0

I have an Android application which needs to do some FTP tasks at particular points of the operation:

  • Upload a list of files from phone folder to FTP host
  • Get list of files in FTP host folder
  • Download selected files from FTP to phone, erasing a file from FTP host after download

It is code and working nicely under FTP, but when I go to FTPS (DDL/TLS), it all goes wrong, with the above message.

Download:

2020-08-20 20:45:45.556 17674-18751/com.centralock.android.app.centralock I/System.out: PORT 10,1,10,46,165,169

2020-08-20 20:45:45.716 17674-18751/com.centralock.android.app.centralock I/System.out: 200 PORT command successful

2020-08-20 20:45:45.732 17674-18751/com.centralock.android.app.centralock I/System.out: STOR Folder1/Folder2/File1.txt

2020-08-20 20:47:53.207 17674-18751/com.centralock.android.app.centralock I/System.out: 425 Unable to build data connection: Connection timed out

The attempt to list files does the same thing.

I found some code I thought might help: SSLSessionReuseFTPSClient / prepareDataSocket, but I don't think I installed it properly: I just included the code in my FTP management class file .

Dima Kozhevin
  • 3,602
  • 9
  • 39
  • 52
user13205890
  • 11
  • 1

2 Answers2

0

... I/System.out: PORT 10,1,10,46,165,169

The PORT command indicates that you are using active mode in FTP. In active mode the server creates a connection to the client to transfer the data. This mode is known to cause massive problems if there is a firewall in the way or some NAT or Carrier Grade NAT done, i.e. typical access from home network to the internet or from mobile networks.

The infrastructure (firewall, NAT) might try to add the necessary firewall and translation rules for the connection from server to client, but for this visibility to the PORT commands is needed. With FTPS the control connection is encrypted though and thus visibility is not possible. That's why it fails with FTPS but not with FTP.

The best way is to not use FTP and FTPS in the first place since these protocols are known to cause troubles. Use HTTP or SFTP (file transfer over SSH) instead if the server supports this. If this is not possible use FTP in passive mode, where the client will create connections to the server and not the other way. Using enterLocalPassiveMode seems to be the way to do this, see also Apache Commons Net FTPClient and listFiles().

Steffen Ullrich
  • 114,247
  • 10
  • 131
  • 172
0

We were playing with active vs. passive. You are right, passive was correct.

As it turns out, the day after posting this, our NAS manufacturer issued a code update, and everything just started working. So feel free to ignore this request for help!

user13205890
  • 11
  • 1