LinuxQuestions.org
View the Most Wanted LQ Wiki articles.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 10-27-2003, 04:23 PM   #1
simonmccourt
LQ Newbie
 
Registered: Sep 2003
Posts: 22

Rep: Reputation: 15
Question vsftpd - local connection refused


Hello,
I'm trying to run vsftpd on redhat 8. I had it accepting anon connections a few days ago but it decided yesterday not to do so any more. I can connect to 127.0.0.1 no problem but cannot connect to my eth0 IP even from the machine itself. The error message I get is simply "Connection refused".
I have no firewalling in place. I have an entry in hosts.allow of "vsftpd: ALL".
While we're on the subject, can anyone point me to a good site that gives comprehensive, step-by-step instructions for setting up vsftp? I'd eventually like to get this machine accepting authenticated users only.
Thanks in advance for you flep.
Si
 
Old 10-28-2003, 01:34 PM   #2
david_ross
Moderator
 
Registered: Mar 2003
Location: Scotland
Distribution: Slackware, RedHat, Debian
Posts: 12,047

Rep: Reputation: 64
Welcome to LQ.

Is the service listening on addresses other than the loopback? post the output of:
netstat -nlp
iptables -L

You cna get lots of info about config options by running:
man smb.conf
 
Old 10-29-2003, 06:02 AM   #3
simonmccourt
LQ Newbie
 
Registered: Sep 2003
Posts: 22

Original Poster
Rep: Reputation: 15
Thanks. I'll get that info later today and post it.
 
Old 10-30-2003, 12:51 AM   #4
simonmccourt
LQ Newbie
 
Registered: Sep 2003
Posts: 22

Original Poster
Rep: Reputation: 15
Looks like port 21 is listening...

Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:32768 0.0.0.0:* LISTEN 543/rpc.statd
tcp 0 0 127.0.0.1:32769 0.0.0.0:* LISTEN 677/xinetd
tcp 0 0 0.0.0.0:515 0.0.0.0:* LISTEN 690/lpd Waiting
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 524/portmap
tcp 0 0 0.0.0.0:6000 0.0.0.0:* LISTEN 858/X
tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN 677/xinetd
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 662/sshd
tcp 0 0 0.0.0.0:23 0.0.0.0:* LISTEN 677/xinetd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 712/sendmail: accep
udp 0 0 0.0.0.0:32769 0.0.0.0:* 543/rpc.statd
udp 0 0 0.0.0.0:68 0.0.0.0:* 450/dhclient
udp 0 0 0.0.0.0:719 0.0.0.0:* 543/rpc.statd
udp 0 0 0.0.0.0:111 0.0.0.0:* 524/portmap

IPTABLES
Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
 
Old 10-30-2003, 01:50 PM   #5
david_ross
Moderator
 
Registered: Mar 2003
Location: Scotland
Distribution: Slackware, RedHat, Debian
Posts: 12,047

Rep: Reputation: 64
That should be fine - can you post your config file too.
 
Old 10-30-2003, 04:40 PM   #6
simonmccourt
LQ Newbie
 
Registered: Sep 2003
Posts: 22

Original Poster
Rep: Reputation: 15
Can do...but before you go any further I should tell you I have since reinstalled but am still having this issue. I removed the RPM and downloaded the latest tarball from http://vsftpd.beasts.org.
This conf file is different from what I had before but the error message is identical.

# Access rights
anonymous_enable=YES
local_enable=NO
write_enable=NO
anon_upload_enable=NO
anon_mkdir_write_enable=NO
anon_other_write_enable=NO
# Security
anon_world_readable_only=YES
connect_from_port_20=YES
hide_ids=YES
pasv_min_port=50000
pasv_max_port=60000
# Features
xferlog_enable=YES
ls_recurse_enable=NO
ascii_download_enable=NO
async_abor_enable=YES
# Performance
one_process_model=YES
idle_session_timeout=120
data_connection_timeout=300
accept_timeout=60
connect_timeout=60
anon_max_rate=50000
 
Old 10-30-2003, 05:54 PM   #7
simonmccourt
LQ Newbie
 
Registered: Sep 2003
Posts: 22

Original Poster
Rep: Reputation: 15
This is interesting. I tested telnet to see if maybe the problem wasn't just with vsftp and, sure enough, I'm having the same problem; I can telnet to localhost but not to my IP.

