Server using wrong passive port

Message

DesertF0x · #1 Post by **DesertF0x** » 2011-10-20 13:35

Some how the server wants to use port 80 for passive connections although it is configured to use 800-805:
15:31:54 Befehl: PASV
15:31:55 Antwort: 227 Entering Passive Mode (*,*,*,*,0,80)
15:31:55 Befehl: MLSD
15:31:55 Fehler: GnuTLS error -53: Fehler in der Push-Funktion.

In the next Try it uses the right port again:
15:32:06 Befehl: PASV
15:32:06 Antwort: 227 Entering Passive Mode (*,*,*,*,3,34)

Any hints to solve this?

This configuration worked for long time without Problems.

#2 Post by **boco** » 2011-10-20 17:47

1. Do you use the FileZilla Server?
2. When that happens, compare the corresponding client and server logs: Do they match 100%?

#3 Post by **botg** » 2011-10-20 19:37

You shouldn't use ports <= 1024 for the data connection, those ports are reserved for other programs.

DesertF0x · #4 Post by **DesertF0x** » 2011-10-20 20:59

boco wrote:1. Do you use the FileZilla Server?
2. When that happens, compare the corresponding client and server logs: Do they match 100%?

Yes I am using Filezilla Server. The logs match, in the Server log it is also Port 80.

botg wrote:You shouldn't use ports <= 1024 for the data connection, those ports are reserved for other programs.

Yeah I have read that and changed FTP port to 1337 and passive port range to 51111-51161. No changes.

Additionally I deleted the whole configuration and made a new one but the Problem persists.

#5 Post by **botg** » 2011-10-21 06:08

Can you please post an unabridged log? Snippets are a bit hard to interpret.

DesertF0x · #6 Post by **DesertF0x** » 2011-10-21 17:38

Code: Select all

(000013)21.10.2011 19:23:37 - user (*.*.192.18)> 226 Transfer OK
(000014)21.10.2011 19:23:37 - user (*.*.192.18)> SSL connection for data connection established
(000014)21.10.2011 19:23:37 - user (*.*.192.18)> 226 Transfer OK
(000013)21.10.2011 19:23:37 - user (*.*.192.18)> PASV
(000013)21.10.2011 19:23:37 - user (*.*.192.18)> 227 Entering Passive Mode (*,*,51,109,199,193)
(000013)21.10.2011 19:23:37 - user (*.*.192.18)> REST 100000000
(000013)21.10.2011 19:23:37 - user (*.*.192.18)> 350 Rest supported. Restarting at 100000000
(000014)21.10.2011 19:23:37 - user (*.*.192.18)> PASV
(000014)21.10.2011 19:23:37 - user (*.*.192.18)> 227 Entering Passive Mode (*,*,51,109,0,80)
(000013)21.10.2011 19:23:38 - user (*.*.192.18)> STOR sicherung.r08
(000014)21.10.2011 19:23:38 - user (*.*.192.18)> REST 100000000
(000014)21.10.2011 19:23:38 - user (*.*.192.18)> 350 Rest supported. Restarting at 100000000
(000013)21.10.2011 19:23:38 - user (*.*.192.18)> 150 Connection accepted, restarting at offset 100000000
(000014)21.10.2011 19:23:38 - user (*.*.192.18)> STOR sicherung.r31
(000013)21.10.2011 19:23:38 - user (*.*.192.18)> SSL connection for data connection established
(000013)21.10.2011 19:23:38 - user (*.*.192.18)> 226 Transfer OK
(000013)21.10.2011 19:23:38 - user (*.*.192.18)> PASV
(000013)21.10.2011 19:23:38 - user (*.*.192.18)> 227 Entering Passive Mode (*,*,51,109,199,195)
(000013)21.10.2011 19:23:38 - user (*.*.192.18)> REST 100000000
(000013)21.10.2011 19:23:38 - user (*.*.192.18)> 350 Rest supported. Restarting at 100000000
(000013)21.10.2011 19:23:38 - user (*.*.192.18)> STOR sicherung.r16
(000013)21.10.2011 19:23:38 - user (*.*.192.18)> 150 Connection accepted, restarting at offset 100000000
(000013)21.10.2011 19:23:38 - user (*.*.192.18)> SSL connection for data connection established
(000013)21.10.2011 19:23:38 - user (*.*.192.18)> 226 Transfer OK

...
Only 000013 active
...

