LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 05-01-2013, 01:24 PM   #1
johngaz
LQ Newbie
 
Registered: May 2013
Posts: 4

Rep: Reputation: Disabled
vsftp server handling both active and passive connections


I have what I think is a very basic question but I cannot find a definite answer. I have a server that needs to be able to handle any type of FTP user active or passive and sftp I have sftp working and either active or passive not both. I am using vsftp but would be willing to change if I need different ftp version. I am running suse 11 sp2 I can connect with either passive or active depending on my configuration file, so is thers a ftp server taht can handle both a active and passive connection?
 
Old 05-01-2013, 02:17 PM   #2
Z038
Member
 
Registered: Jan 2006
Distribution: Slackware
Posts: 804

Rep: Reputation: 157Reputation: 157
vsftp supports both active and passive modes. The default for the pasv_enable configuration file directive is YES. If you specify NO, then vsftpd is forced to active mode only.
 
Old 05-01-2013, 02:53 PM   #3
johngaz
LQ Newbie
 
Registered: May 2013
Posts: 4

Original Poster
Rep: Reputation: Disabled
Thanks for the quick response but if I comment out the pasv_enable or set it to YES I cannot get ACTIVE to work it will only respond to PASSIVE request If I set it to NO only active works. So it sounds like what you are saying is if I have PASV_ENABLE set to YES I should be able to either passive or active connections which I do not seem to be able to accomplish.
 
Old 05-01-2013, 03:22 PM   #4
Z038
Member
 
Registered: Jan 2006
Distribution: Slackware
Posts: 804

Rep: Reputation: 157Reputation: 157
Yes, I'm saying that pasv_enable=YES (the default value for this parameter) should allow your vsftp server to support both active and passive mode.

I just tested it and both passive and active modes work correctly on my vsftp server. When I connect to my server from another system, it starts out in active mode. If I enter a command, it tells me to consider using PASV.

Code:
ftp> ls -al
200 PORT command successful.  Consider using PASV.
150 Here comes the directory listing.
  (directory listing displayed here)

ftp> passive
Passive mode on.
ftp> ls -al
227 Entering Passive Mode (192.168.1.15,117,146).
150 Here comes the directory listing.
  (directory listing displayed here)

ftp>
 
Old 05-01-2013, 04:20 PM   #5
johngaz
LQ Newbie
 
Registered: May 2013
Posts: 4

Original Poster
Rep: Reputation: Disabled
Just wondering what happens when you try to get or put a file?
 
Old 05-01-2013, 05:20 PM   #6
Z038
Member
 
Registered: Jan 2006
Distribution: Slackware
Posts: 804

Rep: Reputation: 157Reputation: 157
Here is a get for a file on the server, first in active mode, then in passive mode.

Code:
me@home7:/home/me$ ftp ftpsrv1
Connected to ftpsrv1.home.com.
220-Private FTP server - unauthorized access prohibited
220
Name (ftpsrv1:me):
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp>
ftp> cd ftp
250 Directory successfully changed.
ftp> ls
200 PORT command successful. Consider using PASV.
150 Here comes the directory listing.
-rw-------    1 1000     104            10 May 01 16:59 a.file
226 Directory send OK.
ftp>
ftp> get a.file
local: a.file remote: a.file
200 PORT command successful. Consider using PASV.
150 Opening BINARY mode data connection for a.file (10 bytes).
226 Transfer complete.
10 bytes received in 7.4e-05 secs (1.3e+02 Kbytes/sec)
ftp>
ftp>
ftp> passive
Passive mode on.
ftp> get a.file
local: a.file remote: a.file
227 Entering Passive Mode (192,168,1,15,117,144).
150 Opening BINARY mode data connection for a.file (10 bytes).
226 Transfer complete.
10 bytes received in 0.000708 secs (14 Kbytes/sec)
ftp>
As you can see, the get worked in both active and passive modes.

Are your clients Windows, *nix, Mac, or something else?

Have you set up your firewall to allow incoming connections to your server on port 21?

For active mode, does the firewall on your client systems allow the server to open a connection to port 20 on the client?

Do you have these directives in your config file? You might have different min/max port range.

Code:
connect_from_port_20=YES
pasv_enable=YES
pasv_min_port=30000
pasv_max_port=30099
Did you open up your firewall for those ports too?

Code:
iptables -I INPUT -p tcp --destination-port 30000:30099 -j ACCEPT
Can you post your vsftpd.conf file?
 
Old 05-06-2013, 08:59 PM   #7
johngaz
LQ Newbie
 
Registered: May 2013
Posts: 4

Original Poster
Rep: Reputation: Disabled
Thanks again
looking at your vsftpd.conf file I have my setting set up on the server I have opened the ports on the firewall to allow traffic. I am testing with a ftp from the Windows command line. I have tried from different ISP's but still seem to have the issue.I think the problem may be in my firewall not sending the proper IP address back from the server. Since I know it should work I will look closer at my firewall settings thanks again
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
FTP-active vs passive jmomlhm Linux - Networking 2 10-16-2012 02:04 PM
LXer: Ubuntu 9.10: FTP Active or Passive Connections LXer Syndicated Linux News 0 10-19-2009 09:00 PM
Proftpd passive connections gabsik Linux - Networking 5 06-18-2006 06:18 AM
passive+active connections and fxp+glftpd NonSumPisces Linux - Newbie 0 08-27-2004 01:39 PM
vsftp passive mode breaking bluethundr Linux - Networking 2 02-24-2004 07:13 AM


All times are GMT -5. The time now is 02:33 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration