# 'ls' in FTP error on G5 under 10.2.7



## jrod7350 (Sep 29, 2003)

here's a capture from my ftp session:

ftp> cd Desktop
250 CWD command successful.
ftp> ls
229 Entering Extended Passive Mode (|||50914|)
500 Illegal EPRT command rejected
200 PORT command successful.

421 Service not available, remote server timed out. Connection closed

It gets stuck at the 229 forever, and then finally gives me the error 500.  What's happening?  Thanks.


----------



## profx (Sep 29, 2003)

this is a problem with win nt ftp server, i have the same problem all the time with my university server


```
Connected to host.domain
220 Microsoft FTP Service
Name (host.domain:profx): domain\user
331 Password required for domain\user.
Password:
230 User domain\user logged in.
Remote system type is Windows_NT.
ftp> ls
500 'EPSV': command not understood
227 Entering Passive Mode (nah...,9,155).
200 PORT command successful.
150 Opening ASCII mode data connection for /bin/ls.
^C
receive aborted. Waiting for remote to finish abort.
^C
remote abort aborted; closing connection.
ftp>
```
the ^C is from command+period.  It hung there for about 5 mins

it just sits there for ever.  Bah.  Even interarchy can't get in, nor the finder, but win '98 running on Virtual PC can.  Windows_NT server just wont let any client but a windows client list/download. 

The help command still works, but cant do anything useful. Can create and delete directory, but can't transfer files/listings

Anyone have a solution for this?


----------



## rhg (Sep 29, 2003)

The new FTP client now supports FTP Extended Passive Mode which has been invented to be able to deal with IPV6 networks.

If you are interested:
http://www.networksorcery.com/enp/protocol/ftp.htm
http://www.networksorcery.com/enp/rfc/rfc2428.txt

Reading the error messages you encounter, I suspect that the firewall is not yet able to handle this correctly. Try to deactivate the firewall and see if this solves the problem.


----------



## jrod7350 (Sep 29, 2003)

I'm not on a firewall, instead I'm behind a router that has IP forwarding.  I can't turn the router off, so if that's the problem, I'll need another solution.


----------



## rhg (Sep 30, 2003)

Mac OS X has a built-in firewall, this is what I mean. Check if it is activated or not.


----------



## davidbrit2 (Oct 1, 2003)

Try active ftp. Start up the ftp client, connect to the server, and use the command "passive." That will make your client connect to the server on port 20, rather than having the server connect back to you with the data connection. Passive ftp behind a firewall is a pain in the ass. Take it from someone that just had to enable it on Linux with iptables. ;-)


----------



## kilowatt (Oct 3, 2003)

davidbrit2 hit the nail on the head. 

FTP is a major bitch these days. While it can be made easier, there's always some cavet.

I guess this is why so many downloads are http now.


----------



## davidbrit2 (Oct 3, 2003)

Yeah, ftp is great for what it is, but the whole idea of passive clients just doesn't work with modern security. Frankly I think active mode should be made the default for anything outside the subnet. Maybe I'll have to do a little source code hacking. ;-)


----------

