I’m reasonably new to Comodo Firewall after migrating from another solution, but must say it looks good especially given its free status.
I am however having a problem sending files via FTP to a server when the firewall is enabled. I use WS_FTP Pro 2007 to send either JPG or ZIP from my desktop files to a remote server and if the firewall is enabled, the JPG becomes blank and extracting the zip file causes a BAD ZIP FILE message. If I disable the firewall then everything works OK.
This only seems to happen with outgoing traffic. If I FTP the same files from the server to my desktop (through Terminal Services on the server) then everything works ok.
It doesn’t seem to be a WS_FTP problem as the files also get corrupted if I use command line ftp.exe. The controlling factor seems to be the custom/allow-all status of Comodo firewall.
Has anyone else experienced this, or have any suggestions?
Yes, one of the first things I tried. Setting the transfer rate to ASCII does have the same effect even when the firewall is turned off - but it’s definitely set to Binary in WS_FTP and using the ‘bin’ command in ftp.exe.
I must admit that I’m very surprised by this (the possibility that CPF is corrupting outbound FTP binary transfers) & I don’t really have any ideas either. But, if it’s OK with you, I would like to ask a couple of questions…
Can you send ACSII files without corruption?
Are there any corresponding messages in either CPFs log or Windows Event Logs?
Can you try to send a binary file by another FTP Client (ie. Windows FTP.EXE)?
Thanks for your replies and suggestions. Here’s the results…
Firewall ON
WS_FTP sending ASCII text file completes but results in empty file at target
WS_FTP sending Binary JPG/ZIP completes but extracting the zip file fails with ‘error in file #1 bad zip file offset (error bad header signature not found)’ and the jpg says ‘no preview available’
Firewall ON and using Windows ftp.exe
All file types (Ascii/Bin) transfer as 0 bytes
Firewall OFF or CHECKING the ‘Skip advanced security checks’ for WS_FTP
All transfers work ok.
So it looks like the ‘Skip Advanced Security Checks’ option will make things work, but doesn’t explain why the problem is occurring.
Yesterday I transferred some files and updated my web pages using FrontPage 2000 (yeah OK, I know) and a user reported corrupt files (Word doc that Word didn’t recognise). Never happened before and this was the first time I’ve transferred files out via FTP since installing CPF. FTP transfers in have always been OK.
I sorted it out with other FTP transfer programs and they seem OK. I haven’t got to the bottom of it yet, maybe a glitch, or coincidence, or…
I’ve tested a file transfer using FrontPage but it appears to work now although it’s not quite the same process as yesterday. Probably just one of those glitches that happen from time to time. The alarms rang in my head though after reading about Craig’s problem.
They you can enable them step by step to see if they are the guilty.
If nothing works,
Try to disable network monitor and retry to see if network monitor is guilty.
Then Disable application monitor and retry to see if it is guilty but make sure network monitor is ON while doing so.
Please follow my directions exactly and let us know about the results.
It worked and i have allow all activities in application monitor for my ftp-program (LeapFTP), and i unchecked “allow invisible…” and skip advanced…"
In Security->Advanced->Advanced attack detection & prevenetion->Miscellaneous, i have “block fragmented…” and " do protocol…" enabled.
Note: PASSED = files transferred successfully
FAILED = files transferred ok but bad zip file, no jpg preview and empty text file
Test 1 - FAILED
Skip Advanced Security Check = OFF
Network Monitor = ON
App Monitor = ON
Block fragmented IP datagrams = ON [default]
Do Protocol Analysis = ON [default]
Do checksum packet verification = OFF [default]
Test 2 - FAILED
Skip Advanced Security Check = OFF
Network Monitor = ON
App Monitor = ON
Block fragmented IP datagrams = OFF
Do Protocol Analysis = OFF
Do checksum packet verification = OFF [default]
Test 3 - FAILED
Skip Advanced Security Check = OFF
Network Monitor = OFF
App Monitor = ON
Block fragmented IP datagrams = OFF
Do Protocol Analysis = OFF
Do checksum packet verification = OFF [default]
Test 4 - PASSED
Skip Advanced Security Check = OFF
Network Monitor = ON
App Monitor = OFF
Block fragmented IP datagrams = OFF
Do Protocol Analysis = OFF
Do checksum packet verification = OFF [default]
So it looks like it’s something in the application monitor which is causing the problem.
Let me know if there’s anything further I can test
The rule is in the list twice, one for In and one for Out. The entries were added automatically when prompted when the app was first run.
Here’s the settings for In
G:\Program Files\WS_FTP Pro\wsftpgui.exe with Specify a Parent set to G:\WINDOWS\explorer.exe
General: Allow TCP or UDP IN
Dest IP: Any
Dest Port: Any
Misc: All disabled
and for OUT
G:\Program Files\WS_FTP Pro\wsftpgui.exe with Specify a Parent set to G:\WINDOWS\explorer.exe
General: Allow TCP or UDP OUT
Dest IP: Any
Dest Port: Any
Misc: All disabled
Are you still working on this, or is it supposed to be fixed? I found out that if I send a file that has less than 8KB (8192B), the data doesn’t get transferred at all (using Total Commander 6.53 and CPF 2.3.6.81) - there’s just an empty file on the FTP server. Having a file of 8193B or more seems to work OK. The weird thing is that when using the FTP client from FAR manager, the file seems to be stored correctly too (I wonder what FAR does differently).
Have you tried LeapFTP? It works without problems for me.
I have “allow invisibe…” and “skip advanced…” checked in Application monitor.
I use Auto in LeapFTP, and it works great. http://www.leapware.com/
Skip advanced… does the trick for Total Commander too, I forgot to mention that. But it should be possible to use FTP without having to do that - I just wanted to know if it’s still being looked at by the developers.
Hi,
same problem here with FileZilla 2.2.28 and Comodo Firewall 2.3.6.81.
Files seem to be transferred to the server, but they have 0 bytes at the end.
Except large files, they are okay.
Filezilla rules: tcp/udp in/out allowed
Network Monitor on/off: doesn´t work
Application Monitor on: doesn´t work
Application Monitor off: works!
Advanced Attack Detection and Prevention - Miscellaneous:
Block fragmented IP datagramms on/off - doesn´t work
Do protocol analysis on/off - doesn´t work
(other entries are disabled)
If this can´t be solved, i have to uninstall it. I don´t want to change my ftp software.