I need to write an application which connects to a FTP server. This FTP server does not allows passive mode connections. I can connect to the FTP server using Filezilla.
I have developed a C# WCF service which connects to this FTP server, using FTPWebRequest class.
Here are the basic settings of the FTPWebRequest object:
ftpreq.Proxy = null;
ftpreq.KeepAlive = true;
ftpreq.UsePassive = false;
When I run the WCF service from Visual Studio(Ctrl+F5) it connects to the FTP server and downloads required files without any issues
But when I host the service in my local IIS 7.5, it fails to connect to the FTP server with following error:
The remote server returned an error: (425) Can't open data connection.
After some googling on this problem, I tried playing around the firewall settings, but it was of no use. Not sure if it is related to some IIS security issue or something else.
Any help would be highly appreciated
This is my way:
Start\ Control Panel\ Windows Firewall\ Allowed Programs.
Here! Tick check box at your application to allow it through Windows FireWall.
Remember! Tick checkbox "Home/Work (private)" as well as checkbox "Public".
good luck!
here is complex solution
step 1
single ftp (non ftps) using two network channels (port and port ranges).
One (tcp:21) for auth, and second, used as data-channel for data.
When configuring ftp on iis, open 21 port for auth and control channel, then in iis control-panel on "FTP Firewall support" specify port range for data (5000-6000) and external ip of network interface married with ftp-server.
step 2
Finally, open tcp:21 in windows firewall and create custon rule, allowing connection on tcp:5000-6000. Restart system (or just restart services).
thats all.
ps. just remember, that ftp on iis using tcp:21 for control/auth and tcp:5000-6000 for data. tcp:5000-6000 may be changes in iis manager 1st, and opened in windows firewall second.
I commented this settings:
UseBinary, Proxy, KeepAlive, UsePassive
and now works good:
FtpWebRequest reqFTP;
reqFTP = (FtpWebRequest)WebRequest.Create(new Uri(ftpLocation + remoteDir));
//reqFTP.UseBinary = true;
reqFTP.Credentials = new NetworkCredential(ftpUser, ftpPassword);
reqFTP.Method = WebRequestMethods.Ftp.ListDirectory;
//reqFTP.Proxy = null;
//reqFTP.KeepAlive = false;
//reqFTP.UsePassive = false;
response = reqFTP.GetResponse();
reader = new StreamReader(response.GetResponseStream());
string line = reader.ReadLine();
This code is from microsoft forum: https://social.msdn.microsoft.com/Forums/en-US/079fb811-3c55-4959-85c4-677e4b20bea3/downloading-all-files-in-directory-ftp-and-c?forum=ncl
Same issue happened to me. So I did the following and it fixed it:
- I rebooted the whole FTP server
- After reboot, I launched Internet Information Services (IIS) 6.0 Manager. The Default FTP Site was stopped. I started it. And that fixed it!
Related
I am using Ratchet WebSocket in a Windows-based server project that is entirely working in an insecure environment. That is to say that when I navigate my browser to http://www.example.com and connect to the websocket server using ws:// on port 8686 everything works spectacularly.
The server doesn't run through IIS - but instead is executed via php.exe in command prompt like this.
php wsocket-server.php [...parameters...]
However, if run the Ratchet Server and try to connect from https://www.example.com using wss:// the browser simply will not connect to the websocket server, despite the fact that the server starts up fine and the insecure site and connect via ws://
Now, I realize I need to utilize some additional code to include my SSL documentation. This is the relevant code I have in place:
use Ratchet\Server\IoServer;
use Ratchet\Http\HttpServer;
use Ratchet\WebSocket\WsServer;
$websocket_server = new WsServer();
if ($site_secure){
//RUN WSS (SECURE) SERVER
$options = [
'local_cert' => 'c:\inetpub\ssl\2c6fa1928847451c.crt',
'local_pk' => 'c:\inetpub\ssl\2c6fa1928847451c.key',
'allow_self_signed' => true,
'verify_peer' => false
];
$loop = React\EventLoop\Factory::create();
$websocket_server->enableKeepAlive($loop);
$app = new HttpServer($websocket_server);
$insecure_websockets = new \React\Socket\Server('0.0.0.0:'.$port, $loop);
$secure_websockets = new \React\Socket\SecureServer($insecure_websockets , $loop, $options);
$secure_websockets_server = new \Ratchet\Server\IoServer($app, $secure_websockets, $loop);
$secure_websockets_server->run();
}else{
//RUN WS (INSECURE) SERVER
$http_server = new HttpServer($websocket_server);
$server = IoServer::factory($http_server, $port);
$websocket->log ("Initializing ".(($site_secure) ? "Secure " : "Insecure ")."Server ($port)");
$server->run();
}
What I have tried
I have ensured the correct ports are all open in the windows firewall.
I have ensured nothing else is listening on the port using netstat
I have tried using nginx, on a minimal level. I'd prefer to NOT use this method if possible, and was having some initial problems with it starting up so I did not dedicate 100% to it at this time. Ideally, I'd like to use Ratchet's native abilities.
