Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    FTP no directory listing problem.

    Firewalling
    2
    3
    903
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • G
      grassopj
      last edited by

      Hi all,

      I've just installed PFSense 2.1, and I have to say it rocks for ease of use and performance - I'm getting over 110 mbits/sec  down over my cable connection !

      The only problem I have now is with FTP - I can't seem to do anymore than connect to any external servers, any actual directory request simply times out.

      for the sake of troubleshooting I have the following  3 packages installed:
      Squid (2.7.9 pkg v.4.3.3)
      Lightsquid (1.8.2 pkg v.2.33)
      DarkStat (3.0.714)

      Squid is configured as a transparent proxy, and seems to be working fine. The only other thing I have changed is to enable static arp entries on the dhcp server page.

      Has anyone else experienced this type of problem ? I did a search and found lots of FTP problems, but they all seemed to be related to internal FTP server access.

      I am trying to connect to mirror.aarnet.edu.au, which was working fine on my Asus router before I upgraded to PFSense.

      -Pete

      1 Reply Last reply Reply Quote 0
      • G
        grassopj
        last edited by

        Quick update - I removed the Darkstat package, and now it all seems to be working fine. Must be a coincidence, as this does not seem like a logical cause…

        -Pete

        1 Reply Last reply Reply Quote 0
        • johnpozJ
          johnpoz LAYER 8 Global Moderator
          last edited by

          No I don't see how darkstat could have anything to do with it.

          But as to access to outside servers - the data connection (directory listings) could still have problems depending if your doing active or passive connection to the server.  In a active connection the server would make a connection back to your IP.  So when behind a NAT like pfsense is by default doing.  If the helper is not working, or your doing ftps or ftpes and the connection is inside a encrypted tunnel that the helper can not see.  it can not change your private IP of your client to the public IP of pfsense and then in turn open the port for the server to talk to your client for the data side.

          In passive you should not have any issues since you create the connection to the server, so unless your filtering outbound traffic you should have any issues.  But lets say you limited outbound traffic to only 80, 443, 21 then sure you could have issues since the passive connection might be on port 42003 or something.

          You could also have problems with ftp if behind a double nat.. Here is a great write up of active vs passive

          http://slacksite.com/other/ftp.html

          To be most often the problems users have with ftp is just not understanding the protocol in general

          An intelligent man is sometimes forced to be drunk to spend time with his fools
          If you get confused: Listen to the Music Play
          Please don't Chat/PM me for help, unless mod related
          SG-4860 24.11 | Lab VMs 2.7.2, 24.11

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.