django-ftpserver icon indicating copy to clipboard operation
django-ftpserver copied to clipboard

Published 20 hours ago verified publisher icon tokibito

Rejected data connection to foreign address

Open zapsterdk opened this issue 3 years ago • 3 comments

Hi, I have a test server directly on the internet. But when I try to connect to this from a computer behind NAT I get this error:

python3 manage.py ftpserver -v 3 95.xxx.178.66:8002

[I 2021-09-07 10:39:18] concurrency model: async [I 2021-09-07 10:39:18] masquerade (NAT) address: None [I 2021-09-07 10:39:18] passive ports: None [I 2021-09-07 10:39:18] >>> starting FTP server on 95.xxx.178.66:8002, pid=90532 <<< [I 2021-09-07 10:39:21] 80.xxx.72.162:64707-[] FTP session opened (connect) [I 2021-09-07 10:39:21] 80.xxx.72.162:64707-[BOX-001] USER 'BOX-001' logged in. [W 2021-09-07 10:39:22] 80.xxx.72.162:64707-[BOX-001] Rejected data connection to foreign address 192.168.1.101:64708.

And then it drops the connection. Any idéers what to do here? I think I'm missing some piece of the puzzle but can't find it ;)

\Zapster

zapsterdk avatar Sep 07 '21 10:09 zapsterdk

@zapsterdk What is the client to connect the server? It seems using active mode(default). Could you try to use passive mode at the client side? And try to set the masquerade address to 95.xxx.178.66 at command option.

FTP procedure of over the internet :

  1. client connects to server
  2. client login
  3. client set mode to passive (because active mode can not connect over the NAT.)
  4. client send ftp command
  5. server returns address and port for data transfer (It requires masquerade address)
  6. client connects server for data transfer (using returned address and port by the server)

tokibito avatar Sep 07 '21 12:09 tokibito

Using passive mode seems to do the trick... Thanks!

One last question: How do I put these settings in the Django config for the server always to use passive with a port range?

zapsterdk avatar Sep 07 '21 13:09 zapsterdk

@zapsterdk Forcing passive mode at server side is nothing way. FTP client maybe configured explicitly use passive mode. You can write the port range by FTPSERVER_PASSIVE_PORTS in settings.py. see this: https://github.com/tokibito/django-ftpserver/blob/master/django_ftpserver/management/commands/ftpserver.py

I guess you to use systemd for running server application. You can write a command and command line option in the config of systemd.

tokibito avatar Sep 07 '21 14:09 tokibito