This makes me think maybe it's the firewall, but as you know I've flushed all my iptables.
Any thoughts?

On a related note, if I open the GUI for the firewall (I run Red Hat 8.0) and change the setting from, say, 'High' to 'No Firewall', click OK, and then reopen the tool...it appears that the configuration is exactly as it was before I made the change. I think I remember reading somewhere that the GUI will always display the same setting no matter what. This makes no sense to me. In fact, I'm fairly sure I've seen the GUI reflect the way I most recently set it. But now it stays the same.

Is there a reason why my firewall changes apparently don't stick?
 
Old 10-31-2003, 12:43 PM   #8
david_ross
Moderator
 
Registered: Mar 2003
Location: Scotland
Distribution: Slackware, RedHat, Debian
Posts: 12,047

Rep: Reputation: 64
Lookit - the firewall tool does not remember firewall rules so you need to apply them each time or better yet just write a simple bash script.

Can you ping your own IP?
 
Old 10-31-2003, 11:10 PM   #9
shadow
LQ Newbie
 
Registered: Feb 2003
Distribution: Redhat 8
Posts: 19

Rep: Reputation: 0
I HAD A SIMILAR PROBLEM AND I SET THE FTP CLIENT TO RUN IN PASSIVE MODE AND IT WORKS FINE NOW
 
Old 11-01-2003, 12:33 AM   #10
adz
Senior Member
 
Registered: Jun 2003
Location: Sydney
Distribution: Debian, FreeBSD
Posts: 1,713

Rep: Reputation: 53
No need to shout...
 
Old 11-01-2003, 04:50 AM   #11
simonmccourt
LQ Newbie
 
Registered: Sep 2003
Posts: 22

Original Poster
Rep: Reputation: 15
OK, this is REALLY embarrassing.

Um...I was trying to connect to the wrong IP. You'd think that would be the first thing I'd check, but oh no...it was actually the LAST thing I checked.

Sshhh...don't tell anyone.
 
Old 11-01-2003, 11:49 AM   #12
simonmccourt
LQ Newbie
 
Registered: Sep 2003
Posts: 22

Original Poster
Rep: Reputation: 15
OK, so now I can connect anonymously. What I want is to set up authenticated access. So I followed the instructions here,
ftp://vsftpd.beasts.org/users/cevans...L_USERS/README

However, when I try to authenticate now I get a "530 Login incorrect" error. I checked /var/log/messages and the last entry is as follows:
localhost pam_userdb[1358]: user_lookup: could not open database `/etc/vsftpd_login.db'
Permissions for this database are shown below,
-rw------- 1 root root 12288 Nov 1 13:07 vsftpd_login.db

Any thoughts?
 
Old 11-01-2003, 01:11 PM   #13
david_ross
Moderator
 
Registered: Mar 2003
Location: Scotland
Distribution: Slackware, RedHat, Debian
Posts: 12,047

Rep: Reputation: 64
I've never setup vsftpd to authenticate to an extra database like that before but I would guess that you don't have Berkley DB installed.
 
Old 11-02-2003, 10:27 AM   #14
simonmccourt
LQ Newbie
 
Registered: Sep 2003
Posts: 22

Original Poster
Rep: Reputation: 15
I installed it alright. That's how I created the db in the first place.
 
Old 11-02-2003, 10:31 AM   #15
david_ross
Moderator
 
Registered: Mar 2003
Location: Scotland
Distribution: Slackware, RedHat, Debian
Posts: 12,047

Rep: Reputation: 64
Are you sure the db files is /etc/vsftpd_login.db and not /etc/vsftpd/vsftpd_login.db or somethign else?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Socket Connection Failed: 111 Connection Refused degraffenried13 Linux - General 3 05-31-2009 01:17 AM
vsftpd no connection other than local killahsmurf Linux - Networking 3 04-13-2005 02:42 AM
ZEBRA :telnet local host 2604 refused?? Y fhameed Linux - Networking 0 12-08-2004 11:19 AM
vsftpd connection refused rhonneil Linux - Newbie 0 09-25-2003 12:30 AM
vsftpd Connection Refused Errors SForsgren Linux - General 2 04-26-2003 11:46 PM


All times are GMT -5. The time now is 07:35 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration