Hi! I’ve been using the firewall for quite a while and like it a lot but recently I ran into a problem running my ftp server. I’ve had it running with comodo firewall before successfully, but for some reason it’s now giving me problems with passive mode specifically.
When entering passive mode, the client simply receives the wrong port. The port number information gets corrupted by comodo firewall for some reason. For example, the server sent the port number (136, 197) = 35013 after the client’s PASV request (my allowed port range is 35000-36000), and the client received the port number (19,137) = 5001. The client’s attempt at opening a data connection to port 5001 on the server fails of course.
I turned off the firewall temporarily, and the problem disappeared, so obviously the firewall is corrupting the port number (consistently, I might add.) Anyone have any clue how to solve this? ???
I wish it was, but my windows firewall has been disabled the whole time. I’ve also rebooted multiple times while having the windows firewall disabled so I truly doubt it is that. And yes I did check and double and triple check it.
Edit: For clarity’s sake, I have not had windows firewall enabled at any circumstance, at any point except for the first few seconds that it took me to turn it off after OS installation.
Some firewalls, including, Windows Firewall, do change ftp PORT command while FTPing. CPF does not touch this. I have seen Windows Firewall doing so. do you have any other port forwarding, firewall installed ?
It seems you may have misunderstood - no PORT command is issued, as the problem lies in using passive mode. The client sends a simple PASV request and the server returns with a 227 Entering Passive Mode message. Active mode, where the client issues a PORT command to define which port it wants the ftp server to connect to, works without a hinch.
Nevertheless, I do not have any other port forwarding firewall installed either. My physical connection also runs straight through a dumb hub to a dsl modem (my ISP offers 5 unique IP addresses per connection which is why I have it set up this way.)
And if I may reiterate, the problem disappears when I set CPF’s Computer Security Level to Allow All from the main slider, which is, of course, not a solution. This is what initially caused me to believe (and still does) that the problem exists within CPF.
I see. For passive mode, CPF does not do anything at all. I recommend activating “Create an alert when this rule is fired” for all rules(including allow) and retry. Then please please export your CPF logs and if possible, attach a packet sniffer dump for me to see.