• Subject: RE: JTOPEN FTP Through a Firewall question
  • From: "Bennion, Dick" <Dick_Bennion@xxxxxxxx>
  • Date: Fri, 26 Jan 2001 11:25:35 -0600

I have discovered the difficulty getting through the firewall using the FTP
object.

The problem is that Passive mode returns a high numbered port for data
transfer.  Our firewall rejects the request for the high numbered port.  I
found that by using issueCommand to send a PORT command I can cause Passive
mode to use port 20.

I fixed the problem in two different but similar ways.
1.  I modified FTP.java by adding a method to retrieve the ip address of the
current control socket.  Then I subclassed FTP.java and added a method to
issue the PORT command.

2.  I modified FTP.java by adding a method to set the port for the data
transfer.

Apparently command line FTP requests the server to use port 20 for data
transfer.

Dick Bennion


> -----Original Message-----
> From: Bennion, Dick 
> Sent: Tuesday, January 09, 2001 2:58 PM
> To:   'JAVA400-L@midrange.com'
> Subject:      RE: JTOPEN FTP Through a Firewall question
> 
> I have discovered the difficulty getting through the firewall using the
> FTP object.
> 
> The problem is that Passive mode returns a high numbered port for data
> transfer.  Our firewall rejects the request for the high numbered port.  I
> found that by using issueCommand to send a PORT command I can cause
> Passive mode to use port 20.
> 
> I fixed the problem in two different but similar ways.
> 1.  I modified FTP.java by adding a method to retrieve the ip address of
> the current control socket.  Then I subclassed FTP.java and added a method
> to issue the PORT command.
> 
> 2.  I modified FTP.java by adding a method to set the port for the data
> transfer.
> 
> Apparently command line FTP requests the server to use port 20 for data
> transfer.
> 
> Dick Bennion
> 
> I was mistaken when I said that get and put were working.  I have run
> a number of tests and have been focused on the ls problem for some time.
> 
> When there is a firewall Get, put and ls all work when using the command
>  line ftp tool.  None of them work when I use the FTP object.
> 
> I really don't understand what is happening with passive mode.  I
> understand
> the words, but not in the ftp context.  Are the ports standard when using
> the
> passive mode?
> 
> In C an Rbind is used to establish the inbound connection, is there
> anything
> I 
> can do to mimic that function?  I got that info from an article in the
> Information 
> Center - "Using AS/400 client SOCKS support to communicate outside a 
> firewall. 
> 
> Thanks again,
> Dick Bennion
> 
> > -----Original Message-----
> > From:       Dave Wall [SMTP:dawall@us.ibm.com]
> > Sent:       Tuesday, January 09, 2001 1:09 PM
> > To: JAVA400-L@midrange.com
> > Subject:    Re: JTOPEN FTP Through a Firewall question
> > 
> > 
> > The FTP classes uses passive mode when listing files on the server.
> > Passive mode means a port other than the default FTP port is used to
> > exchange data.  Is it possible the second port is not open through the
> > firewall?  I had some confidence that this was it until I realized put
> > also
> > uses passive mode.  Why would put work when list doesn't?  Could be the
> > ftp
> > server is set up to handle get/put via passive mode, but not list?
> > 
> > David Wall
> > AS/400 Toolbox for Java
> > 
> > 
> > "Bennion, Dick" <Dick_Bennion@AFCC.com>@midrange.com on 01/09/2001
> > 11:52:33
> > AM
> > 
> > Please respond to JAVA400-L@midrange.com
> > 
> > Sent by:  owner-java400-l@midrange.com
> > 
> > 
> > To:   "'JAVA400-L@midrange.com'" <JAVA400-L@midrange.com>
> > cc:
> > Subject:  JTOPEN FTP Through a Firewall question
> > 
> > 
> > 
> > I am using the jtopen version of the toolkit and I am attempting to
> > communicate with a number of sites that are outside our firewall.  I am
> > able
> > to get and put files, but I am having a problem getting a listing of the
> > files in the current working directory.  I am using the FTP class.
> > 
> > If I am accessing the server directory without going through the
> firewall
> > everything goes perfectly.
> > 
> > When I attempt ls through the firewall the list of files returned is
> > always
> > empty.  The message returned is "226 Listing completed."
> > 
> > I found some documentation that talks about using Rbind() from the
> client
> > to
> > establish an inbound connection.
> > 
> > What should I do to be able to get a list of the files in a directory on
> > the
> > server?  All help would be much appreciated.
> > 
> > 
> > 
> > 
> > > Dick Bennion
> > 
> > 
> > 
> > +---
> > | This is the JAVA/400 Mailing List!
> > | To submit a new message, send your mail to JAVA400-L@midrange.com.
> > | To subscribe to this list send email to JAVA400-L-SUB@midrange.com.
> > | To unsubscribe from this list send email to
> > JAVA400-L-UNSUB@midrange.com.
> > | Questions should be directed to the list owner: joe@zappie.net
> > +---
> > 
> > 
> > 
> > +---
> > | This is the JAVA/400 Mailing List!
> > | To submit a new message, send your mail to JAVA400-L@midrange.com.
> > | To subscribe to this list send email to JAVA400-L-SUB@midrange.com.
> > | To unsubscribe from this list send email to
> > JAVA400-L-UNSUB@midrange.com.
> > | Questions should be directed to the list owner: joe@zappie.net
> > +---
> 
> +---
> | This is the JAVA/400 Mailing List!
> | To submit a new message, send your mail to JAVA400-L@midrange.com.
> | To subscribe to this list send email to JAVA400-L-SUB@midrange.com.
> | To unsubscribe from this list send email to
> JAVA400-L-UNSUB@midrange.com.
> | Questions should be directed to the list owner: joe@zappie.net
> +---

+---
| This is the JAVA/400 Mailing List!
| To submit a new message, send your mail to JAVA400-L@midrange.com.
| To subscribe to this list send email to JAVA400-L-SUB@midrange.com.
| To unsubscribe from this list send email to JAVA400-L-UNSUB@midrange.com.
| Questions should be directed to the list owner: joe@zappie.net
+---

As an Amazon Associate we earn from qualifying purchases.

This thread ...


Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2022 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.