This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
Home Products Support Community News


Re: [Xen-devel] in the makefile for wget ftp:// etc.

To: Ian Pratt <Ian.Pratt@xxxxxxxxxxxx>
Subject: Re: [Xen-devel] in the makefile for wget ftp:// etc.
From: Avery Pennarun <apenwarr@xxxxxx>
Date: Mon, 12 Jul 2004 15:11:53 -0400
Cc: ron minnich <rminnich@xxxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxxx
Delivery-date: Mon, 12 Jul 2004 20:15:22 +0100
Envelope-to: steven.hand@xxxxxxxxxxxx
In-reply-to: <E1Bk5am-0000lI-00@xxxxxxxxxxxxxxxxx>
List-archive: <http://sourceforge.net/mailarchive/forum.php?forum=xen-devel>
List-help: <mailto:xen-devel-request@lists.sourceforge.net?subject=help>
List-id: List for Xen developers <xen-devel.lists.sourceforge.net>
List-post: <mailto:xen-devel@lists.sourceforge.net>
List-subscribe: <https://lists.sourceforge.net/lists/listinfo/xen-devel>, <mailto:xen-devel-request@lists.sourceforge.net?subject=subscribe>
List-unsubscribe: <https://lists.sourceforge.net/lists/listinfo/xen-devel>, <mailto:xen-devel-request@lists.sourceforge.net?subject=unsubscribe>
References: <Pine.LNX.4.44.0407121127190.28940-100000@xxxxxxxxxxxxxxxxx> <E1Bk5am-0000lI-00@xxxxxxxxxxxxxxxxx>
Sender: xen-devel-admin@xxxxxxxxxxxxxxxxxxxxx
User-agent: Mutt/1.3.28i
On Mon, Jul 12, 2004 at 07:31:56PM +0100, Ian Pratt wrote:

> I always forget which end the passive is with respect to: If I
> use the passive-ftp directive, does it work if I'm behind a dumb
> NAT box or outgoing-connections-only firewall?  (i.e. I need to
> initiate both connections)
> I guess that's the most common case for most users.

Normally the ftp client makes outgoing connection on command port 21, then
the server calls it back from port 20 to send it the file.  Passive mode
makes the server wait on port 20 for the client instead, which makes it much
more useful for such dumb NAT boxes.

Of course:

 - there aren't many NAT boxes remaining that are *that* dumb.  ftp NAT is
   pretty much standard nowadays.
 - http is an all-around better protocol for (literally!) everything, so if
   you're just downloading stuff, use http instead.  It uses only one port,
   doesn't need a passive mode at all, can pipeline requests to reduce
   latency, and most http servers are non-forking so they can handle a
   higher load.
Have fun,


This SF.Net email sponsored by Black Hat Briefings & Training.
Attend Black Hat Briefings & Training, Las Vegas July 24-29 - 
digital self defense, top technical experts, no vendor pitches, 
unmatched networking opportunities. Visit www.blackhat.com
Xen-devel mailing list