publicfile is DJB's read-only FTP / HTTP server
When entering PASV mode, the FTP server in publicfile
responds by saying: 227 =1,2,3,4,187,162 where 220.127.116.11 is
the server's ip and 256*187 + 162 is the port.
However, it isn't clear what a 227 answer should look like
given the RFC and as it happens, DJB's 227 =1,2,3,4,187,162
line trips up Linux ftp connection tracking code. The fix is to make
the line read: 227 Entering Passive Mode(1,2,3,4,187,162)
instead. Here's a patch.
I found this because I eroneously had ftp connection tracking on
the server running ftpd. Everything worked great until the server
needed to respond to a PASV request from the client. I straced the
calls, and sure enough, ftpd was sending the response but nothing
was showing up in a tcpdump on any interface! Turns out, the
connection tracking code was eating it because it didn't understand
it! The messages in dmesg were the clue that helped figure that one