LinuxQuestions.org
Visit the LQ Articles and Editorials section
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices

Reply
 
Search this Thread
Old 12-26-2005, 08:22 PM   #1
yimboli
LQ Newbie
 
Registered: Feb 2004
Distribution: Slackware
Posts: 24

Rep: Reputation: 15
Unhappy proftpd only works in standalone mode, not inetd mode (slack 10.2)


Hi all

Subject says it all. I'll sort my information according to the value assigned to ServerType in /etc/proftpd.conf.

When ServerType is set to "inetd":
1. I have confirmed that inetd is running with
Code:
root@yimux:/home/yimboli# ps aux | grep inetd
root      1262  0.0  0.2   1412   504 ?        Ss   20:54   0:00 /usr/sbin/inetd
root      1604  0.0  0.3   1676   612 pts/1    S+   21:00   0:00 grep inetd
2. I cannot ftp into localhost at all
Code:
yimboli@yimux:~$ ftp localhost
ftp: connect: Connection refused
ftp> quit
yimboli@yimux:~$
3. proftpd reads
Code:
ServerType                      inetd
4. I also cannot ftp into my linux box from my windows box (both behind my router)

When ServerType is set to "standalone":
1. I can get the ftp server to work, as demonstrated here:
Code:
yimboli@yimux:~$ ftp localhost
ftp: connect: Connection refused
ftp> quit
yimboli@yimux:~$ su root
Password:
root@yimux:/home/yimboli# proftpd
root@yimux:/home/yimboli# exit
exit
yimboli@yimux:~$ ftp localhost
Connected to localhost.
220 ProFTPD 1.2.10 Server (ProFTPD Default Installation) [127.0.0.1]
Name (localhost:yimboli): yimboli
331 Password required for yimboli.
Password:
230 User yimboli logged in.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp>
2. My /etc/proftpd.conf file looks like this
Code:
# This is a basic ProFTPD configuration file.
# It establishes a single server and a single anonymous login.
# It assumes that you have a user/group "nobody" and "ftp" 
# for normal/anonymous operation.

ServerName			"ProFTPD Default Installation"
ServerType			standalone
#ServerType			inetd
DefaultServer			on

# Port 21 is the standard FTP port.
Port				21
# Umask 022 is a good standard umask to prevent new dirs and files
# from being group and world writable.
Umask				022

# To prevent DoS attacks, set the maximum number of child processes
# to 30.  If you need to allow more than 30 concurrent connections
# at once, simply increase this value.  Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd)
MaxInstances			30

# Set the user and group that the server normally runs at.
User				nobody
Group				nogroup

# This next option is required for NIS or NIS+ to work properly:
#PersistentPasswd off

SystemLog			/var/log/proftpd.log
TransferLog			/var/log/xferlog

# Normally, we want files to be overwriteable.
<Directory /*>
  AllowOverwrite		on
</Directory>

# A basic anonymous FTP server configuration.
# To enable this, remove the user ftp from /etc/ftpusers.
<Anonymous ~ftp>
  RequireValidShell		off
  User				ftp
  Group				ftp
  # We want clients to be able to login with "anonymous" as well as "ftp"
  UserAlias			anonymous ftp

  # Limit the maximum number of anonymous logins
  MaxClients			50

  # We want 'welcome.msg' displayed at login, and '.message' displayed
  # in each newly chdired directory.
  DisplayLogin			welcome.msg
  DisplayFirstChdir		.message

  # Limit WRITE everywhere in the anonymous chroot
  <Limit WRITE>
    DenyAll
  </Limit>

  # An upload directory that allows storing files but not retrieving
  # or creating directories.
#  <Directory incoming/*>
#    <Limit READ>
#      DenyAll
#    </Limit>
#
#    <Limit STOR>
#      AllowAll
#    </Limit>
#  </Directory>

</Anonymous>
3. I *can* ftp into my linux box from my windows box (both behind my router)

4. People outside my network *cannot* ftp into my linux box, getting this error message: DOH how do I upload an image???


This is my fourth or so time installing slackware, but I never had this problem before. It is, however, my first time installing 10.2. Any ideas as to why inetd won't work? I know, someone might say "dont fix it if it's not broken", but unless I'm mistaken, inetd is the preferred way to run proftpd, so I'd like to get to the bottom of this.

