Trouble with *some* PASV connections 3.0 Beta 12

Think you've found a bug in a BETA version of Cerberus FTP Server? Post a description here.
Locked
gubaba
New User
Posts: 3
Joined: Fri Jun 12, 2009 10:00 am

Trouble with *some* PASV connections 3.0 Beta 12

Post by gubaba » Mon Jun 15, 2009 11:30 am

Hello all,

I've been battling a number of sporadic and random seeming issues with the various betas of 3.0.0. Obviously some problems are to be expected from a beta, but lately it has been suffering from a couple of incredibly hard to track down/fix problems with PASV connections. The irritating part is that for one of the problems it works just fine for some people, but not for others using the exact same software to connect. My FTP server is running on a static IP. It is sitting behind a firewall, but all of the appropriate ports are opened, and it was working just fine before we hit some of these more recent betas.

The 2 main issues seem to be the following:

PASV Problem #1
"CoreFTP Lite" and "GetRight" do not seem to work with v12 Beta using PASV at all, even if I connect from the local network. Turning off PASV allows both to connect and download properly.

CoreFTP Lite results in the following log transaction:
31 User anonymous, password please
PASS **********
230 Password Ok, User logged in
SYST
215 UNIX Type: L8
Keep alive off...
CWD /
250 Change directory ok
PASV
227 Entering Passive Mode ( 75,77,XXX,XXX,7,86)
LIST command failed
Error loading directory...

GetRight results in the following log transaction on the server:
[69] Incoming connection request on interface 75.77.XXX.XXX
[69] Connection request accepted from 75.77.XXX.XXX
[69] USER anonymous
[69] 331 User anonymous, password please
[69] PASS ***********
[69] 230 Password Ok, User logged in
[69] Anonymous user 'anonymous' logged in with password 'getright@'
[69] SYST
[69] 215 UNIX Type: L8
[69] PWD
[69] 257 "/" is the current directory
[69] FEAT
[69] 211- Additional features supported include: MDTM MFCT MFMT SIZE REST STREAM AUTH TLS AUTH SSL PBSZ EPRT EPSV XCRC XSHA1 XMD5 PROT LANG EN* SITE CHMOD SITE PSWD SITE ZONE MLST Type*;Size*;Modify*;Create*; CLNT CSID RMDA UTF8 211 End
[69] HELP SITE
[69] 502 Unrecognized or unsupported command
[69] SIZE /Manuals-Other Products/sample.pdf
[69] 213 204049
[69] STAT /Manuals-Other%20Products/sample.pdf
[69] 502 Unrecognized or unsupported command
[69] QUIT
[69] Connection terminated.

PASV Problem #2
This problem is completely annoying. Basically PASV connections from some locations in this country and other countries fail using IE, Firefox, WSFTP, etc while connections from other locations work flawlessly. The only connecting theme seems to be PASV. Disabling PASV on the client side allows for a proper connection.

A sample log entry of the problem looks like this:
[52] Incoming connection request on interface 75.77.XXX.XXX
[52] Connection request accepted from 80.79.XXX.XXX
[52] USER anonymous
[52] 331 User anonymous, password please
[52] PASS ***********
[52] 230 Password Ok, User logged in
[52] Anonymous user 'anonymous' logged in with password 'IEUser@'
[52] TYPE I
[52] 200 Type Binary
[52] PASV
[52] 227 Entering Passive Mode ( 75,77,XXX,XXX,7,71)
[52] Error closing connection: An existing connection was forcibly closed by the remote host.
[52] Connection terminated.

Any help at all would be greatly appreciated! If you need more log files, or more information on my setup, let me know and I'll provide what I can.

--Dana Weaver

gubaba
New User
Posts: 3
Joined: Fri Jun 12, 2009 10:00 am

Re: Trouble with *some* PASV connections 3.0 Beta 12

Post by gubaba » Tue Jun 16, 2009 12:05 pm

A quick update to the problem...

Not completely helpful, as a lot of the mystery still remains, but a reboot of the external router and firewall seems to have fixed the PASV troubles. Why that was having an effect on local PASV connections via GetRight and CoreFTP Lite (but not IE, Firefox or WSFTP) is beyond me. Something weird is clearly going on in the beta that wasn't before, but I have no idea how to track it down beyond the info I've given. If there is anything you'd like from me to help figure this out, I'd be more than happy to provide it.

--Dana

gubaba
New User
Posts: 3
Joined: Fri Jun 12, 2009 10:00 am

Re: Trouble with *some* PASV connections 3.0 Beta 12

Post by gubaba » Wed Jun 17, 2009 9:49 am

Love replying to my own posts... I think I've figured out what was really causing all of this, and it looks like the router stuff was a partial red herring.

The "Auto Detect" setting under interfaces seems to result in the partial-working problem and the "Use different IP for PASV commands" setting doesn't seem to keep its setting if the software is restarted. Or, rather, more specifically it looks like it keeps its setting for the "default" interface, but not for any of the IP-specific interfaces. Since the default interface is always the one showing initially when you go to that tab, it's pretty easy to be fooled into thinking your settings were saved properly.

Now, why the "auto detect" setting doesn't seem to work properly with a static IP server would be another issue, I guess, but for now I can specify my own server's IP under "Use different IP for PASV commands" and it looks like it works properly.

--Dana

User avatar
Serin
Site Administrator
Posts: 1785
Joined: Sat Jan 01, 2005 6:57 pm
Location: United States
Contact:

Re: Trouble with *some* PASV connections 3.0 Beta 12

Post by Serin » Fri Jun 19, 2009 11:43 pm

Dana,

Thanks for the posts and troubleshooting work. We've had a few other users reporting similar, odd PASV mode issues and problems with interface settings not getting saved. We recently revamped much of that code and it looks like a bug or two slipped through. I'm going to spend some time this weekend nailing it all down and get a fix out as quickly as possible.

Locked