Bug 81895 - EPSV support sometimes breaks FTP service
EPSV support sometimes breaks FTP service
Product: Red Hat Linux
Classification: Retired
Component: wu-ftpd (Show other bugs)
All Linux
medium Severity medium
: ---
: ---
Assigned To: Thomas Woerner
David Lawrence
Depends On:
  Show dependency treegraph
Reported: 2003-01-14 19:03 EST by Jules Agee
Modified: 2007-04-18 12:49 EDT (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2004-01-27 11:53:24 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Jules Agee 2003-01-14 19:03:30 EST
Description of problem:
EPSV and EPRT commands are now supported, (though they still don't show up on
the man page's list of supported commands) but there is no way to disable them
without also disabling the PASV and PORT commands. This "bug report" is really a
request for a feature: a configuration option to disable support for RFC2428.

Many FTP proxies and firewalls, including freebsd's ipfilter and Cisco's PIX
firewall, don't yet have support for the EPSV command. Some FTP clients
(FreeBSD's, for one) begin with an EPSV command and then fall back to the PASV
command if EPSV isn't supported by the FTP server. 

Unfortunately, if the client is going through a proxy or firewall that doesn't
support EPSV, the FTP server may give a positive response to the EPSV command,
but the firewall will block the client from connecting to the data transfer
port, resulting in broken FTP service. If I could get my FTP server to refuse
EPSV commands, the clients would fall back to using the PASV command which my
firewall understands.

Version-Release number of selected component (if applicable):
wu-ftpd 2.6.2-5
Comment 1 Thomas Woerner 2004-01-27 11:53:24 EST
Please use vsftpd instead. wu-ftpd is not maintained anymore.

Note You need to log in before you can comment on or make changes to this bug.