VSFTPD Error 550 I can upload, but Cannot download, any ideas?
Ok so this is my config, is something wrong with it?
I have created the anonymous folder and gave it the proper permissions, yet I can only upload and create files, if I try to download I get Error Code 550 cannot change directory. I would also like to point out the local accounts are fully functional, and my problem is with anonymous downloaders only. ftp://spoofzor.serveirc.com/anonymous/ |
Ok FAIL, I can now down files of zero file size. Which the files are NOT zero file size, thisi is driving me nuts!
Where is the fail in this conf??? I want local users confined to theri own private directories and have anonymous ftp enabled as well, but so far this is turning into a fiesta of failure. # Standalone mode listen=YES max_clients=200 max_per_ip=4 # Access rights chroot_local_user=YES anonymous_enable=YES local_enable=YES write_enable=YES anon_upload_enable=YES anon_mkdir_write_enable=YES anon_other_write_enable=NO # Security anon_world_readable_only=YES connect_from_port_20=YES hide_ids=YES pasv_min_port=50000 pasv_max_port=60000 # Features xferlog_enable=YES ls_recurse_enable=NO ascii_download_enable=YES async_abor_enable=YES # Performance one_process_model=YES idle_session_timeout=120 data_connection_timeout=300 accept_timeout=60 connect_timeout=60 anon_max_rate=500000 Oh it gets even better, after I rebooted with this conf, the FTP server is now completely dead. |
Are you running a firewall? Is the PASV mode port range (ports 50000-60000) allowed through it? I've found that a lot of problems like the ones you described are caused by problems with passive mode.
|
so this conf has ports set to 5000-6000???
Yeah Im natted behind a Mikrotik firewall but port 21 is allowed. And fully natted. Plus the testing im doing is being done at a local level so the firewall is not an issue. Should I disabled this passiv mode and how so? FAILURE #1 PORTS 5000-6000 Waiting to retry... Status: Connecting to 10.10.10.2:6000... Status: Connection attempt failed with "ECONNREFUSED - Connection refused by server". Error: Could not connect to server ------------------------------------------------------------------------------------- FAILURE #2 PORT 21 Status: Connecting to 10.10.10.2:21... Status: Connection established, waiting for welcome message... Response: 500 OOPS: vsftpd: security: 'one_process_model' is anonymous only Error: Critical error Error: Could not connect to server Ok the above errors I fixed by Setting one_process_model=NO And I complety removed these two lines as I have no intention on using those absurd ports pasv_min_port=50000 pasv_max_port=60000 Now heres the problem, I can connect, and I can see the files, but I cannt download Command: PASS ************** Response: 230 Login successful. Command: OPTS UTF8 ON Response: 200 Always in UTF8 mode. Status: Connected Status: Starting download of /anonymous/Perl/Exploit.Perl.BadBlue.zip Command: CWD /anonymous/Perl Response: 250 Directory successfully changed. Command: TYPE I Response: 200 Switching to Binary mode. Command: PASV Response: 227 Entering Passive Mode (10,10,10,2,91,34) Command: RETR Exploit.Perl.BadBlue.zip Response: 550 Failed to open file. Error: Critical error Someone plz help or ill be at this for days on end furthering my downward spiral into anti-socialism |
It's 50000-60000, not 5000-6000. It's likely that you have to use passive FTP or else nothing will work, at least not unless the client has no firewall or NAT router in between it and the server. You need to understand how FTP actually works, there are two ports used, one for control/commands and the other for data. I wrote up an explanation awhile back in this thread (post #5 IIRC). Basically if your server is behind a NAT firewall, you need to make sure that the passive mode ports are also forwarded through the router to the server. You might want to use a smaller range than 10K ports. Unless you have many, many clients, a few hundred should be sufficient.
|
what should I do differently?
I have a similar problem.
This is the result I get: Code:
Name (my.i.p.addr:me): anonymous |
Ah. This resolved my issue:
Quote:
http://www.linuxquestions.org/questi...or-4175469673/ |
All times are GMT -5. The time now is 04:16 PM. |