Why am I getting "ILLEGAL PORT COMMAND" messages?

Why am I getting "ILLEGAL PORT COMMAND" messages?

Post by Martijn S. Herbe » Tue, 06 Jul 1999 04:00:00



Hello,

I suppose this is somewhat of a newbie question, but it sure beats me.

I am trying to download some files from the dutch freebsd
mirror--ftp.nl.freebsd.org
I fire up ncftp and go to ftp.nl.freebsd.org.

I log on as "ftp" with my email address as passwd, then go to the
3.2-RELEASE directory.

I do "ls" to see what's there. Works fine. Then I try "get" to get the
file I want and I am told that was  an "Illegal port command"

I try another "ls" to see if maybe I mis-typed the filename (that
wouldn't give an "illegal port command" but hey, I didn't know what was
going on). Again, I get an "illegal port command". What the ... ?

So I logout, then reconnect to the ftp server. I do an ls in the /
directory. Works fine. I do another ls. It says again "Illegal port
command". I experiment some more: whatever command I igve which returns
output to me i.e, "ls", "get", "mget" etc. works fine *once*, then the
second time it gives me an "illegal port command".

It doesn't matter which of those commands I use. I can also still type
"cd" and "pwd" every time, but no longer "ls", "get" or "mget" after
having used either of them *once*.

I have the same problem when I use the vanilla "ftp" program, and when I
try a master site like ftp.cdrom.com

I'm running release 3.1 on a pentium 200, and work from a LAN connected
to the internet via a dial-up line.

What is going on here? Can anyone tell me *why* I get "illegal port
command" messages for commands which are obviously very *legal* ?

This is driving me pretty crazy...  Thanks for any help you can give...

Martijn Herber

 
 
 

Why am I getting "ILLEGAL PORT COMMAND" messages?

Post by Chad O Hulber » Tue, 06 Jul 1999 04:00:00



> Hello,

> I suppose this is somewhat of a newbie question, but it sure beats me.

> I am trying to download some files from the dutch freebsd
> mirror--ftp.nl.freebsd.org
> I fire up ncftp and go to ftp.nl.freebsd.org.

> I log on as "ftp" with my email address as passwd, then go to the
> 3.2-RELEASE directory.

    If you're logging in manually, use `anonymous' as your username.

--

"Speed is subsittute fo accurancy."

 
 
 

Why am I getting "ILLEGAL PORT COMMAND" messages?

Post by Martijn S. Herbe » Tue, 06 Jul 1999 04:00:00



>     If you're logging in manually, use `anonymous' as your username.

I tried that--it didn't work. Again--"ILLEGAL PORT COMMAND".

The funny thing is, programs like fetch work just fine... Put they can't
get directories as a whole, so I can't
use them for what I need...

> --

> "Speed is subsittute fo accurancy."

 
 
 

Why am I getting "ILLEGAL PORT COMMAND" messages?

Post by Gregory Bon » Wed, 07 Jul 1999 04:00:00



Quote:>     If you're logging in manually, use `anonymous' as your username.

for ftp, the usernames "anonymous" and "ftp" are the same.

The original poster's problem sounds quite odd.  Is there a firewall
or proxy involved?

 
 
 

Why am I getting "ILLEGAL PORT COMMAND" messages?

Post by Martijn S. Herbe » Wed, 07 Jul 1999 04:00:00


Hi all,


> The original poster's problem sounds quite odd.  Is there a firewall or

proxy involved?

AFAIK; no there isn't. It's a very simple network : a company LAN
connected to an ISP via a dial-up line, with
a Cisco gateway/router handling connection between LAN and ISP.  No
firewalls, no proxies. Maybe the ISP has some kind of firewall, but I
doubt they'd do anything like disallow FTPing. Besides, fetch works fine.

This is really *y annoying!

Thanks for any help--even if it doesn't ;-)

Martijn Herber

 
 
 

Why am I getting "ILLEGAL PORT COMMAND" messages?

Post by Scott Klemen » Thu, 08 Jul 1999 04:00:00


Hmmm... not sure if this will help you, but perhaps I can shed some light on what the
message "Illegal port command" means.

When you connect do an "ls" or "get" command, your FTP client sets up a port on your
local machine to receive the information that the server will send to it.   It opens a port,
starts listening for a TCP connection to that port.  When FTP works correctly, the server
will send all of the requested data to that port, and then the client will close it.

In order to tell the server which port it wants the data delivered to, the FTP client
sends the server a "PORT" command.  This command tells the server what IP address and port to make a connection to, in order to transfer your data.

Each time you do a different "ls" or "get" command, it sends a new PORT command,
and probably connects to a different port.

