Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[SRX] FTP packet is dropped by FTP ALG due to no CRLF (\r\n) at end of FTP header

0

0

Article ID: KB31131 KB Last Updated: 12 Sep 2016Version: 1.0
Summary:

This article describes why an FTP packet is dropped by FTP ALG due to no CRLF at the end of an FTP header.

CRLF: Carrige Return(\r) / Line Feed(\n)
Symptoms:

The following packet capture is one of the standard FTP control packets. The CRLF(\r\n) is seen at the end of the FTP header in the control packet.

In this case, FTP ALG forwarded this packet.






However, another FTP application used LF(\n) instead of CRLF(\r\n), as seen in the following packet capture.

In this case, FTP ALG will drop this packet as a malformed FTP packet by default.



Solution:

FTP ALG checks the FTP format to see if the FTP control packet ends with CRLF.

SRX supports CRLF for FTP control packet by default. It also supports LF if the following command is configured:

#set security alg ftp line-break-extension

For line-break-extention configuration, see ftp (Security ALG):

line-break-extension—Enable line-break-extension. This option will enable the FTP ALG to recognize the LF as line break in addition to the standard CR+LF (carriage return, followed by line feed).

Notes:
  • If FTP control packet does not end with CRLF or LF, FTP ALG is not able to forward the FTP packet. SRX does not support this scenario.
  • This may occur in a scenario where the FTP data packet uses the same port number as the FTP control packet. This may happen if there is an FTP proxy server between an SRX and an FTP server.
Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search