Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I am having trouble with vsftp. The problem I am having is trying to get the vsftpd to permit PASV mode connections. At the moment, it isn't accepting PASV mode. When I connect and have PASV turned on in my ftp client, I get the following:
220 Welcome to the FTP Server.
USER myftpuser
331 Please specify the password.
PASS (password not shown)
230 Login successful.
PWD
257 "/"
TYPE A
200 Switching to ASCII mode.
CWD /
250 Directory successfully changed.
PASV
227 Entering Passive Mode (210,19,194,98,146,112)
LIST
It then just sits there until it times out. No directory listing, nothing. If I connect with PASV mode turned off, I can access correctly. As you can see from my vsftpd.conf file listed below, I have pasv_enable=YES so I am somewhat confused as to why it wouldn't permit me to get directory listings etc. in pasv mode.
anonymous_enable=NO
local_enable=YES
write_enable=YES
local_umask=022
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
ftpd_banner=Welcome to the FTP Server.
chroot_list_enable=YES
chroot_list_file=/etc/vsftpd.chroot_list
listen=NO
chroot_local_user=YES
passwd_chroot_enable=YES
userlist_enable=YES
userlist_deny=NO
userlist_file=/etc/vsftpd.userlist_file
pasv_enable=YES
pasv_address=x.y.w.z (I have a fixed IP which I have removed for this post)
I have noted that there has been some discussion where people have problems access in pasv mode due to router problems. Currently I am trying to first establish everything working from my internal network so the router shouldn't be an issue(I think, but external connections to my FTP are finding the same result). However, incase it is, I am using a Dlink DI-704P with firmware v3.04. The firewall is run by the router and not my linux box so I assume it isn't a firewall issue.
Passive and active FTP mode are only different in one aspect. The port numbers they use.
Active mode uses ports 20 and 21 on the server. Passive mode uses ports 20 and a port > 1024.
Ports < 1024, called privileged ports, are reserved for certain protocols (ie port 80 => always HTTP protocol).
Servers offering HTTP service (ie web service) will thus need to open port 80.
Ports > 1024, on the other hand, are free to be used by any application in principle. Because these ports are used by clients when they connect to a server on a privileged port, servers usually have blocked access to these ports (servers aren't intended for running client apps). However, passive ftp is an exception to this rule of thumb.
Maybe your firewall doesn't allow access to ports > 1024 on the server, thus blocking any data from passing
when you're in passive mode.
To solve that:
-decide on a range of port numbers (not just one, but ie 100 consecutive numbers) above 1024 to be used for passive FTP.
-unblock access to those ports on the firewall
-make sure the ftp server uses a port in the chosen range for passive ftp.
Your suggestion seemed to work. I find it very strange since I was trying to connect from behind the firewall so the ports on the router shouldn't have made a difference but they did. Anyway, I'm grateful it is now working. Thanks
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.