Community

tiresias · ‎04-12-2024

I have a new Smarty sim to replace my Three sim. The Three sim is still in its notice period, so I can do easy comparisons for the next couple of weeks.

All seems OK with Smarty so far, except for 1 thing which is driving me NUTS.

I update the pages on my web site via FTP (TLS) and it has worked flawlessly with the Three sim for many years.

But now using Smarty, my usual FTP program Filezilla (and WinSCP) keeps failing to list the files on my web server, and when I try to upload new files (e.g. new HTML files) I usually get error messages, and often the uploaded HTML file ends up being zero-length which is disasterous for a web page. Here are the error messages produced by Filezilla:

Command: PWD
Response: 257 "/public_html/cgi-bin" is your current location
Command: PASV
Response: 227 Entering Passive Mode (82,71,205,12,123,47)
Command: MLSD
Error: GnuTLS error -110: The TLS connection was non-properly terminated.
Status: Server did not properly shut down TLS connection
Error: Transfer connection interrupted: ECONNABORTED - Connection aborted
Error: Connection timed out after 20 seconds of inactivity
Error: Failed to retrieve directory listing
Status: Disconnected from server
Status: Resolving address of www.mysite.co.uk
Status: Connecting to 82.71.205.12:21...

also...

Command: STOR download.htm
Error: GnuTLS error -110: The TLS connection was non-properly terminated.
Status: Server did not properly shut down TLS connection
Error: Connection timed out after 20 seconds of inactivity
Error: File transfer failed
Status: Disconnected from server

I have switched back to using the Three SIM for now which still works fine and does not produce any errors, so the problem is obviously being caused by Smarty.

A web search can't find anything definite, but it MIGHT be being caused by something monitoring the secure TLS traffic and messimg up the packets. So maybe Smarty are doing something to the packets on their servers that is breaking secure FTP. It's pretty much unusable at present. :(((

Has anyone else enountered this and knows what the remedy is?

SmartyTrousers · ‎04-12-2024

I don't know all the ins and outs of passive mode FTP, but I suspect the issues are somehow being caused by the fact that Smarty uses CG-NAT (Carrier Grade Network Address Translation), meaning you share an external IP address with numerous other users, and it's not possible to make a connection from the internet into your connection.

Three are in fact the only UK mobile network which don't use CG-NAT (and even then, only when you use the 3internet APN. Note that if you set your APN on Smarty to 3internet, you may get internet connectivity but it will still be CG-NAT-ed).

My suggestions would be to try FTP in active mode instead of passive, or try transferring the files via SFTP instead if you can.

tiresias · ‎04-12-2024

Thanks for the reply. I tried active and passive settings - no difference.

Changing to unencrypted/insecure FTP is definately not acceptable as all the traffic including the login password is sent in plain text.

I don't think it's to do with IP address translation.

The errors are intermittent. You may have 2 or 3 directory listings suceeding, then suddenly 1 or 2 fail with the errors mentioned above. If it was a problem with address translation I would expect it to always fail, but the fact that it succeeds maybe 50% of the time suggests something more buggy.

I initially contacted Zen (my web host company) and they said the problem "was at the TLS/SSL layer".

Looks like I'll have to contact Smarty. Really disappointed, as everthing else has gone so smoothly. If it isn't fixed I'll probably have to leave. 😞

SmartyTrousers · ‎04-12-2024

Are you under the impression that SFTP (which I suggested) is insecure? It isn't - it transfers files over SSH.

Community

FTP is broken