[07:27:58] 215 UNIX Type: L8
[07:27:58] Detected Server Type: UNIX
[07:27:58] FEAT
[07:27:58] 211-Extensions supported:
[07:27:58] EPRT
[07:27:58] IDLE
[07:27:58] MDTM
[07:27:58] SIZE
[07:27:58] REST STREAM
[07:27:58] MLST type*;size*;sizd*;modify*;UNIX.mode*;UNIX.uid*;UNIX.gid*;unique*;
[07:27:58] MLSD
[07:27:58] TVFS
[07:27:58] ESTP
[07:27:58] PASV
[07:27:58] EPSV
[07:27:58] SPSV
[07:27:58] ESTA
[07:27:58] AUTH TLS
[07:27:58] PBSZ
[07:27:58] PROT
[07:27:58] 211 End.
[07:27:58] Detected Server Software: PureFTPd
[07:27:58] PWD
[07:27:58] 257 "/" is your current location
[07:27:58] TYPE A
[07:27:58] 200 TYPE is now ASCII
[07:27:58] PROT P
[07:27:58] 534 Fallback to [C]
[07:27:58] PROT C
[07:27:59] 200 OK
[07:27:59] PASV
[07:27:59] 227 Entering Passive Mode (82,94,247,110,38,172)
[07:27:59] Opening data connection to 82.94.247.110 Port: 9900
[07:27:59] MLSD
[07:27:59] 150 Accepted data connection
[07:27:59] 322 bytes transferred. (2.88 KB/s) (109 ms)
[07:27:59] 226-Options: -l
[07:27:59] 226 3 matches total

In the FTP Address Book, on the Display tab, could you enable the Log: debug option and try to connect again in passive mode?

That should make Opus log the commands it sends to the server as well as the responses which will tell us if it's likely to be the EPSV issue.

here is the advanced logging as requested

220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
220-You are user number 1 of 5 allowed.
220-Local time is now 16:49. Server port: 990.
220-This is a private system - No anonymous login
220 You will be disconnected after 15 minutes of inactivity.
--> AUTH TLS
234 AUTH TLS OK.
Establishing SSL Ctrl Connection
TLS/SSL connection established.
[TLSv1/SSLv3, cipher AES256-SHA, 256 bits]
LB Enterprises
ftp.lb-enterprises.com
sysadmin@lb-enterprises.com
NL
Noord-Holland
Amsterdam
LB Enterprises
LB Enterprises
Valid From: 2005-1-20 12:48:2 To: 2005-2-19 12:48:2
--> USER fathertime
331 User fathertime OK. Password required
--> PASS ...
230-User fathertime has group access to: fatherti
230 OK. Current restricted directory is /
--> PBSZ 0
200 PBSZ=0
--> PROT P
534 Fallback to [C]
--> SYST
215 UNIX Type: L8
--> FEAT
211-Extensions supported:
EPRT
IDLE
MDTM
SIZE
REST STREAM
MLST type*;size*;sizd*;modify*;UNIX.mode*;UNIX.uid*;UNIX.gid*;unique*;
MLSD
TVFS
ESTP
PASV
EPSV
SPSV
ESTA
AUTH TLS
PBSZ
PROT
211 End.
--> TYPE I
200 TYPE is now 8-bit binary
--> PWD
257 "/" is your current location
--> PASV
227 Entering Passive Mode (82,94,247,110,38,166)
Waiting for Passive Data port connect
Starting SSL DATA connect
[DATA: TLSv1/SSLv3, cipher AES256-SHA, 256 bits]
SSL DATA connected
--> LIST -alF
150 Accepted data connection
RecvList() - [0] No Error
** WSA returns ERROR **
FD_CLOSE - WSAECONNABORTED: Software caused connection abort
226-ASCII
226-Options: -a -F -l
226 8 matches total

Doesn't look like the EPSV thing either then.

I've run out of ideas for things to try so I think you will need to report the problem to GPSoft and see what they can come up with. They may ask you if you can provide login details for the site as that could be the only way to work out what's going wrong.

Nudel,

I recall when I had CuteFTP Pro there had been an option called "clear data channel" that I had to enable to be able to connect to this particular site. However SmartFTP does not have this particular feature. I am not sure what that particular feature does.

FT

I don't know what that option does either. Let GPSoft know and hopefully they'll be able to get to the bottom of it.