Reputation: 19
Perl Net::FTPSSL doesn't work properly - timeout when trying to transfer data
I have to switch the transfer mode of pure-ftpd from regular ftp to ftp with TLS. So I've switched the config flag TLS to 2 (only TSL, no regular FTP).
The connection and the transfer of files is working fine with filezilla.
Now I have a perl script which is getting some files from the server using NET::FTP.
This is the main functionality:
use Net::FTP;
$ftp = Net::FTP->new("[SERVERNAME]", Debug => 1)
or die "Cannot connect to [SERVERNAME]: $@";
$ftp->login("[USER]",'[PASSWORD]')
or die "Cannot login ", $ftp->message;
$ftp->cwd("/")
or die "Cannot change working directory ", $ftp->message;
$ftp->dir("/")
or die "get failed ", $ftp->message;
$ftp->get("somefile.txt")
or die "get failed ", $ftp->message;
$ftp->quit;
To rebuild the GET functionality, I'm trying to use the CPAN Module NET::FTPSSL with the following script snipplet:
use Net::FTPSSL;
my $ftps = Net::FTPSSL->new('[SERVERNAME]',
Port => 21,
Encryption => EXP_CRYPT,
Croak => 1,
Trace => 1,
Debug => 2
)
or die "Can't open [SERVERNAME]\n$Net::FTPSSL::ERRSTR";
$ftps->login('[USER]', '[PASSWORD]')
or die "Can't login: ", $ftps->last_message();
$ftps->cwd("/anyfolder") or die "Can't change directory: " . $ftps->last_message();
$ftps->quot("PASV");
$ftps->nlst() or die "Error: " . $ftps->last_message();
$ftps->list("/anyfolder") or die "Can't change directory: " . $ftps->last_message();
$ftps->binary() or die "Can't change directory: " . $ftps->last_message();
$ftps->put("anyfile.txt") or die "Can't get file: " . $ftps->last_message();
$ftps->get("anyfile.txt") or die "Can't get file: " . $ftps->last_message();
$ftps->quit();
This script is running fine through the authentication process. When it comes to a filetransfer it stopps until the regular timeaut is reached.
The debug output of the script looks like this:
SKT <<< 220-Welcome to Pure-FTPd. SKT <<< 220-You are user number 1 of 100 allowed. SKT <<< 220-This is a private system - No anonymous login SKT <<< 220-IPv6 connections are also welcome on this server. SKT <<< 220 You will be disconnected after 15 minutes of inactivity. SKT >>> AUTH TLS SKT <<< 234 AUTH TLS OK.
USER +++++++ <<< 331 User <++++++> OK. Password required PASS * <<< 230-User <++++++> has group access to: 100 <<< 230-This server supports FXP transfers <<< 230 OK. Current directory is / CWD /rollout <<< 250 OK. Current directory is /anyfolder PASV <<< 227 Entering Passive Mode (...,27,254) PBSZ 0 <<< 200 PBSZ=0 PROT P <<< 200 Data protection level set to "private" PASV <<< 227 Entering Passive Mode (...,145,153) --- Host (...) Port (37273) NLST
So it's possible to connect with the server using filezilla but it is not possible to connect to connect to the server and transfer files using the script.
I know it is most likely not a big thing, but I'm currently not able to find the error.
Upvotes: 1
Views: 3826
Answers (3)
Reputation: 1
$ftps->quot("PASV");
quot send the text to the server for fonctions that are not existing in Net::FTPSSL.
PASV change the way the server work, but because of "quot", the client don't care.
If you want PASV to work, you have to create a new command in NET::FTPSSL.
This new command have to :
- send 'PASV' to the server, and
- configure the client to word as a server for the DATA connection.
net::ftpssl use a library for the DATA connection that only work in client mode.
Upvotes: 0
Reputation: 11
So, you already said that you tried OverridePASV and this didn't work. Usually, this is the obvious fix, since several FTP servers incorrectly return their IP address in the answer to the PASV command. If they are behind a firewall, etc., their outward-facing IP address is not the one that they return.
Since you are talking to the server from the WAN, not it's internal LAN, setting up the PASV connection to the IP address it gives you just hangs. When you use OverridePASV, you can force the passive connection to use the WAN IP address (i.e. the address that you used to connect to it).
Given that OverridePASV didn't work, the problem is more likely that your FTP server is behind a firewall that doesn't allow the passive connection to complete (i.e. the port that the FTP server sets up doesn't get port-forwarded from the WAN) or the FTP server doesn't support passive. Net::FTPSSL only does passive (leastwise the version of the code that I'm looking at, marked 0.31). If the FTP server that you're talking to doesn't support PASV or you can't get through to the passive port, the connection will often hang until it times out. It is probable that FileZilla is using PORT instead of PASV, which is why it works.
Upvotes: 0
Reputation: 968
I had a similar problem switching from Net::FTP to Net::FTPSSL, and I found that passing the OverridePASV parameter with the same remote address fixed it.
Upvotes: 0
Related Questions
- Net::FTPSSL giving error Unexpected EOF on Command Channel [0] (0, 1) () at line…
- Connecting with Net::FTP in Perl, but fails to upload
- FTP error: "get failed Failure writing network stream. No transfer to ABOR."
- "Unable to build data connection: Connection timed out" error, even in passive mode
- Why doesn't Perl's Net::FTP upload my file?
- Using Net::FTP with Perl and trying different commands
- perl NET::FTP ls is giving argument too long error
- Recursive ftp sync using perl Net::FTP is painfully slow
- FTP application written in Perl doesn't connect
- perl ftp not working