I got "ConnectionRefusedError" when I try to list an FTP server

Question

I have a simple script to connect into a FTP server:

from ftplib import FTP

# Here is fine
ftp = FTP(host='')
ftp.login(user='', passwd='')
ftp.cwd('/test/')

# Here I got the error
ftp.nlst()

The connection it is just fine, the error is happening every time that I try to use commands to list the FTP directory, such as nlst, dir or even retrlines('LIST'):

230 Login successful.
250 Directory successfully changed.
Traceback (most recent call last):
  File "scripts/test.py", line 6, in <module>
    print(a.nlst())
  File "/usr/lib/python3.5/ftplib.py", line 558, in nlst
    self.retrlines(cmd, files.append)
  File "/usr/lib/python3.5/ftplib.py", line 467, in retrlines
    with self.transfercmd(cmd) as conn, \
  File "/usr/lib/python3.5/ftplib.py", line 398, in transfercmd
    return self.ntransfercmd(cmd, rest)[0]
  File "/usr/lib/python3.5/ftplib.py", line 360, in ntransfercmd
    source_address=self.source_address)
  File "/usr/lib/python3.5/socket.py", line 712, in create_connection
    raise err
  File "/usr/lib/python3.5/socket.py", line 703, in create_connection
    sock.connect(sa)
ConnectionRefusedError: [Errno 111] Connection refused

I already tested the connection with FileZilla and it is working fine, this error just happens when I try to list the directory with python. If I try to retrieve files or create directories through python it will work, only the "list" commands that gives the problem.

Environment: I'm using debian 9 with python3.5

I already reinstalled both pythons (2 and 3) in my machine but didn't worked. Also, I tested the same script in a Linux Mint that I have and it is working fine. Could someone know what this could be? Thanks.

[EDIT]

This is the FileZilla log (debug mode) when I connect to the same FTP server:

