If your FTP server is located behind a Checkpoint firewall, you may have experienced trouble with FTP clients trying to transfer files to/from it. The issue happens both with Chilkat and other FTP clients (such as WS_FTP).
The issue has to do with this error: "PORT command ended without new line"
The Checkpoint firewall demands every FTP control packet to end with a new-line character. Although the FTP client is sending commands properly terminated by a CRLF, it’s possible that the command arrives in separate TCP/IP packets.
The FTP service definition in FireWall-1 can be modified to allow packets without new line characters. To do this, it is necessary to modify the $FWDIR/lib/base.def file on the Management station to turn off the new-line characters check.
Comment out this line in base.def:
#define FTP_ENFORCE_NL
change this to:
// #define FTP_ENFORCE_NL
NOTE: This line disables an FTP Security check, and therefore reduces the level of security provided by the firewall. However, an alternative check happens if this line is present:
#define FTP_CHECK_PACKET
If it exists, it is safe to comment out the "FTP_ENFORCE_NL" line without reducing the level of security.
NOTE: The Chilkat last-error log will not explicitly show an error that indicates "port command not ended with newline", but will instead show something such as:
SOCKET_ERROR: An existing connection was forcibly closed by the remote host.
