[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

AW: Ports in FTP-APIs

Hi Scott,

many thanks for these informations. Now many things are more clearly to me.
We use your programs successfully for some years and do not have basic
knowledge on that. This argues for the ease of use of your software - it's
also for dummies!

Kind regards, 

Werner Noll
Gesellschaft für Individual-Software mbH
Ludwigstrasse 9
D-63739 Aschaffenburg
Phone: +49-6021-299880
Fax: +49-6021-299882
e-mail: Werner.Noll@xxxxxxxxx
-----Ursprüngliche Nachricht-----
Von: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx
[mailto:ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx] Im Auftrag von Scott Klement
Gesendet: Freitag, 25. August 2006 18:04
An: HTTPAPI and FTPAPI Projects
Cc: ftpapi@xxxxxxxxxxxxx
Betreff: Re: Ports in FTP-APIs

> we do not specify the port parameter in FTP_Conn API, but I wonder why 
> the last 2 ports in the port list (seen in the job log) are always 
> different?

The ports used by the "PORT" command have nothing to do with the port 
number specified on the FTP_Conn() command.

FTP uses one TCP channel for the exchange of "commands".  That's what 
FTP_Conn() establishes.   Then every time data is transferred (i.e. when 
you do a GET, PUT, DIR or LIST operation) it opens up a new channel to 
transfer the data in.

The PORT Subcommand is for this data channel when in standard ("Active") 
FTP mode.

> e.g.: PORT 10,12,40,21,139,131
>        PORT 10,12,40,21,137,102
>        PORT 10,12,40,21,141,21
>        PORT 10,12,40,21,142,8
>
> Some firewalls restrict the port numbers and therefore we get sometimes
> errors, if an invalid port is used. Therefore my second question: Which
port
> of the port list will be actually used? Is it recommended to specify
certain
> ports in FTP_Conn parameter?

This isn't a list of ports.  Each PORT command specifies one IP address 
and one port.  Your examples above stand for:

"IP address 10.12.40.21 and port 18209"
"IP address 10.12.30.21 and port 13974"
"IP address 10.12.30.21 and port 2961"
"IP address 10.12.30.21 and port 1136"

The first 4 numbers in the PORT command are the 4 bytes that make up the 
IP Address.  The last 2 numbers are the 2 bytes that make up the port.

The server will create a connection from port 20 on the server side to 
whichever one of these ports is specified on the PORT command.  The 
correct way to configure a firewall is to allow incoming connections as 
long as they originate with port 20.  This is how you allow active FTP to 
work through a firewall.

If you're not willing to do that, then use passive mode FTP instead of 
active.  In FTPAPI, you do that by specifying

    FTP_passiveMode(fd: *ON);

The port you specify on the FTP_Conn() API won't have any affect on the 
ports used.

-----------------------------------------------------------------------
This is the FTPAPI mailing list.  To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------


-----------------------------------------------------------------------
This is the FTPAPI mailing list.  To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------