Comic Genesis Forums

Somehow the past two days I'm totally unable to get into ftp here... I've tried CoffeeCup (the program I normally use), basic command-line ftp, and Internet Exploder ftp... nothing works. All three connect, let me log in, tell me I'm logged in fine, and then from the first two I get "425 Unable to build data connection: Operation timed out" and from exploder a whole list including that one. ANY help would be appreciated, because I've only got one more comic uploaded before I'm out... Thanks. ^^

Firewall/proxy is probably in the way... I can't check what the problem is right now

No worries, I understand. If anyone else has a suggestion I'd welcome it though.

I don't think it's a firewall problem, given that just a few days ago it was working fine, and it's worked fine from here since December 1st. The last time I can verify it worked is January 18 (Sunday) when I uploaded something. When I tried it yesterday (January 22), it didn't work, and again it doesn't work today.

I still need help on this issue. This is roughly what an ftp session here now looks like:
I seriously need some suggestions here, beyond "firewall/proxy." Thanks.

The server cannot connect to your machine to build a data socket. This means that something between you and the outside world is blocking or, more likely, not forwarding port 20.

Here is a basic internet setup:

Internet service provider } --- [dsl] --- [router] --- your system
[------------- Internet side ------------][-------- your network side ----]

The dsl box and the router box may actually be the same box if you've got a newer version. My parents have one of those.

Each of these positions has an IP address. Typically, the router has 2 IP addresses, one for the dsl side and one for your network side. This is where the problem comes in. A computer on the internet side can only see the ip address of the router. It can't actually see your computer. In fact, there may be a dozen computers behind the router. The Internet server wouldn't be able to tell.

Router:
[ Internet side ---- bridge ---- Network side ]
[ 208.212.148.155 ------------- 192.168.0.1 ]

Your router will have special software that will allow a connection request from your computer to reach a server on the internet. Any data traveling back from the server will reach your computer after passing over a bridge. The bridge knows which path to take because it remembers who made the initial request (your computer). When a connection request comes in, though, the bridge does not know what to do so it blocks the connection.

What you will need to do is to forward a port from the Internet side directly to your computer. Then any request coming in on port 20 would be passed on because you already told the bridge how to handle it.

Router:
[ Internet side ---- bridge ---- Network side ]
[ 208.212.148.155 ------------- 192.168.0.1 ]
[ port 20 request --------------> 192.168.0.15 ]

Note that this only works when your computer has a static IP address. If your computer obtains an address automatically then the bridge can only guess where to send the port 20 request.

Most routers have a web setup utility. You connect with a browser and log in. On some page or another you will see "Port Forwarding" You want the external port to be 20. The internal port to be 20 and the IP address to be the address of your computer.

This may or may not work. If could be your isp blocking port 20 for some reason (why they wouldn't block port 21 and prevent the connection altogether is beyond me). If so, complain.

Well... this is really sad. I should be able to figure that out, but the last time I had to do anything with the internet was about six years ago now so of course my knowledge is so rusty and outdated I can't work through it.

What's really sad about this is that I majored in Computer Science (tho I will admit I lost interest). At a school with no real internet classes. Their idea of an internet class was along the lines of "these computers are all connected so you don't have to worry about it." "Uh, excuse me, isn't that a little simplistic?" "Shut up, I'm the professor."

I did manage to get through enough to know that some of this might not be something I can do... tho I am admitting I'm lost and senile today, I am pretty sure that we don't have a router here. It's 56k (they CLAIM, I don't buy it) modem connection. I live in the middle of nowhere, it's as good as it gets. I emailed the isp and they don't know that anything's changed (I suppose it COULD happen), so I'm left at square one.

I do completely follow the logic of your post, I'm just not seeing where I can use it right now. As far as my pathetic brain can manage to follow it, all the routers are the domain of the isp, and so I really can't get in and tinker with that (unless I break in but let's not go there).

I appreciate the answer and the effort that went into it; I'll probably take some of this information and email it back to the isp to see if I can't make more progress. Either that or give up, move, and get highspeed and not worry about it anymore. Thanks.

moonshadow wrote:I still need help on this issue. This is roughly what an ftp session here now looks like:

Code: Select all

ftp> open redzone.keenspace.com
Connected to redzone.keenspace.com.
220 ProFTPD 1.2.9 Server (KeenSpace::YDK FTP Server) [ydk.keenspot.com]
User (redzone.keenspace.com:(none)): redzone
331 Password required for redzone.
Password:
230 User redzone logged in.
ftp> ls
200 PORT command successful
425 Unable to build data connection: Operation timed out
ftp> dir
200 PORT command successful
425 Unable to build data connection: Operation timed out
ftp> cd workspace
250 CWD command successful.
ftp> ls
200 PORT command successful
425 Unable to build data connection: Operation timed out

I seriously need some suggestions here, beyond "firewall/proxy." Thanks.

Try PASV mode, that only uses one port

Well, as kind of an addendum to my previous reply, I did in a moment of creativity attempt "use a proxy server for this connection," acquiring my (current) ip and seeing again if I could get in. Didn't get in but didn't destroy anything either (at least for now).

I'm not finding anything on this machine that would allow me to change modes in ftp. Mine may be different, may not, I won't know until I get the initiative to turn it on. I will look into that suggestion further, though, and possibly see if there's anything I can do in the ftp client itself that might let me in.

Windows command line ftp doesn't have a passive mode. At least I can't find one. (no mode or passive command available in Windows 2000) You can enable passive mode in linux command line ftp by typing "passive" like Kisai said. Linux ftp is FAR more complete than the windows version.

Your only bet is to use Internet Explorer as an FTP client. It uses passive mode by default. A check over at tucows shows Pro_FTP has a passive mode. Most of the ftp clients I've looked at don't list enough information to say.

Well, I tried IE and that wouldn't let me in either, but here on my own computer (which uses Coffeecup free ftp), I am able to enable passive mode and get in. Finally. It's a big relief. Thanks everyone for the help!

That's strange. I thought IE used passive FTP. I guess not.

Just for my peace of mind:

Other than the number of ports, what is the difference between Passive and non-passive FTP? Is there a special putpose for them being different?

PASV or "Passive" mode is what lets you sit behind a firewall and still use FTP.

PASV puts the data and control sessions on the same port/connection.

Non-PASV mode has separate data and control sessions (two connections)

One connection is that little text interface
the other is when you see it do PORT (bunch of numbers)

There is a trick in FTP where you can actually ftp to one site, and have that site send the files to a third site, (known in the piracy world as FXP... how it started) FXP was ripped out of a remote control desktop application and then people reverse engineered it so they can do their on FXP sessions. Of course... you could always do this in unix if you knew how to manipulate the ftp client.

This works differently from HTTP, where the data is always sent on the same connection, though many web clients open multiple connections.

At any rate, if you do PASV mode, it should work, and be more stable if you have a proxy or firewall.