Firewall problems / bugs

XP Pro SP3, AIS 5.0.545

I’m using Filezilla FTP, when I try to log on to my domain (remote host / Windows server) I can log in, but I get the message from Filezilla:

Error: Failed to retrieve directory listing (see attached screenshot)

  • which means I can’t see any of the files and folders on the domain, only the root folder is accessible.

If I shut down the firewall, everything works allright. Have also tried WS_FTP and FTP in Directory Opus, same problem with these.

I don’t know if this is normal and if I have to configure something to make it work? Or if it’s a bug? I have some domains on a Linux server also, but there’s no problem with these in this respect. So whether it’s a general problem with Windows servers or just this particular server I don’t know. In any case I’d like to know how to fix it so I don’t have to shut down the Firewall each time I FTP to this domain.

There is however another bug in the Firewall as far as I can see: if you click the Stop button, it says “Service Stopped”, but actually it isn’t stopped - at least I still get the above error in Filezilla. I have to click the Stop button twice before the error goes away. And if I click Start hereafter, Filezilla continues to work normally until I shut Filezilla down and restart it - I’d expect that the Firewall would block the program immediately whether it’s already open or not.

Also, if you click the Start button after the Firewall has been stopped, the “Service Stopped” message remains, despite the Firewall is started. You have to click the Start button one more time before it says “Running”.

Rado

Yes, I’ve noticed that minor interface bug with the firewall needing to be started twice to show as running.

CORRECTION:

The problems with the buttons I’ve decribed appears to happen only when you choose “Stop Permamently”, it doesn’t seem to affect the other options.

The FTP problem is however the same whatever option you choose.

Rado

Info needed:

  • FTP transfer type - ACTIVE / PASSIVE (from the log it seems you are using active mode - PORT command used and no PASV command)
  • the avast firewall rule for Filezilla
  • is the builtin windows firewall running? (and if it is, is there any rule for Filezilla)

But let me just guess what’s breaking it for you - you have Filezilla set to use active mode and don’t have inbound connections allowed in firewall rules. Change either of these and it should work.

@ warlock

Most users choose to identify their country ???

Go to PROFILE then Modify Profile then Forum Profile Information then select your country in Please select your country: then update your Signature: with information like my signature as this helps the helpers offer pertinent advice.

Sorry for the offtopic, but:
@YoKenny

What does it even have to do with this? I’m not the one reporting a problem here. You know, seeing you post this “Put your specs in your signature” in every single thread on this forum is gradually starting to piss me off. Man, how I would love to have here the “Ignore posts from this user” feature that is available on some other forums.

Thanks for your reply.

Yes, Filezilla is/has to be set to active transfer for that server.

Actually Windows Firewall was running also, thought I had deactivated it long ago. It had a rule for Filezilla. After deactivating Windows Firewall, no problems with Filezilla anymore when AIS Firewall is turned on. Do I really need Windows Firewall anyway, when I’m using the AIS Firewall? Sounds like a bad idea also to have two firewalls running at the same time.

As for the AIS Firewall, Filezilla is set to allow all connections, out and in. Is that recommendable?

Rado

yep, feature is definitely missing on SMF, as opposed to VBulletin. Would be badly needed indeed with forum “unofficial” advisers and spammers :wink:

You shouldn’t need it, unless you use some of the other features provided by the same service that is running the firewall, ie. connection sharing. The avast developers said that running Windows firewall alongside AIS shouldn’t cause any conflicts, but as you can see, it can still be problematic.

Yes, that’s fine. For active FTP connections you have to be accessible from outside as it is the server that initiates the transfer then. You could make it a bit more tight by setting a fixed listening data port (in Filezilla) and create a packet rule (in AIS) allowing incoming connections only to this port, but that’s too much of a hassle for a normal user and not that beneficial.