Upgraded the firmware on my DSL router last night. Since then my blogging hasn’t been working. As Blogger uses PASV FTP I assumed that the new firmware didn’t support it. That’d be odd I thought.
Finally tracked down the problem.
My firewall is configured to accept PASV on a specified port range. By this, I mean I have NAPT entries for the range forwarding to my FTP server.
My FTP server is set to respond with an IP address to contact ‘me’ on and a port number randomly allocated from said range.
Seems the new version of the firewall was doing NAT translations in the control channel response from the FTP server to client. So when my machine was sending out a response saying ‘contact me on 220.127.116.11:port’ the router wasn’t doing anything clever and let it pass, and then my blogger tried to contact me the router didn’t pass the request through correctly.
When I changed the FTP server to respond with ‘contact me on 10.0.0.1:port’ the router was spotting this and NATting it and passing it to blogger.com, then when the request came back from blogger.com it let it through.
I’ve made quite a few presumptions in the above statement, it could be that the new firewall firmware was blocking the initial PASV response from my FTP server as it may have appeared to be sourced from the WAN IP address.
What I do know is that I can now blog again AND keep the updated version of the firmware. (Not that the firmware has anything too exciting in it, but theres more buttons, checkboxes and menus so it must be better.)