Bug 81895

Summary: EPSV support sometimes breaks FTP service
Product: [Retired] Red Hat Linux Reporter: Jules Agee <agee>
Component: wu-ftpdAssignee: Thomas Woerner <twoerner>
Status: CLOSED WONTFIX QA Contact: David Lawrence <dkl>
Severity: medium Docs Contact:
Priority: medium    
Version: 8.0   
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2004-01-27 16:53:24 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Jules Agee 2003-01-15 00:03:30 UTC
Description of problem:
EPSV and EPRT commands are now supported, (though they still don't show up on
the man page's list of supported commands) but there is no way to disable them
without also disabling the PASV and PORT commands. This "bug report" is really a
request for a feature: a configuration option to disable support for RFC2428.

Many FTP proxies and firewalls, including freebsd's ipfilter and Cisco's PIX
firewall, don't yet have support for the EPSV command. Some FTP clients
(FreeBSD's, for one) begin with an EPSV command and then fall back to the PASV
command if EPSV isn't supported by the FTP server. 

Unfortunately, if the client is going through a proxy or firewall that doesn't
support EPSV, the FTP server may give a positive response to the EPSV command,
but the firewall will block the client from connecting to the data transfer
port, resulting in broken FTP service. If I could get my FTP server to refuse
EPSV commands, the clients would fall back to using the PASV command which my
firewall understands.

Version-Release number of selected component (if applicable):
wu-ftpd 2.6.2-5

Comment 1 Thomas Woerner 2004-01-27 16:53:24 UTC
Please use vsftpd instead. wu-ftpd is not maintained anymore.