FTP doesn't work when LS is active

General discussions about Little Snitch
Post Reply
Posts: 2
Joined: Wed Feb 06, 2008 10:32 pm

FTP doesn't work when LS is active

Post by davidww1 » Wed Feb 06, 2008 10:47 pm

With Little Snitch 2.0.2 set to filter network activity, ftp connections are not available, either with Cyberduck or Dreamweaver. As a test, I've turned off LS, connected, then turned it on once a connection was established. The connection is immediately broken.

I have established rules that specifically allow these apps to communicate with my ftp addresses via port 21, but this doesn't help.

What else should I be doing?

Thank you.

Rank 4
Rank 4
Posts: 285
Joined: Fri Jun 29, 2007 5:54 pm
Location: Germany, Bavaria

Post by ludwigschubert » Thu Feb 07, 2008 12:24 am

Hi davidww1,
I think you did everything correct.

What I would recommend is that you log on your Guest-Account and try starting your ftp apps from there. The Guest-Account will give you fresh rules to see whether it's really LittleSnitch who's giving you trouble.

If it doesn't work and doesn't ask on the Guest-Account I'd consider it a bug.

Tell us how it went!

Posts: 2
Joined: Wed Feb 06, 2008 10:32 pm

Post by davidww1 » Thu Feb 07, 2008 7:04 pm

Greetings, Ludwig,

First, I didn't mention that this problem only occurs with one site, which resides on a very carefully maintained server. Another site I'm involved with, on a 'bargain' server, has no problems. Anyway, back to the problem...

Made a 'test' account (guest accounts disappear when you log out, so you can't do iterative testing) and LS asked for a access that turned into a rule permitting server: any; port: 21; protocol: 6 (TCP).

That didn't seem too different from anything I'd seen in my original investigations so I did a bit of fiddling to find out if any of my pref panes were at issue (I was most concerned about ASM and Default Folder). No problem there.

Went back to my own account with log-in items off and entered a new rule for Cyberduck of server: any; port: 21; protocol: 6 (TCP). Bang - Cyberduck logs in successfully.

Tried Dreamweaver - no go. Instead I get a message telling me to toggle passive FTP. Go back to LS Config and type in a new rule based on one for Cyberduck: server: [IP address] port: 21; protocol: any. Same response - DW tells me to go fiddle with the 'passive' checkbox.

So I type in another rule for Dreamweaver - server: any; port: any; protocol: 6 (TCP). Bang - Dreamweaver lets me in. Hurrah. Log out and in with all login items on, bang, I'm in again.

So, at this point, I don't know why any of this was happening, but the issue seemed to be that when using both Cyberduck and Dreamweaver, LS was not giving me the opportunity to say yes or no to the connection; it simply didn't happen. And, as I said above, the problem only occurred with one very professional ISP. A mystery.

If I can answer any questions, please let me know.

Post Reply