I'm having a problem using Netscape to FTP through my Firewall-1 firewall.
I've done quite a bit of testing and research and have figured out that
its because Netscape's version of ftp adheres to the specifications of
RFC 1579. This RFC states that instead of doing a PORT command to tell
the ftp server what port to open a data connection on, it does a PASV
command. The following quote is from the above RFC:
Fortunately, the necessary mechanisms already exist in the protocol.
If the client sends a PASV command, the server will do a passive TCP
open on some random port, and inform the client of the port number.
The client can then do an active open to establish the connection.
This is the part that confuses me. If the server is going to inform
my client of the port number "on some random port", 1) How am I going
to know which port to listen on to get this critical information? It
seems like my ftp client would have to be frantically scanning the
entire range above 1024 to get this information. 2) Isn't
this going to force me to leave the entire range above 1024 wide open
in my firewall configuration?
As it stands, I can't FTP through Netscape because my firewall blocks
that incomming random packet. Can anyone provide any suggestions.
_______________________________________
/ ____ _____ _____ \ Charles L. Hutson, clh @
ptech .
com
/ ____// // // ___ Technical Services \ Systems Engineer
/ // // //___// Division /\ Piedmont Technology Group
/__________________________________________/ / Phone 704.523.2400
\__________________________________________\/ Fax 704.523.7764
Follow-Ups:
|
|
