Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I have a bad problem with ftp. When I try to login to my webserver out on the net from my linux box on my lan, it hangs. I get:
Code:
[adam@gondor adam]$ ftp 212.227.119.104
Connected to 212.227.119.104 (212.227.119.104).
220 FTP Server ready.
Name (212.227.119.104:adam): myusername
421 Login Timeout (30 seconds): closing control connection.
Login failed.
No control connection for command: Permission denied
ftp>
Basically it hangs after I enter the user name.
Strangely, it works from my windows box on the same LAN.
One question.
The server ftp requires a password for your user.
Notes: the ftp command run in tcp 20 and the data run in tcp 21, may be possible that you need run a module for ftp.
I'm having a very similiar problem, only my FT hangs after I enter the password. It only does this when I enter the correct password (if I enter the incorrect one the ftp server responds immediately). It happens no matter what FTP client I use (I've tried five) on Linux, but on Windows (from the same machine, dual-boot) I can connect just fine. Anyone have any suggestions, this is really frustrating.
Distribution: Slackware 13; Ubuntu Raspberry Pi OS
Posts: 255
Rep:
Are you running any firewalling stuff? Sounds like it's going into passive mode then timing out. You log in using port 21 and I think it is switching to port 22 after you authenticate.
Oh yeah, you might check /etc/hosts.allow and /etc/hosts.deny to make sure there isn't anything blocking local addresses.
I am running iptables, and below is part of my script. However I have run this for a year without changing it - or at least I think I have. But now I'm looking at it again, I'm not so sure that I'm allowing the right stuff back in on the tcp2 chain. I've removed parts of the script that aren't directly related to the ftp.
Code:
iptables -P INPUT DROP
iptables -P OUTPUT DROP
iptables -P FORWARD DROP
iptables -N tcp_bad
echo " - drop non-SYN packets"
iptables -A tcp_bad -p tcp ! --syn -m state --state NEW -j DROP
echo " - do some checks for obviously spoofed IP's"
iptables -A tcp_bad -i eth1 -s 192.168.0.0/16 -j DROP
iptables -A tcp_bad -i eth1 -s 10.0.0.0/8 -j DROP
iptables -A tcp_bad -i eth1 -s 172.16.0.0/12 -j DROP
echo " setting up 2nd tcp chain for TCP connections.."
echo " - accepting SYN, ESTABLISHED, RELATED"
iptables -N tcp2
iptables -A tcp2 -p TCP --syn -j ACCEPT
iptables -A tcp2 -p TCP -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A tcp2 -p TCP -j DROP
echo " setting up 1st chain for TCP.."
iptables -N tcp_ok
iptables -A tcp_ok -p TCP -s 0/0 --dport 21 -j tcp2
iptables -A tcp_ok -p TCP -s 0/0 --dport 22 -j tcp2
iptables -A tcp_ok -p TCP -s 0/0 --dport 80 -j tcp2
iptables -A tcp_ok -p TCP -s 0/0 --dport 113 -j tcp2
echo " setting up INPUT chain.."
echo " - first filter thro tcp_bad..."
iptables -A INPUT -p TCP -j tcp_bad
iptables -A INPUT -p TCP -i eth1 -j tcp_ok
iptables -A INPUT -p ICMP -i eth1 -j icmp_ok
iptables -A INPUT -p ICMP -i eth1 -j icmp_ok
iptables -A INPUT -p UDP -i eth1 -j udp_ok
iptables -A INPUT -p ALL -i lo -d 127.0.0.1 -j ACCEPT
iptables -A INPUT -p ALL -i lo -s 192.168.1.254 -j ACCEPT
iptables -A INPUT -p ALL -i eth0 -s 192.168.1.0/8 -j ACCEPT
iptables -A INPUT -p ALL -i eth1 -m state --state ESTABLISHED,RELATED -j ACCEPT
echo " setting up OUTPUT chain.."
iptables -A OUTPUT -p TCP -j tcp_bad
iptables -A OUTPUT -p ALL -s 127.0.0.1 -j ACCEPT
iptables -A OUTPUT -p ALL -s 192.168.1.254 -j ACCEPT
iptables -A OUTPUT -p ALL -o eth0 -j ACCEPT
iptables -A OUTPUT -p ALL -o eth1 -j ACCEPT
echo -e "\nfirewall done.\n"
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.