2006-07-23 strange FTP problem

from HTYP, the free directory anyone can edit if they can prove to me that they're not a spambot
Revision as of 13:07, 23 July 2006 by Woozle (talk | contribs) (draft)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Introduction

I'm documenting this problem so that (a) if we manage to fix it, others with a similar problem may be able to benefit, and (b) if we don't manage to fix it, maybe someone else will be able to figure out what's going on.

Description

Some FTP clients can connect to a particular server, while others can't. Specifically, Konqueror's ftp, which seems to use the kio_ftp kioslave, cannot; CLI-based ftp can, and so can gFTP.

Konqueror shows "Login Ok" in the taskbar, and then a dialog pops up to say it can't connect. This happens more quickly if KDE's ftp is set to not use PASV mode; if PASV mode is on, it takes 30-60 seconds.

Apparently Konqueror is actually connecting, but is unable to retrieve a directory listing.

This problem started suddenly. A similar problem had happened in the past, and had always been cured by rebooting; the similarity may be deceptive, however, as I don't remember seeing the "Login Ok".

Brief History

About 5 days ago (at a guess), Konqueror suddenly stopped being able to connect to my web server (as described above). I tried rebooting, then tried turning off and rebooting, but no go. I finally set up a completely new system (I needed to update from Ubuntu Warty or Hoary or whatever it was to the latest, Dapper). The problem remained, unaltered.

I finally tried connecting from Konqueror on a different system, and had the same problem. (An ftp server log shows much the same sequence of events for this attempt.)

Back on my system, however, the CLI version of ftp continued to work, as did a non-kioslave-based GUI ftp program, gFTP. Neither one of them would work in PASV mode, however; they would both connect, but then time out waiting for a directorly listing (issued automatically from gFTP and manually from CLI ftp).

Session Logs

ftpd logs

This is the ftp server's log of an unsuccessful connection attempt from Konqueror.

@4000000044c22b112afaa5bc web1.l48.net (24.136.238.245[24.136.238.245]) - PAM([username redacted]): Authentication failure.
@4000000044c22b112b0586e4 web1.l48.net (24.136.238.245[24.136.238.245]) - USER [username redacted]: Login successful.
@4000000044c22b112b07b57c web1.l48.net (24.136.238.245[24.136.238.245]) - Preparing to chroot to directory '/hsphere/local/home/[username redacted]'
@4000000044c22b112b0b301c web1.l48.net (24.136.238.245[24.136.238.245]) - mod_delay/0.5: delaying for 80 usecs
@4000000044c22b113920dae4 web1.l48.net (24.136.238.245[24.136.238.245]) - Refused EPRT |1|192.168.0.103|57302| (address mismatch)
@4000000044c22b113b43f194 web1.l48.net (24.136.238.245[24.136.238.245]) - Refused PORT 192,168,0,103,143,41 (address mismatch)
@4000000044c22b1201eeaeac web1.l48.net (24.136.238.245[24.136.238.245]) - Refused PORT 192,168,0,103,223,197 (address mismatch)

gFTP non-PASV

This shows gFTP's session log from a successful connection in non-PASV mode. gFTP also retrieves a directory listing, downloads a file, and then uploads it again. Note that gFTP executes a PORT command similar to the one tried by Konqueror, above; the ftp server refuses Konq's attempt, but allows gFTP's. 

gFTP 2.0.18, Copyright (C) 1998-2003 Brian Masney <masneybspam@spamgftpspam.spamorg>. If you have any questions, comments, or suggestions about this program, please feel free to email them to me. You can always find out the latest news about gFTP from my website at http://www.gftp.org/
gFTP comes with ABSOLUTELY NO WARRANTY; for details, see the COPYING file. This is free software, and you are welcome to redistribute it under certain conditions; for details, see the COPYING file
Looking up web1.l48.net
Trying web1.l48.net:21
Connected to web1.l48.net:21
220 ProFTPD 1.3.0 Server (Main FTP Server) [69.57.190.146]
USER hypertwi

331 Password required for hypertwi.
PASS xxxx
230 User [redacted] logged in.
SYST

215 UNIX Type: L8
TYPE I

200 Type set to I
PWD

257 "/" is current directory.
Loading directory listing / from server (LC_TIME=en_US.UTF-8)
PORT 192,168,0,103,132,153

200 PORT command successful
LIST -aL

150 Opening ASCII mode data connection for file list
226 Transfer complete.
CWD /psycrit.com

250 CWD command successful
PWD

257 "/psycrit.com" is current directory.
Loading directory listing /psycrit.com from server (LC_TIME=en_US.UTF-8)
PORT 192,168,0,103,199,177

200 PORT command successful
LIST -aL

150 Opening ASCII mode data connection for file list
226 Transfer complete.
Successfully changed local directory to /home/woozle/Scratch
PORT 192,168,0,103,175,22

200 PORT command successful
RETR /psycrit.com/favicon.ico

150 Opening BINARY mode data connection for /psycrit.com/favicon.ico (2686 bytes)
226 Transfer complete.
Successfully transferred /psycrit.com/favicon.ico at 19.28 KB/s
Successfully changed mode of /home/woozle/Scratch/favicon.ico to 644
Loading directory listing /psycrit.com from server (LC_TIME=en_US.UTF-8)
PORT 192,168,0,103,223,164

200 PORT command successful
LIST -aL

150 Opening ASCII mode data connection for file list
226 Transfer complete.
PORT 192,168,0,103,224,144

200 PORT command successful
STOR /psycrit.com/favicon.ico

150 Opening BINARY mode data connection for /psycrit.com/favicon.ico
226 Transfer complete.
Successfully transferred /home/woozle/Scratch/favicon.ico at 23.14 KB/s
SITE CHMOD 644 /psycrit.com/favicon.ico

200 SITE CHMOD command successful
SITE UTIME 20060716145700 /psycrit.com/favicon.ico

500 'SITE UTIME' not understood
Loading directory listing /psycrit.com from server (LC_TIME=en_US.UTF-8)
PORT 192,168,0,103,159,71

200 PORT command successful
LIST -aL

150 Opening ASCII mode data connection for file list
226 Transfer complete.
Retrieved from "https://htyp.org/mw/index.php?title=2006-07-23_strange_FTP_problem&oldid=4843"