When you connect to a site via FTP, you are opening a control channel. Commands to change directory, list files, etc, all go through the control channel. But for actual file transfers, FTP (the protocol) specified that a separate active connection initiated from the server end should be established (so that control over the session could be maintained via the control channel even while a file transfer was occuring over the data channel). Obviously, if a server tries to open a separate socket to your laptop the firewall is going to block it.
To deal with this problem, FTP also permits "passive" connections, in which the data is sent via the control channel. In the command line FTP client, you can use the -p command line flag (at least, the OS/X version of ftp(1) supports this). Or hunt for a suitable setting in your GUI program.
One thing gives me cause for concern: the OS/X command line FTP client defaults to passive connections these days, by design. This bears some digging ...
no subject
When you connect to a site via FTP, you are opening a control channel. Commands to change directory, list files, etc, all go through the control channel. But for actual file transfers, FTP (the protocol) specified that a separate active connection initiated from the server end should be established (so that control over the session could be maintained via the control channel even while a file transfer was occuring over the data channel). Obviously, if a server tries to open a separate socket to your laptop the firewall is going to block it.
To deal with this problem, FTP also permits "passive" connections, in which the data is sent via the control channel. In the command line FTP client, you can use the -p command line flag (at least, the OS/X version of ftp(1) supports this). Or hunt for a suitable setting in your GUI program.
One thing gives me cause for concern: the OS/X command line FTP client defaults to passive connections these days, by design. This bears some digging ...