ftp uncertainties...


Lately, for some god-only-knows reason, I've become obsessed with trying to telnet to an ftp port, login, and get LIST to work!  This, however, seems to be beyond my humble capabilites because everytime I try, the ftp daemon and I do a little dance that goes kinda' like this...

220 Server ready.
<user dude>
331 Password required for dude.
<pass duder>
230 User dude logged in.
<list> or <nlst> or whatever you like...
425 Can't build data connection: Connection refused.

Draaah!!!  Stupid thing!  Okay - I think I have a lead though, and that is this mystical PORT command - typing HELP PORT (the HELP command goes through nicely, even in my impotent state) gives me the OH-SO-HELPFUL...
PORT <sp> h1,h2,h3,h4,p1,p2

I figured out quickly enough that the h? quadruplets represent a dotted quad, and I just *know* that the last two are a 16-bit number describing my local port, BUT - I just read that in a file somewhere. ;)  No other clues here.  If I were stubborn, I'd keep cussing at the search engines to give me an RFC or a FAQ with some useful information.  And I am stubborn... :) But why waste time when you have experts-exchange, eh? SO - pardon the simple stupidity of this question, and as for the category, it's really a "networking in general" question - but there isn't that category.  And I figured unix networking is the purest form of TCP/IP.  So.  Any answers out there?

Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

As far as know what you are trying to do is impossble (unless you are trying to find some security holes in ftp).

Whenever you connect to an 'ftp port', the other site will redirect your request to the 'ftp'-daemon process. As i don't know the internals of both telnet and ftp, it seems quiet reasonable to me that don't understand the special command which only exists in one of both programs. You can login because that is some 'generally' shared code amongst these programs, but besides this they have not that must in common.
johnny_5Author Commented:
Well, what I mean when I say that I telnet to that port, I mean that I'm just using the telnet program as a tcp/ip interpreter to get me some kind of text response and so I can send some kind of text command.  I'm trying to put together an ftp client of sorts, and I keep having the same problems trying to interface to the ftp servers.  That's all - I know there's a way - I watch CuteFTP send the PORT command before every LIST, NLST, etc.  I just personally don't know what those last two numbers are...

Thanks though!

Just a guess, couldn't it be that they are checking to see if the correct kind of program is at the other site?

If in Unix we talk about ports, most of the times some kind of service is referred to. So check the matching of port numbers and services, you can verify (on unix) the /etc/services file.

just my $.02 (now)
There is something you can do, but it is more complex than what you've tried.
The first commands are working because they use the control connection you've setup by connection to port 21 via telnet.
The LIST command however is handled internally as a file transfer and therefor needs its own data connection.
The server is trying to connect to your side of this connection, but is failing because you did not setup one, and I do not see how this can be done with a telnet client program.
A normal ftp client would have created his side of the required data connection, allocating a local port.  It would then send this port (in the PORT command ...) to the server.  In response, the server will connect to this port and sends the 'list'.
Although of limited practical use, here is something you can do:
You use two telnet sessions, connecting one to the ftp on the host you want the list from, and one to ftp on your local host.
Login to both (like you did before) and set the remote ftp in passive mode with the PASV command.  This will in fact create one side of the data connection, and will return the port value.
The you send the LIST command to the same remote ftp session.
Send the PORT command to the local ftp, specifying the values you got back from the remote ftp in response to PASV.  This will tell the local ftp that it should connect to this port for the next data transfer.
Finally send a STOR command to the local ftp, specifying the destination file on your local host.  It is a 'file' transfer, but you could specify your terminal device file to see the list on screen.
Following are the session summaries on my linux system:

Remote ftp (actually this was the same system):
> USER ...
> PASS ...
> 227 entering passive mode (127,0,0,1,4,12)
Nothing happens here until the STOR is send to the local ftp
> 150 opening connection for /bin/ls
> 226 transfer complete

Local ftp:
> USER ...
> PASS ...
> PORT 127,0,0,1,4,12
> 200 Port command succesful
> STOR /dev/tty3
> 150 opening connection for /dev/tty3
> 226 transfer complete

What you are actually doing here is simulating an ftp client doing
a proxy file transfer between two hosts while running itself on a third one.  It opens two (telnet protocol) control connections to do this, and sends the commands as described above.
If you want to write an ftp client, it must implement the data connection handling in addition to the control connection that you were handling in the telnet session.

Hope this helps

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
johnny_5Author Commented:
Thank you!  That's EXACTLY what I wanted to know.  Okay - I got it now - I was thinking I would have to do something along those lines, but I wasn't sure specifically... What ended up happening was that I was putting the control connection (the first one) into passive mode and issuing the port command to it, but that wasn't quite working right.  What I needed was a second connection.  Just trying to write an FTP client from scratch is all, and I wanted to know if it was going to be worth it or not.

Thanks again!

It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.