Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
I've set up an FTP server with vsFTPd, and I can connect when on the same machine that the server is running. However, when attempting to connect from another machine on the internet, or even on the same LAN, the connection always fails. Port forwarding on the router is enabled. When attempting to connect over the internet via FileZilla, this is displayed:
Status: Connection attempt failed with "EHOSTUNREACH - No route to host".
Fedora used to have iptables setup by default, I think. Does it still? Add an ACCEPT line to /etc/sysconfig/iptables:
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 21 -j ACCEPT
Well, just copy one that's in there and change the port to 21; what I've got above might not match exactly with whatever is in there.
I'm sure there's plenty of other things that can go wrong, too. Make sure you have the vsftpd conf file setup in a sane way. But the above is what usually caught me when I'd install new services on RedHat-flavor systems.
... Can you ping the host? Are there other servers living on the box (can you visit the box via HTTP?)
Last edited by jhwilliams; 07-18-2009 at 08:34 PM.
Thanks for your help, the server accepts connections from the internet now. However there's an new problem now... I'm not sure if FTP is really your thing, but if you can help with this one that'd be great. The server accepts the connection but then the connection times out then client sends a LIST command. FileZilla Displays:
Response: 227 Entering Passive Mode (192,168,1,5,193,118).
Status: Server sent passive reply with unroutable address. Using server address instead.
Error: Connection timed out
Error: Failed to retrieve directory listing
But when connecting from a LAN or locally, it works just fine...
Hm, I don't think I've got an answer for that -- I haven't really spent much time vsftpd, or even ftp in a while. I think everyone is pretty much using sftp (via ssh(d)) for file transfer these days. Is there some reason you don't want to use ssh?
I do plan to use SSH in the future with FTP, but I just wanted to get a simple server going so I could learn the basics. And I did solve one problem on my own, where the server specifies its address in passive mode, (I needed to input my WAN address into the config file), but it still times out when the list command is sent. This doesn't happen when it's accessed from the LAN, however.
Based on what you've posted, it sounds like the server is behind a nat router and does not know the external (internet facing) address of the router. So when it attempts to establish the data connection, it's sending it own internal address, which is meaningless outside of the local network. It needs to be sending that external address, since that is the address the client and server will use for the data transfer. I haven't used vsFTP, but somewhere in the configuration files it should ask you for that address. Make sure you get it from the router.
Hi Bill, of course you are right, the problem with the second post was due to not having configured the wan address in the config, but Kenji fixed that himself as he describes in the third post. The problem now appears to be that the router is not tracking the ftp connection. The data connection is established on a random port on the server. Giving the wan address won't help here because the wan address belongs to the router and the router does not know how / care to forward the random port opened by the server. In any case, Kenji has stopped responding so probably he has already fixed it or switched to using SFTP which is easier to set up.
I have seen adsl routers that came with the ISP package which simply did not support ftp tracking. If the router supports it, it usually has some sort of higher level 'ftp service' option in the gui. If you find yourself opening port 21 and forwarding it to a natted server, you probably have a router that does not support ftp tracking. In those cases, I had to setup the router in bridged mode and set up a linux server to act as the firewall and to take care of connection tracking.