TWSD-621 - [HSOL-4161] FTPS data connection communication fails
Review Request #811 — Created April 20, 2025 and submitted
| Information | |
|---|---|
| weikai | |
| APV10 | |
| rel_apv_10_7 | |
| TWSD-621 | |
| Reviewers | |
| mingji, timlai, timsu | |
The firewall rule was previously being removed at an incorrect timing,
causing the data channel to be blocked by the firewall before data transmission was complete.
Testing showed that even if the rule is removed upon the FTPS data channel (encrypted mode) termination event, some packets may still be in transit.
Therefore, an additional management mechanism has been established.The management of firewall rules for the FTPS data channel(encrypted mode).
1. Connect: Add the new "bound_pcb" to the "recod_bound_pcb_tailhead" list.
2. Disconnect: Add the "bound_pcb" with a timestamp to the "next_del_bound_pcb_tailhead" list from the "recod_bound_pcb_tailhead" list.
3. Other event: Check each "bound_pcb" in "next_del_bound_pcb_tailhead" and delete those that have exceeded 0.05 seconds.
- Set up FTP service (not FTPS)
- Configure SLB for FTPS <-> FTP on APV
- Use Core FTP LE 2.2 and FileZilla 3.68.1 as client software
a. Upload and download a 10 MB file 25 times each
b. Upload and download a 100 MB file 25 times each
c. Upload and download a 1 GB file 15 times each
d. Upload and download a 3 GB file 5 times each
