Bug 4345 - [PATCH]: Active FTP mode for RPM.
Summary: [PATCH]: Active FTP mode for RPM.
Keywords:
Status: CLOSED UPSTREAM
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: rpm
Version: 7.1
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Paul Nasrat
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 1999-08-04 08:24 UTC by Pekka Savola
Modified: 2007-04-18 16:23 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Enhancement
Doc Text:
Clone Of:
Environment:
Last Closed: 2005-09-29 14:54:10 UTC


Attachments (Terms of Use)
Preliminary patch for RPM-4.0. (3.48 KB, patch)
2000-07-04 10:22 UTC, Pekka Savola
no flags Details | Diff

Description Pekka Savola 1999-08-04 08:24:01 UTC
Actually this is more of a suggestion than bug but here it
comes..

RPM seens to always use passive FTP.  There are some
firewall implementations (we have one; I think it's based on
tis fwtk proxy package on freebsd) where passive FTP does
_NOT_ work with otherwise correct ftp proxy settings -
active mode is required.  This might be the case with other
proxy-firewalls too.

I'd like to see an option like --ftp-active or something
done.  As it is, we can't do Redhat FTP installs or
updates w/ RPM now.

Comment 1 Pekka Savola 2000-07-04 10:22:36 UTC
Created attachment 858 [details]
Preliminary patch for RPM-4.0.

Comment 2 Pekka Savola 2000-07-15 20:00:54 UTC
Some more rationale:

 - TIS FWTK can't cope with passive FTP (if you get it to work, please
tell me how ;) -- this is probably a problem with many other real proxy
firewalls with DMZ's too.
 - Some Stateful firewalls can create dynamic access lists for active
mode, but don't support passive (and thus active mode is more secure)
 - Some FTP servers have passive FTP mode disabled (usually tied to below)
 - Some FTP servers are behind a restrictive packet filtering firewall
which allows only active FTP (this can create a situation where client
firewall/program only allows one mode, the server firewall the other).



Comment 3 Paul Nasrat 2005-09-29 14:54:10 UTC
This feature request is not being considered for current RPM development, users
are encouraged to use dependency solvers which have better handling of remote
package fetching than rpm cli.

To petition this feature into upstream rpm please use the rpm-devel list:

https://lists.dulug.duke.edu/mailman/listinfo/rpm-devel


Note You need to log in before you can comment on or make changes to this bug.