Code: Select all

(000014)21.10.2011 19:23:48 - user (*.*.192.18)> 425 Can't open data connection.
(000013)21.10.2011 19:23:48 - user (*.*.192.18)> PASV
(000013)21.10.2011 19:23:48 - user (*.*.192.18)> 227 Entering Passive Mode (*,*,51,109,199,209)
(000014)21.10.2011 19:23:48 - user (*.*.192.18)> PASV
(000014)21.10.2011 19:23:48 - user (*.*.192.18)> 227 Entering Passive Mode (*,*,51,109,199,210)
(000013)21.10.2011 19:23:48 - user (*.*.192.18)> REST 100000000
(000013)21.10.2011 19:23:48 - user (*.*.192.18)> 350 Rest supported. Restarting at 100000000
(000014)21.10.2011 19:23:48 - user (*.*.192.18)> REST 0
(000014)21.10.2011 19:23:48 - user (*.*.192.18)> 350 Rest supported. Restarting at 0
(000013)21.10.2011 19:23:48 - user (*.*.192.18)> STOR sicherung.r42
(000013)21.10.2011 19:23:48 - user (*.*.192.18)> 150 Connection accepted, restarting at offset 100000000
(000014)21.10.2011 19:23:49 - user (*.*.192.18)> MLSD
(000013)21.10.2011 19:23:49 - user (*.*.192.18)> SSL connection for data connection established
(000014)21.10.2011 19:23:49 - user (*.*.192.18)> 150 Connection accepted
(000013)21.10.2011 19:23:49 - user (*.*.192.18)> 226 Transfer OK
(000013)21.10.2011 19:23:49 - user (*.*.192.18)> PASV
(000013)21.10.2011 19:23:49 - user (*.*.192.18)> 227 Entering Passive Mode (*,*,51,109,0,80)
(000013)21.10.2011 19:23:49 - user (*.*.192.18)> REST 100000000
(000013)21.10.2011 19:23:49 - user (*.*.192.18)> 350 Rest supported. Restarting at 100000000
(000014)21.10.2011 19:23:49 - user (*.*.192.18)> SSL connection for data connection established
(000014)21.10.2011 19:23:49 - user (*.*.192.18)> 226 Transfer OK

Enough?

Error is coming more often the longer the transfer is running.

edit:
Clientlog

Code: Select all

19:23:24	Antwort:	150 Connection accepted, restarting at offset 100000000
19:23:24	Antwort:	150 Connection accepted, restarting at offset 100000000
19:23:24	Antwort:	226 Transfer OK
19:23:24	Status:	Dateitransfer erfolgreich, 0 B in 1 Sekunde übertragen
19:23:24	Status:	Starte Upload von /home/user/sicherung.r08
19:23:24	Befehl:	PASV
19:23:24	Antwort:	226 Transfer OK
19:23:24	Status:	Dateitransfer erfolgreich, 0 B in 1 Sekunde übertragen
19:23:24	Antwort:	227 Entering Passive Mode (*,*,51,109,199,193)
19:23:24	Befehl:	REST 100000000
19:23:24	Status:	Starte Upload von /home/user/sicherung.r31
19:23:24	Befehl:	PASV
19:23:25	Antwort:	350 Rest supported. Restarting at 100000000
19:23:25	Befehl:	STOR sicherung.r08
19:23:25	Antwort:	227 Entering Passive Mode (*,*,51,109,0,80)
19:23:25	Befehl:	REST 100000000
19:23:25	Antwort:	350 Rest supported. Restarting at 100000000
19:23:25	Befehl:	STOR sicherung.r31
19:23:25	Fehler:	GnuTLS error -53: Fehler in der Push-Funktion.
19:23:25	Antwort:	150 Connection accepted, restarting at offset 100000000
19:23:25	Antwort:	226 Transfer OK
19:23:25	Status:	Dateitransfer erfolgreich, 0 B in 1 Sekunde übertragen
19:23:25	Status:	Starte Upload von /home/user/sicherung.r16
19:23:25	Befehl:	PASV
19:23:25	Antwort:	227 Entering Passive Mode (*,*,51,109,199,195)
19:23:25	Befehl:	REST 100000000
19:23:25	Antwort:	350 Rest supported. Restarting at 100000000
19:23:25	Befehl:	STOR sicherung.r16
19:23:25	Antwort:	150 Connection accepted, restarting at offset 100000000
19:23:25	Antwort:	226 Transfer OK
19:23:25	Status:	Dateitransfer erfolgreich, 0 B in 1 Sekunde übertragen
19:23:25	Status:	Starte Upload von /home/user/sicherung.r62
19:23:25	Befehl:	PASV
19:23:26	Antwort:	227 Entering Passive Mode (*,*,51,109,199,196)
19:23:26	Befehl:	REST 100000000
19:23:26	Antwort:	350 Rest supported. Restarting at 100000000
19:23:26	Befehl:	STOR sicherung.r62
19:23:26	Antwort:	150 Connection accepted, restarting at offset 100000000
19:23:26	Antwort:	226 Transfer OK