Last edited by yimboli; 12-26-2005 at 10:09 PM.
 
Old 12-27-2005, 07:32 AM   #2
bathory
Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 10,925

Rep: Reputation: 1327Reputation: 1327Reputation: 1327Reputation: 1327Reputation: 1327Reputation: 1327Reputation: 1327Reputation: 1327Reputation: 1327Reputation: 1327
To use proftpd (and any other ftp daemon) through inetd you should add, or edit (if it exists) the following line in /etc/inetd.conf.
Code:
ftp    stream  tcp     nowait  root    /usr/sbin/tcpd  /path/to/proftpd
and then restart inetd.
 
Old 12-27-2005, 06:19 PM   #3
yimboli
LQ Newbie
 
Registered: Feb 2004
Distribution: Slackware
Posts: 24

Original Poster
Rep: Reputation: 15
getting closer...

Hi bathory

Thanks for the reply. Here's how /etc/inetd.conf reads now:

Code:
# These are standard services:
#
# Very Secure File Transfer Protocol (FTP) server.
#ftp     stream  tcp     nowait  root    /usr/sbin/tcpd  vsftpd
#
# Professional File Transfer Protocol (FTP) server.
ftp     stream  tcp     nowait  root    /usr/sbin/tcpd  /usr/sbin/proftpd
#
# Telnet server:
#telnet stream  tcp     nowait  root    /usr/sbin/tcpd  in.telnetd
#
Unfortunately, I still get an error when I ftp into localhost:
Code:
root@yimux:/home/yimboli# ftp localhost
Connected to localhost.
421 Service not available, remote server has closed connection
ftp>
I did make sure inetd was running:
Code:
root@yimux:/home/yimboli# ps -A|grep inetd
 1668 ?        00:00:00 inetd
root@yimux:/home/yimboli#
Note that this is definitely an improvement on the previous error, which happened before I altered /etc/inetd.conf:
Code:
root@yimux:/home/yimboli# ftp localhost
ftp: connect: Connection refused
ftp>
I'm still at a loss, but at least im making progress...

Also, I seem to recall a suave way to restart processes with ps... is there one? there must be an easier way than piping ps through grep, killing the pid, and starting the process again.
 
Old 12-27-2005, 06:35 PM   #4
yimboli
LQ Newbie
 
Registered: Feb 2004
Distribution: Slackware
Posts: 24

Original Poster
Rep: Reputation: 15
Nevermind on that last post, protfpd.conf still had ServerType set to standalone, so I changed it to inetd and restarted inetd! woohoo! so let me get this straight, if I wanna change proftpd to standalone mode, I need to change ServerType in proftpd.conf to standalone, and ALSO comment out the line about proftpd in inetd.conf, correct????

Still wondering about a one-line process restart command

Also, here's my latest FTP woe: FTP works fine if I plug the cat5e cord from my cable modem DIRECTLY into my linux box and let them figure out the IP. However, if I put my router between the cable modem and the linux box, people cannot see the contents of the folders, but they can log in. Specifically, when peter logs in with his user and pass, they are accepted as correct, and internet explorer proceeds to lag out after 300 seconds of sending directory requests (i assume they are directory requests because the only thing that ever shows up in the folder contents portion of the window is an hourglass). I have ports 20 and 21 forwarded on my router to my linux box.

Also, so you dont think I'm asking a question empty-handed, I used ethereal to capture some packets when I tried to ftp from my windows machine to the linux box using the ROUTER's ip address (in other words I think this approach mimics an outside person ftping in), and noticed that my windows box sent the request FROM its port 4049 (a random choice i think) TO port 21 on the router, which was then forwarded to the linux box. I cannot, however, figure why the connection lags out. I'm almost positive it's router-related because, like I said, FTP works like a charm if I plug my internet DIRECTLY into the linux box, but it stops when I put the router in the middle.

Suggestions?
 
