Client side FTP Passive Mode after Upgrade to 2.2

johnpoz

"It works for some devices, but other devices have a problem with it"

Like what??  ftp is ftp is ftp is ftp.. Its either active or passive.. How exactly would proxy that opens up the ports for an active connection not work with any client sending the ftp commands?

dlogan

@johnpoz:

"It works for some devices, but other devices have a problem with it"

Like what??  ftp is ftp is ftp is ftp.. Its either active or passive.. How exactly would proxy that opens up the ports for an active connection not work with any client sending the ftp commands?

I don't really have the details available to me about what ftp client is even being used.  I think these are retail bar code scanner guns that when docked ftp some file to a remote location.  Some of the devices we've had to set DHCP reservations for and put in a list of IPs to bypass the ftp proxy.  Others only work if the ftp-proxy is on.

The pfsense logs show repetitive lines like this:

 ftp-proxy[20575]: #57 client command too long or not clean.

I have them functional, but before when the ftp proxy was built-in, I never had to mess with any of this.  So obviously the package is not the same in some way.

johnpoz

So its not sending valid ftp commands then?

Why don't you sniff and lets see the command its sending.  This way the package could be fixed to address clients sending extra info and such in their commands.