#7 Post by **botg** » 2011-10-22 14:27

Perhaps a too narrow passive mode port range. Try using a larger range.

DesertF0x · #8 Post by **DesertF0x** » 2011-10-22 18:00

I have already changed form 5 to 50 Ports. Shouldn’t that be enough for one user?

#9 Post by **boco** » 2011-10-23 00:05

DesertF0x wrote:I have already changed form 5 to 50 Ports. Shouldn’t that be enough for one user?

Definitely. I dunno why it would even propose port 80 (which is HTTP), unless you configured it somewhere.

#10 Post by **botg** » 2011-10-23 08:20

After using a socket pair, it enters the TIME_WAIT state and cannot be re-used during this time. On Windows, TIME_WAIT is usually 2 or 4 minutes.

Assuming the client re-uses the same source port, if you transfer more than 50 files or directory listings in that period, all ports in the 50 port range are exhausted. With small files, it's very easy to transfer hundreds if not thousands of files during those 2 (or 4) minutes and the port range should be set large enough to accommodate this.

Try using a thousand ports, that should make a difference.

DesertF0x · #11 Post by **DesertF0x** » 2011-10-26 21:23

Looks like that made it.

Wondering that it was working with five ports before ...

THX!

DesertF0x · #12 Post by **DesertF0x** » 2011-10-26 22:08

Sry, I have not tested long enough ... the problem is still there.

DesertF0x · #13 Post by **DesertF0x** » 2011-11-04 17:58

anybody?

#14 Post by **botg** » 2011-11-04 21:15

I have no idea where the port 80 is coming from. My best guess would be some firewall intercepting the calls to the operating system when FileZilla Server asks Windows for a free port.

Nathanscottdaniels · #15 Post by **Nathanscottdaniels** » 2011-11-13 03:45

I am having the exact same problem. Server is configured to have ports 6000 - 6100 as passive ports but, according to WireShark data, it is consistently sending ports in the range of 5000-~5100 to the passive clients. I tried everything I could think of before coming to the conclusion that FileZilla is at fault. There are no firewalls in between (not even the Windows one) and the router is forwarding ports 21 and 6000-6100 to the server. I am using the latest stable release of the server and client.

FileZilla Forums

Server using wrong passive port

Server using wrong passive port

Re: Server using wrong passive port

Re: Server using wrong passive port

Re: Server using wrong passive port

Re: Server using wrong passive port

Re: Server using wrong passive port

Re: Server using wrong passive port

Re: Server using wrong passive port

Re: Server using wrong passive port

Re: Server using wrong passive port

Re: Server using wrong passive port

Re: Server using wrong passive port

Re: Server using wrong passive port

Re: Server using wrong passive port

Re: Server using wrong passive port