Its possible that your company's LAN is running a firewall or proxy that is blocking the
port that your copy of ncftp is trying to tell the server to send to.   Its also possible that
there is a bug in your copy of ncftp (though, that seems a bit unlikely, IMHO)

In any case, theres something wrong with the IP address and port that your client
is telling the server to connect with.

One possible workaround would be to try using passive mode on your FTP
transfers...   In this mode, the client makes the connection to the server, rather than
vice-versa.   It might also be useful to try a different FTP client, or perhaps use a
"debug" mode that'll show the PORT command that's being sent.   Then you could
check your firewall settings to see if its being blocked or not...

HTH


> Hello,

> I suppose this is somewhat of a newbie question, but it sure beats me.

> I am trying to download some files from the dutch freebsd
> mirror--ftp.nl.freebsd.org
> I fire up ncftp and go to ftp.nl.freebsd.org.

> I log on as "ftp" with my email address as passwd, then go to the
> 3.2-RELEASE directory.

> I do "ls" to see what's there. Works fine. Then I try "get" to get the
> file I want and I am told that was  an "Illegal port command"

> I try another "ls" to see if maybe I mis-typed the filename (that
> wouldn't give an "illegal port command" but hey, I didn't know what was
> going on). Again, I get an "illegal port command". What the ... ?

> So I logout, then reconnect to the ftp server. I do an ls in the /
> directory. Works fine. I do another ls. It says again "Illegal port
> command". I experiment some more: whatever command I igve which returns
> output to me i.e, "ls", "get", "mget" etc. works fine *once*, then the
> second time it gives me an "illegal port command".

> It doesn't matter which of those commands I use. I can also still type
> "cd" and "pwd" every time, but no longer "ls", "get" or "mget" after
> having used either of them *once*.

> I have the same problem when I use the vanilla "ftp" program, and when I
> try a master site like ftp.cdrom.com

> I'm running release 3.1 on a pentium 200, and work from a LAN connected
> to the internet via a dial-up line.

> What is going on here? Can anyone tell me *why* I get "illegal port
> command" messages for commands which are obviously very *legal* ?

> This is driving me pretty crazy...  Thanks for any help you can give...

> Martijn Herber


 
 
 

1. FTP problems "Illegal PORT command" and "Illegal seek"

I've seen this question come up lots and lots of times, but no one ever
seems to follow up with an answer.  Here it is.

The problem is a bug in wu-ftpd.  It's not Linux-specific, either, as far
as I can tell.

wu-ftpd is too aggressive about rejecting PORT assignments to IP addresses
that don't match the one that issued the request.  When one attempts to
do a data transfer (directory listing or file transfer) to a host running
wu-ftp from a host whose IP is masqueraded somehow, wu-ftpd says no and
echoes an error.

If you are:

1) Behind a security firewall of some sort
2) Using a proxy FTP server
3) Using SOCKS
4) Using ssh port redirection
5) Using slirp port redirection
6) Redirecting ports in any way, shape or form
7) Using some sort of IP address rewriting or masquerading

you're affected.  Because there are a heck of a lot of people who fall into
one of the above categories, I'd say this is a pretty serious bug in
wu-ftpd, especially given its popularity.

Interestingly, there have been cases where I've been able to use a wu-ftpd
server from behind my masqueraded dialup, but >95% of the time I can't.
Nevertheless I am confident that the bug is in wu-ftpd, because I've *only*
seen this behavior when connecting to wu-ftpd servers, and *only* when
doing so from behind a masqueraded IP connection.

Thanks to Donovan Kolbly for diagnosing this problem.

See <http://www.chiark.greenend.org.uk/debian/Bugs/db/13/13178.html> for his
analysis.

Now let's get on to the authors of wu-ftpd to fix this problem.  It could
either be patched to work better, or this checking could simply be
disabled.  There are far more legitimate users in the above seven
categories than crackers.

Permission is hereby granted to forward/crosspost this article anywhere it
may do some good.  I'd desperately like to see this bug fixed.

--
 "The errors of great men are venerable because they  | G. Branden Robinson
  are more fruitful than the truths of little men."   | Purdue University

2. NFS3

3. "illegal port command" error when ftping over a linux router

4. Group ID maximum

5. ftp "500 Illegal port command" help please!

6. SS20 connection to NTS?

7. Why am I getting "ether: unknown host"?

8. cdrom informations

9. Why "ping" can't recognize the "icmp: echo reply" message ?

10. Q: Why am I getting "Sorry - PPP is not available on this system"?????

11. GETSERVBYNAME()????????????????????"""""""""""""

12. Why my "chmod" command can't change the "/home "

13. ps command failed and produced "Bus error" or "Segmentation fault" messages