Trace:  CControlSocket::SendNextCommand()
Trace:  CFtpLogonOpData::Send() in state 0
Status: Connecting to XX.XXX.XXX.XXX:21...
Status: Connection established, waiting for welcome message...
Trace:  CFtpControlSocket::OnReceive()
Response:   220 (vsFTPd 3.0.3)
Trace:  CFtpLogonOpData::ParseResponse() in state 1
Trace:  CControlSocket::SendNextCommand()
Trace:  CFtpLogonOpData::Send() in state 2
Command:    AUTH TLS
Trace:  CFtpControlSocket::OnReceive()
Response:   530 Please login with USER and PASS.
Trace:  CFtpLogonOpData::ParseResponse() in state 2
Trace:  CControlSocket::SendNextCommand()
Trace:  CFtpLogonOpData::Send() in state 3
Command:    AUTH SSL
Trace:  CFtpControlSocket::OnReceive()
Response:   530 Please login with USER and PASS.
Trace:  CFtpLogonOpData::ParseResponse() in state 3
Status: Insecure server, it does not support FTP over TLS.
Trace:  CControlSocket::SendNextCommand()
Trace:  CFtpLogonOpData::Send() in state 5
Command:    USER xxxxxx
Trace:  CFtpControlSocket::OnReceive()
Response:   331 Please specify the password.
Trace:  CFtpLogonOpData::ParseResponse() in state 5
Trace:  CControlSocket::SendNextCommand()
Trace:  CFtpLogonOpData::Send() in state 5
Command:    PASS ************
Trace:  CFtpControlSocket::OnReceive()
Response:   230 Login successful.
Trace:  CFtpLogonOpData::ParseResponse() in state 5
Trace:  CControlSocket::SendNextCommand()
Trace:  CFtpLogonOpData::Send() in state 6
Command:    SYST
Trace:  CFtpControlSocket::OnReceive()
Response:   215 UNIX Type: L8
Trace:  CFtpLogonOpData::ParseResponse() in state 6
Trace:  CControlSocket::SendNextCommand()
Trace:  CFtpLogonOpData::Send() in state 7
Command:    FEAT
Trace:  CFtpControlSocket::OnReceive()
Response:   211-Features:
Response:    EPRT
Response:    EPSV
Response:    MDTM
Response:    PASV
Response:    REST STREAM
Response:    SIZE
Response:    TVFS
Response:   211 End
Trace:  CFtpLogonOpData::ParseResponse() in state 7
Status: Server does not support non-ASCII characters.
Status: Logged in
Trace:  Measured latency of 40 ms
Trace:  CFtpControlSocket::ResetOperation(0)
Trace:  CControlSocket::ResetOperation(0)
Trace:  CFileZillaEnginePrivate::ResetOperation(0)
Status: Retrieving directory listing...
Trace:  CControlSocket::SendNextCommand()
Trace:  CFtpListOpData::ListSend() in state 0
Trace:  CFtpChangeDirOpData::Send() in state 0
Trace:  CFtpChangeDirOpData::Send() in state 1
Command:    PWD
Trace:  CFtpControlSocket::OnReceive()
Response:   257 "/" is the current directory
Trace:  CFtpChangeDirOpData::ParseResponse() in state 1
Trace:  CFtpControlSocket::ResetOperation(0)
Trace:  CControlSocket::ResetOperation(0)
Trace:  CControlSocket::ParseSubcommandResult(0)
Trace:  CFtpListOpData::SubcommandResult() in state 1
Trace:  CControlSocket::SendNextCommand()
Trace:  CFtpListOpData::ListSend() in state 2
Trace:  CFtpRawTransferOpData::Send() in state 1
Command:    TYPE I
Trace:  CFtpControlSocket::OnReceive()
Response:   200 Switching to Binary mode.
Trace:  CFtpRawTransferOpData::ParseResponse() in state 1
Trace:  CControlSocket::SendNextCommand()
Trace:  CFtpRawTransferOpData::Send() in state 2
Command:    PASV
Trace:  CFtpControlSocket::OnReceive()
Response:   227 Entering Passive Mode (0,0,0,0,195,59).
Trace:  CFtpRawTransferOpData::ParseResponse() in state 2
Status: Server sent passive reply with unroutable address. Using server address instead.
Trace:    Reply: 0.0.0.0, peer: XX.XXX.XXX.XXX
Trace:  CControlSocket::SendNextCommand()
Trace:  CFtpRawTransferOpData::Send() in state 4
Trace:  Binding data connection source IP to control connection source IP XX.XXX.XXX.XXX
Command:    LIST
Trace:  CTransferSocket::OnConnect
Trace:  CFtpControlSocket::OnReceive()
Response:   150 Here comes the directory listing.
Trace:  CFtpRawTransferOpData::ParseResponse() in state 4
Trace:  CControlSocket::SendNextCommand()
Trace:  CFtpRawTransferOpData::Send() in state 5
Trace:  CTransferSocket::OnReceive(), m_transferMode=0
Trace:  CTransferSocket::TransferEnd(1)
Trace:  CFtpControlSocket::TransferEnd()
Trace:  CFtpControlSocket::OnReceive()
Response:   226 Directory send OK.
Trace:  CFtpRawTransferOpData::ParseResponse() in state 7
Trace:  CFtpControlSocket::ResetOperation(0)
Trace:  CControlSocket::ResetOperation(0)
Trace:  CControlSocket::ParseSubcommandResult(0)
Trace:  CFtpListOpData::SubcommandResult() in state 3
Trace:  CFtpControlSocket::ResetOperation(0)
Trace:  CControlSocket::ResetOperation(0)
Status: Directory listing of "/" successful
Trace:  CFileZillaEnginePrivate::ResetOperation(0)
Status: Retrieving directory listing of "/test"...
Trace:  CControlSocket::SendNextCommand()
Trace:  CFtpListOpData::ListSend() in state 0
Trace:  CFtpChangeDirOpData::Send() in state 0
Trace:  CFtpChangeDirOpData::Send() in state 4
Command:    CWD files
Trace:  CFtpControlSocket::OnReceive()
Response:   250 Directory successfully changed.
Trace:  CFtpChangeDirOpData::ParseResponse() in state 4
Trace:  CControlSocket::SendNextCommand()
Trace:  CFtpChangeDirOpData::Send() in state 5
Command:    PWD
Trace:  CFtpControlSocket::OnReceive()
Response:   257 "/test" is the current directory
Trace:  CFtpChangeDirOpData::ParseResponse() in state 5
Trace:  CFtpControlSocket::ResetOperation(0)
Trace:  CControlSocket::ResetOperation(0)
Trace:  CControlSocket::ParseSubcommandResult(0)
Trace:  CFtpListOpData::SubcommandResult() in state 1
Trace:  CControlSocket::SendNextCommand()
Trace:  CFtpListOpData::ListSend() in state 2
Trace:  CFtpRawTransferOpData::Send() in state 2
Command:    PASV
Trace:  CFtpControlSocket::OnReceive()
Response:   227 Entering Passive Mode (0,0,0,0,167,55).
Trace:  CFtpRawTransferOpData::ParseResponse() in state 2
Status: Server sent passive reply with unroutable address. Using server address instead.
Trace:    Reply: 0.0.0.0, peer: XX.XXX.XXX.XXX
Trace:  CControlSocket::SendNextCommand()
Trace:  CFtpRawTransferOpData::Send() in state 4
Trace:  Binding data connection source IP to control connection source IP XX.XXX.XXX.XXX
Command:    LIST
Trace:  CTransferSocket::OnConnect
Trace:  CFtpControlSocket::OnReceive()
Response:   150 Here comes the directory listing.
Trace:  CFtpRawTransferOpData::ParseResponse() in state 4
Trace:  CControlSocket::SendNextCommand()
Trace:  CFtpRawTransferOpData::Send() in state 5
Trace:  CTransferSocket::OnClose(0)
Trace:  CTransferSocket::TransferEnd(1)
Trace:  CFtpControlSocket::TransferEnd()
Trace:  CFtpControlSocket::OnReceive()
Response:   226 Directory send OK.
Trace:  CFtpRawTransferOpData::ParseResponse() in state 7
Trace:  CFtpControlSocket::ResetOperation(0)
Trace:  CControlSocket::ResetOperation(0)
Trace:  CControlSocket::ParseSubcommandResult(0)
Trace:  CFtpListOpData::SubcommandResult() in state 3
Trace:  CFtpControlSocket::ResetOperation(0)
Trace:  CControlSocket::ResetOperation(0)
Status: Directory listing of "/test" successful
Trace:  CFileZillaEnginePrivate::ResetOperation(0)

Just reminding that the code is working fine in another machines, the problem is happening only in Debian when I try to list any directory in the FTP.

Thanks!

Answer 1

Command:    PASV  
Response:   227 Entering Passive Mode (0,0,0,0,195,59).  
Status: Server sent passive reply with unroutable address. Using server address instead.

Your FTP server is misconfigured. Or rather suffers from a vsftpd bug described in vsftpd returns 0,0,0,0 in response to PASV.

While FileZilla can heuristically workaround that, many other FTP clients and libraries will (rightfully) fail.

I cannot imagine how your code can work on "other machines". Unless a firewall/NAT between their and the FTP server networks fix the 227 response (unlikely). If you want to investigate that further (probably not worth it), we need log files of FTP sessions of your program (e.g. using Wireshark of server-side logs).