cURL / Mailing Lists / curl-users / Single Mail


Re: Trouble transversing two firewalls w/ passive ftp

From: Dan Fandrich <>
Date: Wed, 18 Jan 2006 10:30:09 -0800

On Wed, Jan 18, 2006 at 09:33:35AM -0600, Nick Harley wrote:
> The people I'm working with are saying that unless I put my client into
> passive mode, the transfer will never work. If I use the passive switch
> instead of the the ftp-port switch, then when the other side of the
> connection tries to set up the data transfer, it gets the internal
> address of my machine, which is a publicly unroutable network, and
> fails.

You have this backwards: passive mode means that the client initiates the
data connection outward to the server machine. What you describe: "the
other side of the connection tries to set up the data transfer"
is PORT mode.

> If I use the port command, I can put my external address in as
> the port and it sends it correctly to the other server. I've tried

But you claim the people you're working with way that the transfer "will
never work" this way. Presumably, they're saying this based on knowledge
of how their servers and firewalls are set up.

> adding port information in addition to the IP address but it only
> recognizes and send the IP information.

Your original message didn't give a log of a transaction using passive mode.
If you post that, along with the command-line you're using, we might have
some more clues as to what might be going wrong.

>>> Dan

--              The web change of address service
          Let webmasters know that your web site has moved
Received on 2006-01-18