GnuTLS error -110 in gnutls_record_recv: The TLS Connection was non-properly terminated

Need help with FileZilla Server? Something does not work as expected? In this forum you may find an answer.

Moderator: Project members

Message
Author
tchicken
503 Bad sequence of commands
Posts: 20
Joined: 2022-06-21 14:44
First name: Michel
Last name: POULET

Re: GnuTLS error -110 in gnutls_record_recv: The TLS Connection was non-properly terminated

#16 Post by tchicken » 2022-06-29 07:17

Thank you Boco,

This configuration works well in 'Passive' mode.
Why can't I use the default port?

User avatar
boco
Contributor
Posts: 26899
Joined: 2006-05-01 03:28
Location: Germany

Re: GnuTLS error -110 in gnutls_record_recv: The TLS Connection was non-properly terminated

#17 Post by boco » 2022-06-29 13:01

You can use the default listening port. The custom port range is something different and dedicated to data connections (listings and transfers).

1. The data port range must be forwarded to the sever machine in the router, so, incoming connections on any of these ports will reach your server.
2. You must configure that port range in FileZilla Server, so it can propose these ports to the client in the PASV or EPSV reply. Otherwise, it would just propose random ports all over, many of them outside your range.

Malicious routers may make it appear to work without any configuration, but only on the default listening port and only for unencrypted connections.

Our Network Configuration guide has all these information and more.
### BEGIN SIGNATURE BLOCK ###
No support requests per PM! You will NOT get any reply!!!
FTP connection problems? Please do yourself a favor and read Network Configuration.
FileZilla connection test: https://filezilla-project.org/conntest.php
### END SIGNATURE BLOCK ###

tchicken
503 Bad sequence of commands
Posts: 20
Joined: 2022-06-21 14:44
First name: Michel
Last name: POULET

Re: GnuTLS error -110 in gnutls_record_recv: The TLS Connection was non-properly terminated

#18 Post by tchicken » 2022-06-29 16:48

A big thank you to everyone.

tchicken
503 Bad sequence of commands
Posts: 20
Joined: 2022-06-21 14:44
First name: Michel
Last name: POULET

Re: GnuTLS error -110 in gnutls_record_recv: The TLS Connection was non-properly terminated

#19 Post by tchicken » 2022-06-30 15:20

One last question, if I try to download a file by connecting with a DNS name pointing to my external IP and I'm behind the same NAT server as the FileZilla server, I get the following errors :

On client :
Statut : Résolution de l’adresse de presles.dyndns.org
Statut : Connexion à 176.170.75.47:50000…
Statut : Connexion établie, attente du message d’accueil…
Statut : Initialisation de TLS…
Statut : Connexion TLS établie.
Statut : Connecté
Statut : Récupération du contenu du dossier…
Statut : Le serveur a envoyé une réponse passive avec une adresse non routable. Adresse remplacée par celle du serveur.
Commande : MLSD
Réponse : 150 About to start data transfer.
Erreur : Les données de connexion ne peuvent pas être établies : ECONNREFUSED - Connexion refusée par le serveur
Erreur : Connection interrompue après 20 secondes d’inactivité
Erreur : Impossible de récupérer le contenu du dossier


On Server :
<Date> Info [Type] Message
<30/06/2022 17:12:04> FTP Session 547 192.168.1.254 [Command] AUTH TLS
<30/06/2022 17:12:04> FTP Session 547 192.168.1.254 [Response] 234 Using authentication type TLS.
<30/06/2022 17:12:04> FTP Session 547 192.168.1.254 [Command] USER genturfevo
<30/06/2022 17:12:04> FTP Session 547 192.168.1.254 [Response] 331 Please, specify the password.
<30/06/2022 17:12:04> FTP Session 547 192.168.1.254 [Command] PASS ****
<30/06/2022 17:12:04> FTP Session 547 192.168.1.254 genturfevo [Response] 230 Login successful.
<30/06/2022 17:12:04> FTP Session 547 192.168.1.254 genturfevo [Command] PWD
<30/06/2022 17:12:04> FTP Session 547 192.168.1.254 genturfevo [Response] 257 "/" is current directory.
<30/06/2022 17:12:04> FTP Session 547 192.168.1.254 genturfevo [Command] TYPE I
<30/06/2022 17:12:04> FTP Session 547 192.168.1.254 genturfevo [Response] 200 Type set to I
<30/06/2022 17:12:04> FTP Session 547 192.168.1.254 genturfevo [Command] PASV
<30/06/2022 17:12:04> FTP Session 547 192.168.1.254 genturfevo [Response] 227 Entering Passive Mode (192,168,1,112,203,49)
<30/06/2022 17:12:04> FTP Session 547 192.168.1.254 genturfevo [Command] MLSD
<30/06/2022 17:12:04> FTP Session 547 192.168.1.254 genturfevo [Response] 150 About to start data transfer.
<30/06/2022 17:12:24> FTP Session 547 192.168.1.254 genturfevo [Error] GnuTLS error -110 in gnutls_record_recv: The TLS connection was non-properly terminated.
<30/06/2022 17:12:24> FTP Session 547 192.168.1.254 genturfevo [Status] Client did not properly shut down TLS connection
<30/06/2022 17:12:24> FTP Session 547 192.168.1.254 genturfevo [Error] Control channel closed with error from source 0. Reason: ECONNABORTED - Connection aborted.


