Resolve simple NAT issues

patrickjuchli · patrickjuchli · commit 7767a614fd2c · 2018-04-23T20:28:04.000+02:00
diff --git a/lib/ftp.js b/lib/ftp.js
@@ -516,6 +516,13 @@ function enterPassiveModeIPv4(ftp) {
                 task.reject("Can't parse PASV response: " + res.message);
                 return;
             }
+            // If the host in the PASV response has a local address while the control connection hasn't,
+            // we assume a NAT issue and use the IP of the control connection as the target for the data connection.
+            // We can't always perform this replacement because it's possible (although unlikely) that the FTP server
+            // indeed uses a different host for data connections.
+            if (ipIsPrivateAddress(target.host) && !ipIsPrivateAddress(ftp.socket.remoteAddress)) {
+                target.host = ftp.socket.remoteAddress;
+            }
             const handleConnErr = function(err) {
                 task.reject("Can't open data connection in passive mode: " + err.message);
             };
@@ -572,6 +579,19 @@ function parseIPv4PasvResponse(message) {
     };
 }
 
+/**
+ * Returns true if an IP is a private address according to https://tools.ietf.org/html/rfc1918#section-3
+ * 
+ * @param {string} ip  The IP as a string, e.g. "192.168.0.1"
+ * @returns {boolean} true if the ip is local.
+ */
+function ipIsPrivateAddress(ip = "") {
+    const octets = ip.split(".").map(o => parseInt(o, 10));
+    return octets[0] === 10                                             // 10.0.0.0 - 10.255.255.255
+        || (octets[0] === 172 && octets[1] >= 16 && octets[1] <= 31)    // 172.16.0.0 - 172.31.255.255
+        || (octets[0] === 192 && octets[1] === 168);                    // 192.168.0.0 - 192.168.255.255
+}
+
 /**
  * Upload stream data as a file. For example:
  * 
