Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here. |
| Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
 |
GNU/Linux Basic Guide
This 255-page guide will provide you with the keys to understand the philosophy of free software, teach you how to use and handle it, and give you the tools required to move easily in the world of GNU/Linux. Many users and administrators will be taking their first steps with this GNU/Linux Basic guide and it will show you how to approach and solve the problems you encounter.
Click Here to receive this Complete Guide absolutely free. |
|
 |
07-19-2004, 10:00 PM
|
#1
|
|
Member
Registered: May 2004
Location: Malaysia
Distribution: Fedora Core 15, Open Suse 11.4, Ubuntu 11.04, Knoppix 5.1.1, Debian 6.0
Posts: 42
Rep: 
|
FTP Connection error
G'day. I tried to connect to my Web Server(remote) using ftp but received the following error messages:
LOCAL -> Connecting to (sinaran.net*****.com).
LOCAL -> Connected to (sinaran.net*****.com) -> IP: 204.92.xxx.xxx PORT: 21.
LOCAL -> Socket connected waiting for login sequence.
REMOTE -> Ftp server ready.
COMMAND -> USER xxxxxxx
REMOTE -> User xxxxxxx okay, need password.
COMMAND -> PASS **********
REMOTE -> You are user #17 of 350 simultaneous users allowed.
REMOTE ->
REMOTE -> Restricted user logged in.
COMMAND -> SYST
REMOTE -> UNIX Type: L8
COMMAND -> REST 100
REMOTE -> Will attempt to restart at position 100.
COMMAND -> REST 0
REMOTE -> Will attempt to restart at position 0.
COMMAND -> PWD
REMOTE -> "/" is cwd.
COMMAND -> TYPE A
REMOTE -> Type okay.
COMMAND -> PORT 192,168,xxx,xxx,4,176
REMOTE -> PORT command successful.
LOCAL -> Opening data connection IP: 192.168.xxx.xxx PORT: 1200.
COMMAND -> LIST -a
ERROR -> Cannot connect to 218.208.xxx.xxx:50243 - Connection refused.
ERROR -> Connection closed.
Where 218.208.xxx.xxx is my PPPoE IP Address. My Internet gateway server is RedHat 9 while the client is Win98 PC. If I connect directly from the server(RedHat), there is no problem.
Thank you in advance for your help.
Regards,
Sim.
|
|
|
|
|
07-19-2004, 11:40 PM
|
#2
|
|
Senior Member
Registered: Mar 2003
Location: Beautiful BC
Distribution: RedHat & clones, Slackware, SuSE, OpenBSD
Posts: 1,791
Rep:
|
could be your firewall is not allowing passive ftp. Upper ports need to be open to allow passive-ftp-data.
|
|
|
|
|
07-20-2004, 12:49 AM
|
#3
|
|
Member
Registered: May 2004
Location: Malaysia
Distribution: Fedora Core 15, Open Suse 11.4, Ubuntu 11.04, Knoppix 5.1.1, Debian 6.0
Posts: 42
Original Poster
Rep:
|
Thank you for your advice, Ppuru. How do I set the iptables to allow passive ftp in my case?
How do I open up upper ports to allow passive-ftp-data?
Thank you once again.
|
|
|
|
|
07-20-2004, 01:47 AM
|
#4
|
|
Senior Member
Registered: Mar 2003
Location: Beautiful BC
Distribution: RedHat & clones, Slackware, SuSE, OpenBSD
Posts: 1,791
Rep:
|
Actually there is no such thing as passive-ftp-data. Non-passive ftp connections use 2 ports to connect.
ftp - port 21 to connect and authenticate and ftp-data - port 20 to upload/download data.
Passive ftp too uses 2 channels - ftp - port 21 to negotiate the connection and upper ports 1024 or above for exchanging data.
If you have MASQERADING already in place, you may must need to load the ip_conntrack _ftp module using either modprobe or insmod on the RH9 gateway.
Last edited by ppuru; 07-20-2004 at 01:50 AM.
|
|
|
|
|
07-20-2004, 10:23 PM
|
#5
|
|
Member
Registered: May 2004
Location: Malaysia
Distribution: Fedora Core 15, Open Suse 11.4, Ubuntu 11.04, Knoppix 5.1.1, Debian 6.0
Posts: 42
Original Poster
Rep:
|
G'day. What I noticed was that when I used my Gateway Server (RedHat 9) to ftp, it connected at port 219.95.xxx.xxx:30xxx when I issued ls command & the connection was OK. Whereas, ftp with my Win98 client, it connected at port 219.95.xxx.xxx:50xxx & when I issued ls command, it said connection refused. Any idea?
Thanks.
Regards,
Sim.
|
|
|
|
|
07-20-2004, 11:02 PM
|
#6
|
|
Senior Member
Registered: Mar 2003
Location: Beautiful BC
Distribution: RedHat & clones, Slackware, SuSE, OpenBSD
Posts: 1,791
Rep:
|
Win98 ftp client does not support PASV ftp mode. I am not sure whether IE on Win98 supports Passive FTP ... you may need to set it in the Advanced Options.
|
|
|
|
|
07-20-2004, 11:56 PM
|
#7
|
|
Member
Registered: May 2004
Location: Malaysia
Distribution: Fedora Core 15, Open Suse 11.4, Ubuntu 11.04, Knoppix 5.1.1, Debian 6.0
Posts: 42
Original Poster
Rep:
|
Thank you for your help, ppuru. You're right, it's the passive ftp support problem. I can now use IE to browse my ftp site.
Regards,
Sim.
|
|
|
|
| Thread Tools |
Search this Thread |
|
|
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
All times are GMT -5. The time now is 11:27 PM.
|
|
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
|
 Latest Threads
LQ News
|
|
