Hello everybody,
I went through the following threads: https://forums.comodo.com/help_for_v3/comodo_and_flashfxp-t26804.0.html;msg195142 (Comodo and FlashFXP?), https://forums.comodo.com/help_for_v2/comodo_firewall_work_with_servu_ftp_server-t15333.0.html (Comodo Firewall work with Serv-U FTP Server) and https://forums.comodo.com/help_for_v2/cfp_and_pasv_ftp_fix-t13775.0.html (CFP and PASV FTP fix).#
All with the same result: people keep talking about problems with certain FTP Servers/FTP clients. My problem is the following: When I connect to any site I cannot get past the LIST command. It just stops there. Comodo Firewall V3.5 does not report anything in the Events window and FlashFXP.exe is set to a trusted application.
When I disable Comodo Firewall, the FTP connection runs through smoothly without a glitch. I also tried Learning mode of Comodo Firewall.
For reference here an FTP Connection Log:
[L] Connecting to ftp.XXX.org -> DNS=ftp.XXX.org IP=XXX PORT=21
[L] Connected to ftp.XXX.org
[L] 220 FTP Server ready.
[L] USER XXX
[L] 331 Password required for XXX
[L] PASS (hidden)
[L] 230 User XXX logged in
[L] SYST
[L] 215 UNIX Type: L8
[L] REST 100
[L] 501 REST: Resuming transfers not allowed in ASCII mode
[L] This site may not allow file resuming
[L] CWD /
[L] 250 CWD command successful
[L] PWD
[L] 257 "/" is the current directory
[L] TYPE A
[L] 200 Type set to A
[L] Listening on PORT: 2516, Waiting for connection.
[L] PORT 192,168,1,2,9,212
[L] 200 PORT command successful
[L] LIST -al
... nothing
Any help appreciated, very weird behavior.
moontear
If training mode does not help, probably there already are some rules that blocks FTP connection. Can you check your firewall rules for svchost.exe?
Good Idea. There were some rules for svchost.exe (Allow all out, Block all in) so I deleted all rules for svchost.exe, deleted all rules for “System”, deleted all rules for explorer.exe and lsass.exe. As far as I am concerned, I deleted all system applications, all rules left are programs like Office, Dreamweaver etc.
still the same result. Also take note that when I try to connect no window pops up (safe mode) to learn some new rules about svchost.exe or any of the other things I deleted, meaning that these are not involved with this particular ftp transaction. As you can see from the log posted above there is no “blocking rule for FTP connection” as I can connect, just that at the LIST command the ftp connection stalls.
Another thing: tried to recreate what FlashFXP does with telnet, meaning I entered all commands (LIST, CWD, PORT…) you see in the log via telnet. Same result. telnet also stalls after the LIST command.
moon
Just one more idea: uncheck Firewall → advanced settings → Attack Detection settings → miscellaneous → Block fragmented IP datagrams
no, same result. and again: no related events recorded in the events window.
BUMP!
This issue has not yet been resolved. Further advice?
small update: it only happens on one of my sites. All others run through smoothly
You may have a rule on the “Global Rules” tab of “Network Security Policy” that interferes. What rules do you have there? It may be a Block rule there that prevents the process - possibly an ICMP message? You could try editing all the rules there by checking the “Log” checkbox for each to get a report on the “Events” page. That may reveal the event that is being blocked.