LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)
-   -   ProFTPd connections hanging - port 113? (https://www.linuxquestions.org/questions/linux-networking-3/proftpd-connections-hanging-port-113-a-207932/)

JamesF1 07-21-2004 12:27 PM
ProFTPd connections hanging - port 113?
 
Hi guys,

I've been pulling my hair out with a proftp problem for a few months now and I'm at a loss as to why it doesn't work.

Almost everyone globally have no problem connecting to Ftp in passive and active modes but a group of people within a particular external network only get as far as the inital login stages - or slightly further before their connection hangs and times out. But they have no problem with ftp connections to other sites.

I've read somewhere that this has to do with port 113 authentication. The administrator of the affected network has told me that he is seeing port 113 traffic to my server and this is being filtered out on their firewall which explains why the connection timing out.

The server is in standalone mode on a Cobalt Raq3 machine. I've set IdentLookups off as well as ReverseDNS lookups off. I would have expected this to sort out the problem but it's still failing. Is there something I'm forgetting to disable? Could xinetd/inetd be opening connections on port 113?

James

http://www.linuxquestions.org/questi...ead&forumid=3#

ppuru 07-21-2004 10:17 PM
Try putting firewall rules that will REJECT ident traffic... MAY help.

JamesF1 07-22-2004 04:17 AM
I'm not sure that will work - they don't have this problem with other ftp sites but at this stage I'll try anything. Hopefully the server will be smart enough to realize the thinking behind it.


http://www.linuxquestions.org/questi...readid=207932#

ppuru 07-22-2004 11:31 AM
OK .. after doing some rethinking about your problem ... this group of people within a particular external network ... do they use any of those ubiquitous old non-linux OS to connect to your ftp server?

Some of these old non-Linux OSes have ftp clients that do not support passive ftp. They may need to enable passive ftp on their browsers to get to the linux-based ftp servers.

JamesF1 08-04-2004 10:16 AM
I've tried to "REJECT" the auth packets - no luck :-(

The internal users have an ftp application that can do passive ftp.

The server is running in standalone mode rather than inetd - I think this is useful to know but what I'd like to know is how do I disable the auth completely - or at least for the proftp service.


All times are GMT -5. The time now is 04:25 PM.