I have searched other similar posts both here and elsewhere, such as this.
I have tried a number of different ports, even the same 8686 as I use in the insecure connection
I am hoping someone can lend me an assist with an issue that has been driving me crazy for 2 weeks. At this point I feel like I'm just trying things to try them and I may be coding myself in circles.
Thank you in advance.
A browser is never going to connect to anything running on port 465. Especially not a WebSocket.
Establishing a WebSocket connection is specified in terms of the Fetch standard. As such, the specific exclusion of this port is found within the latter:
A port is a bad port if it is listed in the first column of the following table.
Port
Typical service
…
…
465
submission
…
…
Now, why are some ports blacklisted? This is a protection against cross-protocol scripting attacks, as once demonstrated (warning: NSFW links) against Firefox and against Safari. Port 465 has been (and still sometimes is) used for SMTP over (pure) TLS, so in this case, an XPS attack might trick a browser into sending mail on the user’s behalf. Blocking those ports is meant to prevent it. Of course, all bets are off when a service runs on a non-standard port.
To make the service available in a browser, all you need to do is change the port number.
I am prototyping a message queue solution developed using CodeIgniter. The code is hosted on a GoDaddy basic shared hosting plan and connects to a trial instance of RabbitMQ on CloudAMQP. I use the videlalvaro/php-amqplib library.
The solution worked fine for a few days and yesterday I started getting a connection refused error. No changes to the code, in fact the same code running on my local machine works fine and connects to CloudAMQP.
This leads me to believe that the problem could be with GoDaddy hosting. Have spent about 48 hours trying to work around this and my project is now stalled.
Does anyone have any ideas? My only option now is to move to a different hosting service and try but that's a major step and I wanted to be sure I'm not missing something small.
The relevant part of the code below:
$url = parse_url("amqp://yyyyyyyy:xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx#moose.rmq.cloudamqp.com/yyyyyyyy");
//Masking the user name and password for here
$conn = new AMQPStreamConnection(
$url['host'], //host - CloudAMQP_URL
5672, //port - port number of the service, 5672 is the default
$url['user'], //user - username to connect to server
$url['pass'], //password - password to connect to the server
substr($url['path'], 1) //vhost
);
For those who may face a similar problem, this could have been because of hosting on GoDaddy (could apply to any hosting service) where presumably access to post 5672 is not allowed. I moved to AWS and everything is working fine.
This question can be closed (not sure how that happens).
Thank you zaq178miami, your inputs helped.
I'm searching for a way to get my Files synchronized (task) from a web server (Ubuntu 14) to a local server (Windows Server). The web server creates small files, which the local Server needs. The web server is in a DMZ, accessible through SSH. Only the local server is able to access folders on web server. It tried using Programs like WinSCP, but I'm not able to set a "get"-Job.
Is there a way to do this with SSH on Windows server without login every few seconds? Or is there a better solution? In the Future Web-Services are possible, but at the moment I need a quick solution.
Either you need to schedule a regular frequent job, that connects and downloads changes.
Or you need to have continuously running process, that keeps the connection opened and regularly watches for changes.
There's hardly a better solution (that's still quick and easy to implement).
Example of continuous process implemented using WinSCP .NET assembly:
// Setup session options
SessionOptions sessionOptions = new SessionOptions {
Protocol = Protocol.Sftp,
HostName = "example.com",
UserName = "user",
Password = "mypassword",
SshHostKeyFingerprint = "ssh-rsa 2048 xxxxxxxxxxx...="
};
using (Session session = new Session())
{
// Connect
session.Open(sessionOptions);
while (true)
{
// Download changes
session.SynchronizeDirectories(
SynchronizationMode.Local, localPath, remotePath, false).Check();
// Wait 10 seconds
Thread.Sleep(10000);
}
}
You will need to add a better error handling and reconnect, if connection breaks.
If you do not want to implement this as (C#) application, you can use PowerShell script. For a complete solution, see
Keep local directory up to date (download changed files from remote SFTP/FTP server).
