Outbound port on sockets
Diez B. Roggisch
deets at nospam.web.de
Thu Sep 14 11:42:42 EDT 2006
bmearns schrieb:
> Passive mode is implemented, the client isn't trying to use it.
> Besides, that doesn't really help me anyway, all it means is that I
> have to resolve port forwarding for the server, instead of for the
> client.
>
> I think what this basically comes down to is that either with PASV or
> PORT, there's a relatively arbitrary port number being specified, and I
> can't figure out how to get my router to forward it since I don't know
> what it will be in advance, short of forwarding all the 64 thousand
> some odd valid ports.
But you can restrict the numbers of ports the server will use to a
certain range! It's common for ftp to allow only for so many connections
at the same time, so reserve a port-range of 20 or so for your server
and configure the router to forward them.
> The thing that gets me is that I can connect to the other FTP servers,
> and (according to the responses echoed by the command line FTP client),
> they're using PORT, not PASV. So somehow, my client is specifying some
> arbitrary port for the server to connect to, and that port is actually
> being forwarded through my router.
No idea how that happens, but there are protocol aware fire walls.
Diez
More information about the Python-list
mailing list