Re: reality check: passive FTP

On Tuesday 29 August 2006 11:36, Andrew Miehs wrote:
> Is this for real?! Or did you just want to send us a funny mail?
> >  23.311491  local -> remote TCP 38486 > 1455 [SYN] Seq=0 Ack=0
> > Win=5840 Len=0 MSS=1460 TSV=4672689 TSER=0 WS=7
> Whats up with this? Looks like local has a broken ftp client, or why
> is it trying to make a non passive connection?!

IIRC, that's a passive connection to the port (5*256+175) specified
in the preceding 227 response.  Regular/active FTP works by having
the server open a connection back to the client.

Looks like a firewall problem to me.  The question is where.  The
repeated SYNs suggest that the disputed packets are being dropped
rather than ICMP rejected.  Is there a TCP equivalent to tracepath?

--Mike Bird