If I do the same with the internal IP 192.168.1.115, it works !

Can you tell me how why this error and how to fix it please ?

User avatar
botg
Site Admin
Posts: 35491
Joined: 2004-02-23 20:49
First name: Tim
Last name: Kosse

Re: GnuTLS error -110 in gnutls_record_recv: The TLS Connection was non-properly terminated

#20 Post by botg » 2022-06-30 16:38

From within your NAT you need to use private IP address. Consumer grade routers do not properly handle internal traffic directed at their public IP.

If you absolutely must use the same hostname from both internal and external access, employ split-brain DNS.

tchicken
503 Bad sequence of commands
Posts: 20
Joined: 2022-06-21 14:44
First name: Michel
Last name: POULET

Re: GnuTLS error -110 in gnutls_record_recv: The TLS Connection was non-properly terminated

#21 Post by tchicken » 2022-06-30 20:12

I don't have a DNS server, is there another solution ?

At worst, I'll handle this in my application !

What is weird is that the FTP server responds correctly, but does not allow the download, is it possible to find the information in the server's response ?

User avatar
botg
Site Admin
Posts: 35491
Joined: 2004-02-23 20:49
First name: Tim
Last name: Kosse

Re: GnuTLS error -110 in gnutls_record_recv: The TLS Connection was non-properly terminated

#22 Post by botg » 2022-06-30 21:29

Look more closely. You connect to the server via a routable address, yet what you see on the server is an unroutable address. This means your el-cheapo NAT router has failed to transform the source address.

As for DNS server, you definitely have at least one. It's the authoritative DNS server for the hostname you are using.

tchicken
503 Bad sequence of commands
Posts: 20
Joined: 2022-06-21 14:44
First name: Michel
Last name: POULET

Re: GnuTLS error -110 in gnutls_record_recv: The TLS Connection was non-properly terminated

#23 Post by tchicken » 2022-07-01 04:41

I use https://account.dyn.com/services/, but I don't quite understand the manipulation to be performed, network management is not my specialty as you have seen ;)

I can't find anything in my DNS provider's help regarding split-brain.

I've find this for Windows serveur : https://www.it-connect.fr/configurer-le ... ws-server/, I try ...

Initially, the Add-DnsServerZoneScope command is not recognized on my server, Should I import a particular package in your opinion ?

Do I need to install the DNS Server function ?

tchicken
503 Bad sequence of commands
Posts: 20
Joined: 2022-06-21 14:44
First name: Michel
Last name: POULET

Re: GnuTLS error -110 in gnutls_record_recv: The TLS Connection was non-properly terminated

#24 Post by tchicken » 2022-07-01 05:46

I installed the DNS server function, but I have the following error :

PS C:\Users\Administrateur> Add-DnsServerZoneScope -ZoneName "presles.dyndns.org" -Name "LAN"
Add-DnsServerZoneScope : La zone presles.dyndns.org est introuvable sur le serveur PRESLES.
Au caractère Ligne:1 : 1
+ Add-DnsServerZoneScope -ZoneName "presles.dyndns.org" -Name "LAN"
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (presles.dyndns.org:root/Microsoft/...ServerZoneScope) [Add-DnsServerZon
eScope], CimException
+ FullyQualifiedErrorId : WIN32 9601,Add-DnsServerZoneScope


I have no idea how a DNS server works :(

I'll have to keep looking, I'll let you know...

tchicken
503 Bad sequence of commands
Posts: 20
Joined: 2022-06-21 14:44
First name: Michel
Last name: POULET

Re: GnuTLS error -110 in gnutls_record_recv: The TLS Connection was non-properly terminated

#25 Post by tchicken » 2022-07-01 06:47

I have already created this
dns.jpg
dns.jpg (182.78 KiB) Viewed 3286 times

Post Reply