COMMAND
MS Internet Explorer
SYSTEMS AFFECTED
IE5
PROBLEM
Glen R. J. Neff found following. The problems he observed are
with how IE5 handles passive FTP. They've been especially
apparent to him because his NT boxes at home are behind Linux IP
Masq., which requires passive mode for outgoing FTP, as does
firewall at work. In IE5, if you select an FTP link which points
directly to a file (ftp://ftp.acme.com/pub/subdir/file.zip) it
will switch to passive mode and pull the file just fine. But if
you attempt to hit a URL that specifies a directory on an FTP
server (ftp://ftp.acme.com/pub/), after a long pause, you'll get
an error dialogue like:
An error occurred opening that folder on the FTP Server.
Make sure you have permission to access that folder.
Detail:
200 Type Set to A.
200 PORT command successful.
425 Can't build data connection: Operation timed out.
Likewise, here's an example of the output from NT's command line
FTP client which has no support for passive mode:
D:\>ftp ftp.cdrom.com
Connected to wcarchive.cdrom.com.
220 wcarchive.cdrom.com FTP server (Version DG-3.1.27 Wed Dec 2 01:29:08 PST
1998) ready.
User (wcarchive.cdrom.com:(none)): anonymous
331 Guest login ok, send your email address as password.
Password:
230-Welcome to wcarchive - home FTP site for Walnut Creek CDROM.
<snip>
230 Guest login ok, access restrictions apply.
ftp> ls
200 PORT command successful.
425 Can't build data connection: Connection refused.
ftp>
And to really demonstrate my point, here's some sample output from
a UNIX based FTP client:
gneff@jedi-/home/gneff$ ftp ftp.cdrom.com
Connected to wcarchive.cdrom.com.
220 wcarchive.cdrom.com FTP server (Version DG-3.1.27 Wed Dec 2 01:29:08 PST
1998) ready.
Name (ftp.cdrom.com:gneff): anonymous
331 Guest login ok, send your email address as password.
Password:
230-Welcome to wcarchive - home FTP site for Walnut Creek CDROM.
<snip>
230 Guest login ok, access restrictions apply.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> ls
200 PORT command successful.
425 Can't build data connection: Connection refused.
ftp> passive
Passive mode on.
ftp> ls
227 Entering Passive Mode (209,155,82,18,32,226)
150 Opening ASCII mode data connection for 'file list'.
total 91760
-rw-rw-r-- 1 root wheel 696 Nov 19 1997 README
<snip>
drwxrwxr-x 2 root wheel 2048 May 6 21:26 pub
226 Transfer complete.
ftp>
SOLUTION
From knowledge base article Q195439:
Internet Explorer 5 has an improved FTP user interface when
direct access to an FTP server is available. This feature
allows file upload, drag-and-drop support, file deletion, and
the downloading of several directories. If you discover an
issue in the new FTP user interface that blocks FTP
functionality, the feature can be disabled by typing the
following:
regsvr32.exe /u msieftp.dll
in a command window while in the directory C:\Windows\System
(or C:\Winnt\System32 on Windows NT systems).
This will successfully fix passive ftp problems. There is a
workaround for bug in Microsoft FTP clients also. If you add
"insmod -s /lib/modules/2.0.36-0.7/ipv4/ip_masq_ftp.o" (or
wherever you have ip_masq_ftp.o) to your /etc/ppp/ip-up.local,
then active mode transfers will be supported. If your problem
with the Microsoft FTP clients is their insistence on attempting
to use active mode through a Linux box acting as a network address
translating router, then (and only then) you can work around the
problem by adding a line to insert the kernel module ip_masq_ftp.o
to whichever script you use to set up the translating routing
entries on your Linux box. (example above was specific not only to
specific kernel version, but also to specific configuration -
using the PPP post-connection script to set up routing and
translation). Additional information on Linux IP Masquerading can
be found at
http://ipmasq.cjb.net/