On Mon, Jul 12, 2004 at 07:31:56PM +0100, Ian Pratt wrote:
> I always forget which end the passive is with respect to: If I
> use the passive-ftp directive, does it work if I'm behind a dumb
> NAT box or outgoing-connections-only firewall? (i.e. I need to
> initiate both connections)
>
> I guess that's the most common case for most users.
Normally the ftp client makes outgoing connection on command port 21, then
the server calls it back from port 20 to send it the file. Passive mode
makes the server wait on port 20 for the client instead, which makes it much
more useful for such dumb NAT boxes.
Of course:
- there aren't many NAT boxes remaining that are *that* dumb. ftp NAT is
pretty much standard nowadays.
- http is an all-around better protocol for (literally!) everything, so if
you're just downloading stuff, use http instead. It uses only one port,
doesn't need a passive mode at all, can pipeline requests to reduce
latency, and most http servers are non-forking so they can handle a
higher load.
Have fun,
Avery
-------------------------------------------------------
This SF.Net email sponsored by Black Hat Briefings & Training.
Attend Black Hat Briefings & Training, Las Vegas July 24-29 -
digital self defense, top technical experts, no vendor pitches,
unmatched networking opportunities. Visit www.blackhat.com
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/xen-devel
|