I'm doing my dev work on a Window 7 x64 machine, deploying to a Windows 2008 x32 server. At the moment I'm adding WCF services to some internal apps so that we can build smaller clients using net.tcp bindings that report to the user what the server is doing without running multiple instances of the server. To cut back on how much administration the apps will require, I tried enabling port sharing on my first server app. I'm using the app to self-host the WCF service so they can be easily moved from one server to another if necessary. Here's the code starting the server:
Dim _service_host As ServiceHost
Dim active_server_address As Uri = New UriBuilder("net.tcp", "localhost", CInt(My.Settings.ServerPort)).Uri
_service_host = New ServiceHost(GetType(UpdateServiceOps), active_server_address)
_service_host.AddServiceEndpoint(GetType(IUpdateService), New NetTcpBinding With {.Name = "endpoint_tcp"}, "MiddlewareEndpoint")
_service_host.Description.Behaviors.Add(New ServiceMetadataBehavior)
_service_host.AddServiceEndpoint(GetType(IMetadataExchange), MetadataExchangeBindings.CreateMexTcpBinding, "mex")
_service_host.Open()
That works great. When I change it to what's below, however, I get an error. Here's the code:
Dim _service_host As ServiceHost
Dim active_server_address As Uri = New UriBuilder("net.tcp", "localhost", CInt(My.Settings.ServerPort)).Uri
_service_host = New ServiceHost(GetType(UpdateServiceOps), active_server_address)
_service_host.AddServiceEndpoint(GetType(IUpdateService), New NetTcpBinding With {.Name = "endpoint_tcp", .PortSharingEnabled = True}, "MiddlewareEndpoint")
_service_host.Description.Behaviors.Add(New ServiceMetadataBehavior)
_service_host.AddServiceEndpoint(GetType(IMetadataExchange), MetadataExchangeBindings.CreateMexTcpBinding, "mex")
_service_host.Open()
I get the following error when I put a breakpoint at the last line: Unable to automatically step into the server. Connecting to the server machine 'nettcpportsharing' failed. The requested name is valid, but no data of the requested type was found. The Try...Catch block housing that code says the exception type is AddressAlreadyInUseException...but when I run netstat I don't see anything else listening on that address. There's no occurrence of 'nettcpportsharing' anywhere in my solution. I've checked to make sure that the Net.Tcp Port Sharing service is started. Any ideas?
I think this may be a permissions issue. Please see the associated article which explains how to configure the port sharing service to support self-hosted services.
(For production purposes I would strongly recommend using IIS Hosting with WAS anyway - it makes management of the services much cleaner and you get dynamic startup/shutdown for free.)
I've got a rather confusing problem.
Web Service A - Called directly by Win32 App, and various other web applications
Web Service B - Called directly by same Win32 App and a different set of other Web Applications
I'm working on adding a reference to B into A, so that we can use the functionality B provides without rewriting/reintegrating that code manually into A. I have a develop copy of A on my PC that I'm working with, and am calling a test copy of B on a remote server (the test server is accessed over the internet at our hosting provider)
I believe to have my code ready for testing, but every time I go to test it on my local copy, I get the following error.
No connection could be made because the target machine actively refused it 10.1.X.XX:8080
at System.Net.Sockets.Socket.DoConnect(EndPoint endPointSnapshot, SocketAddress socketAddress)
at System.Net.Sockets.Socket.InternalConnect(EndPoint remoteEP)
at System.Net.ServicePoint.ConnectSocketInternal(Boolean connectFailure, Socket s4, Socket s6, Socket& socket, IPAddress& address, ConnectSocketState state, IAsyncResult asyncResult, Int32 timeout, Exception& exception)
The internal IP listed in the error message was our old BorderManager gateway. It is no longer in use, I've checked all Machine.Configs, Web.Configs, registry entries, even gone so far as doing a full text search of all files on my PC under 2MB for the IP listed there. I double checked the Internet Options Connections settings, but that is managed by a group policy company wide. I've called in a networking guy to verify that the IP is not listed anywhere in the currently applied policy.
I can't find it anywhere except when trying to step over the code that uses it, and getting the exception shown above.
The code I have for using Web Service B is:
Dim oZip As New ZipTerr.ZIPTerr
oZip.Url = "https://test.test.com/ZIPTerr/ZIPTerr.asmx" ' This really shouldn't be hardcoded...
oZip.PreAuthenticate = True
oZip.Credentials = New System.Net.NetworkCredential("username", "password")
aCity = oZip.GetCities(pstrZip, Date.Now())
It fails on the call to oZip.GetCities() with the above error. The IP in the error message does not in any way indicate it's made it out of our local network, it's a 10.* private IP, whereas the test server has a valid live publicly accessible IP.
Any ideas??
Update:
Both web services are in .NET 2.0
The underlying System.Net libraries will not be using the Internet Settings values in this case since the code is running as a service.
MS are a little sketchy on the details of how its proxy settings are derived in the absence of specific settings in the .config files.
Here are some things to try:-
One command line use:-
ProxyCfg -d
This would remove any proxy settings used by the WinHTTP component (which was designed to be used in just such a server setting by code prior to the advent of .NET).
ProxyCfg -u
Copies the current users Internet proxy settings to the system-wide setting used by WinHTTP.
Better yet configure the proxy settings yourself in the web.config of the calling application:-
<system.net>
<defaultProxy enabled="true">
<!-- if above set to true configure below accordingly if false delete below-->
<proxy proxyaddress="http://127.0.0.1:8888" bypassonlocal="False"/>
</defaultProxy>
</system.net>
Best Guess:
Either the error is coming from code that is not on your machine. Is Web service A and B running on your machine?
Or it is hard coded in a dll where the source for the dll is not on your machine.
Hope this helps
Shiraz