LinuxQuestions.org
View the Most Wanted LQ Wiki articles.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
LinkBack Search this Thread
Old 02-05-2004, 04:09 PM   #1
cevjr
Member
 
Registered: Jul 2003
Location: USA
Distribution: Slack 12.2 and Ubuntu 9.04
Posts: 61

Rep: Reputation: 15
ProFTPd - can connect locally but...Could it be that Verizon DSL does not allow port


I think everything is AOK! Could it be that Verizon DSL does not allow port forwarding??? I know this sounds strange but....

OK I have made some progress but still don't have 100% success.
Here's what I have so far:
I have a dynamically assigned IP address from Verizon DSL. I have proftpd up and running and I can ftp localhost.
I can also ftp 192.168.0.x from a PC on my local network. However if I were outside my local network and wanted to connect to the IP address assigned from Verizon...I would not be able to do it.

My setup:
Netgear Router/Nat portforwarding FTP port 21 to 192.168.0.x
firewall opened ports 20 and 21
/etc/hosts.allow has
ftpd: 19.2 192.168.0.x 151.xx.xx.xxx (I tried this hoping that it would allow incoming ftp connection from a specific address)

and my /etc/proftpd.conf file is the basic one:

ServerName "ProFTPD Default Installation"
ServerType standalone
DefaultServer on

# Port 21 is the standard FTP port.
Port 21

# Umask 022 is a good standard umask to prevent new dirs and files
# from being group and world writable.
Umask 022

# To prevent DoS attacks, set the maximum number of child processes
# to 30. If you need to allow more than 30 concurrent connections
# at once, simply increase this value. Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd).
MaxInstances 30

# Set the user and group under which the server will run.
User nobody
Group nogroup

# To cause every FTP user to be "jailed" (chrooted) into their home
# directory, uncomment this line.
#DefaultRoot ~

# Normally, we want files to be overwriteable.
<Directory />
AllowOverwrite on
</Directory>

# A basic anonymous configuration, no upload directories. If you do not
# want anonymous users, simply delete this entire <Anonymous> section.
<Anonymous ~ftp>
User ftp
Group ftp
RequireValidShell no
# We want clients to be able to login with "anonymous" as well as "ftp"
UserAlias anonymous ftp

# Limit the maximum number of anonymous logins
MaxClients 10

# We want 'welcome.msg' displayed at login, and '.message' displayed
# in each newly chdired directory.
DisplayLogin welcome.msg
DisplayFirstChdir .message

# Limit WRITE everywhere in the anonymous chroot
<Limit WRITE>
DenyAll
</Limit>
</Anonymous>
 
Old 02-05-2004, 06:44 PM   #2
Martin O
LQ Newbie
 
Registered: Dec 2003
Location: Dundee, Scotland
Distribution: Mandrake 9.2, Fedora Core 1
Posts: 4

Rep: Reputation: 0
Have you tried a portscan

Hi there,

Have you tried doing a portscan from outside your internal network ?

If you have nmap installed on the remote host you are trying to connnect from you can simply type:

nmap -sT your.public.ip.address

This should portscan your ip address and see what ports you can connect to on your ftp server.

If you can't see port 21 then there might be a problem with your firewall setup.

Hope this was a help to you!

Martin
 
Old 02-19-2004, 09:48 PM   #3
nktidwell
LQ Newbie
 
Registered: Feb 2004
Posts: 2

Rep: Reputation: 0
Unhappy

Verizon Online does not allow one to run a server... Details are at the verizon website, I tried the same my self...
 
Old 02-19-2004, 10:49 PM   #4
flashingcurser
Member
 
Registered: Jan 2003
Distribution: many win/nix/mac
Posts: 259

Rep: Reputation: 31
I'm curious, how does verison stop you?
 
Old 02-21-2004, 09:46 PM   #5
nktidwell
LQ Newbie
 
Registered: Feb 2004
Posts: 2

Rep: Reputation: 0
Question

They black hole port 80 incoming connections. There may be a way to get around this by using a different port (ie. 8080).
 
Old 02-22-2004, 04:42 PM   #6
cevjr
Member
 
Registered: Jul 2003
Location: USA
Distribution: Slack 12.2 and Ubuntu 9.04
Posts: 61

Original Poster
Rep: Reputation: 15
Verizon does not stop your FTP connection. I was wrong! The problem I had was that the Netgear MR814 router that I use does not allow more than 1 connection on the forwarded port. Since I was trying to connect from inside my network...it was preventing me. However when I went outside my local network (someone elses house - it worked). If this does not make sense let me know or go to http://kbserver.netgear.com/kb_web_f...sp#RP614Anchor

So, to summarize what I did:

for anonymous connection no uploading!
use proftpd-1.2.8-1386-2
modify files
/etc/ftpusers (get rid of ftp)
/etc/proftpd.conf (use the basic conf)
remember to port forward on router ports 20 & 21
remember to open ports 20 & 21 on firewall

USE gFTP for an ftp client
IF LOCAL
on client side: log into 192.168.x.x and do not allow passive

IF WWW (make sure you are outside of your local network)
on client side: log into ipaddressverizongives.x.x.x and do not allow passive/try passive
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Verizon DSL AlleyTrotter Slackware 6 11-01-2005 10:59 AM
route locally generated traffic to ip:port to localhost:port maenho Linux - Software 2 03-11-2005 04:08 AM
rerouting verizon DSL port 80 w/ router squi Linux - Networking 1 01-10-2004 11:59 PM
help me with my verizon DSL? kayiman74 Linux - General 3 01-12-2003 11:26 PM
Verizon DSL Skidde Linux - General 4 12-30-2002 02:07 PM


All times are GMT -5. The time now is 02:43 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration