LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Fedora (https://www.linuxquestions.org/questions/fedora-35/)
-   -   can't upload with ftp from FC3 (https://www.linuxquestions.org/questions/fedora-35/cant-upload-with-ftp-from-fc3-406525/)

belliott4488 01-22-2006 09:42 AM
can't upload with ftp from FC3
 
Sorry, to double-post, but I thought I might be more likely to get help here than in Linux-Security, where I first posted this question.

Quote:
Originally Posted by belliott4488
I'm running Fedora Core 3, including SELinux. Today I attempted to upload some files to a web server for the first time, but I couldn't quite do it.

(Actually, my 'put' command seemed to succeed in blowing away the file I was trying to upate, since the web site I'd just agreed to try and maintain for someone stopped responding - I was updating the index.html file. I had to boot up my Win2K machine just to do the ftp.)

I can establish the connection and log on, but any command that uses the data port seems to fail. Here's a simple example session:

Code:
[bruce@localhost ~]$ ftp -d users.XXXX.net
Connected to users.XXXX.net.
220 www2.XXXX.net FTP server (Version wu-2.8.0-prerelease(1) Tue Dec 6 22:11:18 PST 2005) ready.
---> AUTH GSSAPI
500 AUTH command not supported.
---> AUTH KERBEROS_V4
500 AUTH command not supported.
KERBEROS_V4 rejected as an authentication type
Name (users.megapathdsl.net:bruce): ZZZZZZ
---> USER ZZZZZZ
331 Password required for ZZZZZZ.
Password:
---> PASS XXXX
230 User ZZZZZZ logged in.
---> SYST
215 UNIX Type: L8
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> ls
ftp: setsockopt (ignored): Permission denied
---> PASV
227 Entering Passive Mode (XX,80,60,21,108,140)

receive aborted
waiting for remote to finish abort
ftp>
(I've x'd out the server and username.)
The session just hangs after the "Entering Passive Mode ..." message. If I wait long enough, it just times out; this time I CTRL-C'd out of it. I get the same response if I do a "put" or a "get".

I was able to ftp successfully from the same machine after I rebooted in Win2K, so I'm guessing this has something to do with the firewall on the Linux side.

What should I do?

thanks,
Bruce

nx5000 01-23-2006 03:24 AM
Did you also use the passive mode under w2k? If yes, then your firewall (and/or NAT) is causing problems.

You need to have the ftp conntrack for iptables.

And I bet XXX= mega... :)

Don't double post, the correct place for this thread would have been network as ftp is not linked to fedora and there is no security issue.

belliott4488 01-23-2006 07:26 AM
Quote:
Originally Posted by nx5000
Did you also use the passive mode under w2k? If yes, then your firewall (and/or NAT) is causing problems.

You need to have the ftp conntrack for iptables.

And I bet XXX= mega... :)

Don't double post, the correct place for this thread would have been network as ftp is not linked to fedora and there is no security issue.
Sorry about the incorrect posting, but I wasn't sure where to post since I wasn't sure what the problem was, e.g. if Fedora has a unique way of configuring its firewall or something.

I've found out that the server I was trying to connect to doesn't allow passive mode transfers, so I think the problem is with my firewall, i.e. if I have to use active ftp, it has to allow the remote server to connect to my data port.

Are firewall questions security-related or network-related? I'd like to carry on this thread in the appropriate forum, I'm just confused ...

And BTW ... how did you guess that domain name? Are they big in the hosting world? I'm new to all this and hadn't even heard of them before.

thanks,
Bruce

nx5000 01-23-2006 08:29 AM
Quote:
Originally Posted by belliott4488

Are firewall questions security-related or network-related? I'd like to carry on this thread in the appropriate forum, I'm just confused ...

And BTW ... how did you guess that domain name? Are they big in the hosting world? I'm new to all this and hadn't even heard of them before.

thanks,
Bruce
227 Entering Passive Mode (XX,80,60,21,108,140)

Here is the IP adress ;) you could edit your post to remove it.

Well, for me firewall not working fall under network configuration but I'm not maintainer of the website , you can put them in one of them (not both eheh)

Anyway, you seem to know how active/passive command/data port in ftp work. If you also know how iptables works , grep google or linuxquestions for ftp conntrack, it is was you need.

belliott4488 01-23-2006 06:33 PM
Quote:
Originally Posted by nx5000
227 Entering Passive Mode (XX,80,60,21,108,140)

Here is the IP adress ;) you could edit your post to remove it.

Well, for me firewall not working fall under network configuration but I'm not maintainer of the website , you can put them in one of them (not both eheh)

Anyway, you seem to know how active/passive command/data port in ftp work. If you also know how iptables works , grep google or linuxquestions for ftp conntrack, it is was you need.
duh ... yeah, IP address, huh. :rolleyes: thanks.

And actually, my problem turned out to be good ol' user error. I has assumed that since my ftp client reported that is was entering passive mode, that it had been in active mode before that. Not so. When I explicitly disable passive mode (by typing "passive") I can connect just fine. No firewall problem.

Sorry for the wasted bandwidth ...

- Bruce

daltxguy 01-25-2006 05:48 AM
Not wasted bandwidth as I just experienced this same issue and your hint to enter passive mode was exactly what I needed. Thanks.

Steve


All times are GMT -5. The time now is 01:46 PM.