dcsimg
Problem FTPing From Inside Firewall
1 posts in topic
Flat View  Flat View
TOPIC ACTIONS:
 

Posted By:   srinivas_malisetty
Posted On:   Friday, July 5, 2002 04:03 PM

hi,
When i am trying get files from an Ftp site i am getting an
unknown host exception.I am setting proxy before calling the FTP task.When i am out side the fire wall, every thing is fine.Do any body know to use FTP task from inside a firewall.My Ant Code is below..






server="my.ftp.com/"
userid=""
password="">


Re: Problem FTPing From Inside Firewall

Posted By:   Christopher_Koenigsberg  
Posted On:   Monday, July 8, 2002 07:57 AM

I don't know how to set or change this in Ant because I haven't used Ant enough yet, but judging from years of experience with ftp, and with firewalls, before either Ant or Java existed, it could be a "passive" vs "active" connection problem?



See the man page for the "ftp" command line client, for instance, re the "-p" command line option and the "PASV" command. If Ant does not already have a way to set this yet, I'd be surprised.



I have seen other situations with ftp clients behind firewalls, where the firewall will only allow passive (PASV)mode. In those situations, either both the ftp client needs a way to change the setting (the client needs to have a way to know to issue the "PASV" command to the remote server), and the remote server needs to support the "PASV" command, or else it (the combination, of that client and that server, through that firewall) just wouldn't work.



ftp actually uses 2 connections, one for control and another for data. Once a control connection is established, either the client or the server needs to initiate the second connection for the data, and that's the difference between "passive" and "active". From behind a firewall, you probably need to put the remote server into "passive" mode, so it will wait for your client to initiate the data connection, since the firewall probably won't let the server use "active" mode to initiate the data connection itself (which would have to come back in, from outside the firewall, hence is probably verboten, if your firewally is any good).

About | Sitemap | Contact