Old 12-28-2005, 07:39 AM   #5
bathory
Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 10,925

Rep: Reputation: 1327Reputation: 1327Reputation: 1327Reputation: 1327Reputation: 1327Reputation: 1327Reputation: 1327Reputation: 1327Reputation: 1327Reputation: 1327
Quote:
if I wanna change proftpd to standalone mode, I need to change ServerType in proftpd.conf to standalone, and ALSO comment out the line about proftpd in inetd.conf, correct????
Correct!!
As for the rest, you should use passive mode to be able to browse your ftp server, or forward also port 20 (which is the ftp data port) from the router to your ftp server. If you have done that with no success then it's maybe iptables that prevent active ftp
 
Old 12-28-2005, 08:05 AM   #6
yimboli
LQ Newbie
 
Registered: Feb 2004
Distribution: Slackware
Posts: 24

Original Poster
Rep: Reputation: 15
okay, I'll have to check those out after work... but one thing is confusing me already: passive vs. active mode. When I've logged into FTPs on my windows box, I've never had to select an active or passive mode, so I'm unclear as to how such a change helps me when I'm remotely logging in.

Also, it seems like my linux box is set up just right now, with my router being the problem. proftpd is running in inetd mode, like I want it to. And good old peter copied 155 megs of stuff last night from my FTP, but that was when my cable modem was plugged directly into the linux box. Now, however, with the cable modem going to the router, and the router going to both the linux box and the windows box, I'm having issues, even though I forward both ports 20 and 21 to my linux box.

but wait, you mentioned IP tables... now I'm wondering if that's the problem. I have no clue what ip tables are, but from the sound of it, my initial thoughts are that by adding a device with its own IP address (router), I might mess up the "ip table"?

The list of things to research grows and grows! so much to learn with linux, so little time off... i guess it would help if my job was remotely related to computer stuff.

thanks for the help, I'll look into ip tables.
 
Old 12-28-2005, 08:19 AM   #7
bathory
Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 10,925

Rep: Reputation: 1327Reputation: 1327Reputation: 1327Reputation: 1327Reputation: 1327Reputation: 1327Reputation: 1327Reputation: 1327Reputation: 1327Reputation: 1327
Iptables (note: it's one word, not 2: ip tables) it's a sort of firewall installed by default in most modern linux distros, which prevents unauthorized access to your box ports. You have to "open" a port in iptables rules to be able to use that port.
 
Old 12-28-2005, 10:51 AM   #8
yimboli
LQ Newbie
 
Registered: Feb 2004
Distribution: Slackware
Posts: 24

Original Poster
Rep: Reputation: 15
Oh, now I see. I remember something about that when I had a call of duty 1 server running in slack 8.something on my college lan. Let me ask from the theoretical perspective though, if the FTP worked fine without the router, doesn't that show that there are no firewall/iptable issues? adding a router between the linux box and the internet cloud wouldn't make my *linux box* the actual problem, would it? I'm more inclined to investigate my router as the culprit.

again, I'll check this when I get home.

Last edited by yimboli; 12-28-2005 at 11:01 AM.
 
Old 12-30-2005, 08:48 AM   #9
yimboli
LQ Newbie
 
Registered: Feb 2004
Distribution: Slackware
Posts: 24

Original Poster
Rep: Reputation: 15
strange

It seems that directory requests work in command line programs (such as ftp in winxp's command prompt, or ftp in linux), but they time out in GUIs (internet explorer on my winxp, and also the gui on my friend's apple). Has anyone heard of this problem?
 
Old 01-24-2006, 12:49 PM   #10
xhi
Senior Member
 
Registered: Mar 2005
Location: USA::Pennsylvania
Distribution: Slackware
Posts: 1,065

Rep: Reputation: 45
sounds like an issue with the mode..

im pretty sure IE can only do one or the other and not both.. i think it normally is set to use passive.. if you do not have your server setup to accept passive connections.. then you will time out in IE.. there is a way to change IE im sure.. but you would be better off to use passive on the server..
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
ProFTPd, Redhat 8.0 and passive mode Slasher Linux - Networking 10 05-09-2008 04:08 PM
How can I change display mode from character mode to graph mode wuzhong Linux - Hardware 1 08-08-2004 09:36 AM
proftpd, passive mode, and a router.... apberzerk Linux - Networking 2 07-11-2004 07:05 PM
PASV mode connection error in proftpd Kerr Linux - Software 2 07-05-2004 04:27 AM
Apache in inetd mode swmok Linux - Networking 0 08-15-2003 04:54 AM


All times are GMT -5. The time now is 11:28 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration