CGI/Perl Guide | Learning Center | Forums | Advertise | Login
Site Search: in

  Main Index MAIN
INDEX
Search Posts SEARCH
POSTS
Who's Online WHO'S
ONLINE
Log in LOG
IN

Home: Perl Programming Help: Beginner:
Secure FTP in Explicit mode - 2

 



ogit2
Novice

Sep 28, 2017, 7:07 AM

Post #1 of 2 (705 views)
Secure FTP in Explicit mode - 2 Can't Post

Hi

Created new post as existing post

Quote
http://www.perlguru.com/gforum.cgi?post=84293;sb=post_latest_reply;so=ASC;forum_view=forum_view_collapsed;;page=unread#unread

will not update.

HISTORY - Prev. References

Quote
We need to use secure FTP in Explicit mode and ideally would like to do this within Perl. We are currently using use Net::FTP but this option will no longer be available to us as provider is going to switch us off.

We are using ActiveState and have successfully installed the Net::SFTP::Foreign and Net::FTPSSL modules using CPAN. Net::SFTP and Net::SSH2 will not install. Net::FTPSSL seems to be promising and have made some progress - see below. A working example would be really appreciated.


We have made some progress but still not over the hurdle. We are now getting exactly the same error as per quote below. What IP should we be entering in the override IP address (our local machine IP, our gateway IP, our corporate IP) as we don't quite understand what the quote below means. We have entered the published IP address and get the following error when we try to put the file. We have tried their FTP IP and still get the same error. Our local IP address gets a refused connection. We are on a WAN with a managed firewall.

ERROR

Quote
>>> CWD /PWImages/InReq
<<< 250 CWD command successful.
>>> PASV
<<< 227 Entering Passive Mode (172,24,16,207,196,222).
>>> TYPE I
<<< 200 Type set to I.
>>> PBSZ 0
<<< 200 PBSZ command successful.
>>> PROT P
<<< 200 PROT command successful.
>>> PASV
<<< 227 Entering Passive Mode (172,24,16,207,195,233).
--- Overriding PASV IP Address 172.24.16.207 with xxx.xxx.xxx.xxx
--- Host (xxx.xxx.xxx.xxx) Port (50153)
connect: A connection attempt failed because the connected party did not properl
y respond after a period of time, or established connection failed because conne
cted host has failed to respond. at C:/Perl/lib/Net/SSLeay/Handle.pm line 229.

D:\Transoft\TRANSPORT IMPORT FILES\TRANSLATIONS>


QUOTE

Quote
So, you already said that you tried OverridePASV and this didn't work. Usually, this is the obvious fix, since several FTP servers incorrectly return their IP address in the answer to the PASV command. If they are behind a firewall, etc., their outward-facing IP address is not the one that they return.
Since you are talking to the server from the WAN, not it's internal LAN, setting up the PASV connection to the IP address it gives you just hangs. When you use OverridePASV, you can force the passive connection to use the WAN IP address (i.e. the address that you used to connect to it).
Given that OverridePASV didn't work, the problem is more likely that your FTP server is behind a firewall that doesn't allow the passive connection to complete (i.e. the port that the FTP server sets up doesn't get port-forwarded from the WAN) or the FTP server doesn't support passive. Net::FTPSSL only does passive (leastwise the version of the code that I'm looking at, marked 0.31). If the FTP server that you're talking to doesn't support PASV or you can't get through to the passive port, the connection will often hang until it times out. It is probable that FileZilla is using PORT instead of PASV, which is why it works.

Added - 29th September 2017
Host - ftp.host.net
Port 21
Will need to be in passive mode
You will need to make sure the file isnít locked by your TMS system when transferring.
Also make sure it is FTPS and not SFTP




Code
#!C:\Perl\bin\perl.exe 
use Net::FTPSSL;

my $ftp_site = 'ftpsite';
my $ftp_user = 'user';
my $ftp_password = 'password';
my $overideip = 'xxx.xxx.xxx.xxx';

my $ftps = Net::FTPSSL->new($ftp_site, Port => 21, Encryption => EXP_CRYPT, Croak => 1, Trace => 1, OverridePASV => "xxx.xxx.xxx.xxx", Debug => 2) or die "Can't open [SERVERNAME]\n$Net::FTPSSL::ERRSTR";
$ftps->login($ftp_user, $ftp_password) or die "Can't login: ";
$ftps->cwd("/Images") or die "Can't change directory: ";
$ftps->quot("PASV");
$ftps->binary() or die "Can't change directory: ";
$ftps->put("test.tif") or die "Can't get file: ";
$ftps->quit();



(This post was edited by ogit2 on Sep 29, 2017, 9:17 AM)


ogit2
Novice

Oct 2, 2017, 9:50 AM

Post #2 of 2 (669 views)
Re: [ogit2] Secure FTP in Explicit mode - 2 [In reply to] Can't Post

I finally have success. Still a little work to do on our side but it works.

The code does the trick and hopefully will be useful to a lot of other people. The magic was to set the OverridePASV IP to the IP of the FTP site.


Code
my $ftps = Net::FTPSSL->new($ftp_site, Port => 21, Encryption => EXP_CRYPT, Croak => 1, Trace => 1, OverridePASV => "xxx.xxx.xxx.xxx", Debug => 2) or die "Can't open [SERVERNAME]\n$Net::FTPSSL::ERRSTR";


 
 


Search for (options) Powered by Gossamer Forum v.1.2.0

Web Applications & Managed Hosting Powered by Gossamer Threads
Visit our Mailing List Archives