Active FTP problem with vsftpd
Hi,
I want to run an Active FTP server with vsftpd service on SuSE 10 Enterprise Server ... my vsftpd.conf file : ===================================== anonymous_enable=NO chroot_local_user=YES listen=YES local_enable=YES pam_service_name=vsftpd pasv_enable=NO pasv_promiscuous=YES session_support=NO use_localtime=YES xferlog_enable=YES async_abor_enable=YES connect_from_port_20=YES download_enable=NO local_umask=0027 ===================================== With this configuration I can ftp with shell but can't ftp using firefox and give me an error : "550 permission denied" . Also when I ftp with shell , I run a command on server : "netstat -na | grep -i :20" and my port 20 is not open for this Active FTP !!! I have no use any firewall : iptables or rcSuSEfirewall2 and my network not closed for ports 20 , 21 . Where is my mistake ?! |
Hi,
When you run the active or passive ftp server, first it only listens on port 21(command port). In Active Mode : If any requests comes for port 21, then Server creates aconnection from port 20(server side) to port (client request port +1) client side so port 20 is open during the data transfer only. it will not open always. In Passive mode : If any requests comes for port 21, then Server send the client on which port client should connect to server for data transfer; so client initiates connection from (client request port +1) to server's mentioned port |
Dear Selva146
I wrote for you , when I try to access ftp from firefox I have an error : "550 permission denied ", It's before data transfering ! |
Hi
FTP error codes 550 - No such file or directory 550 - Permission Denied. So i think you trying to access a directory which you do not have permission to access. ensure that you have permission |
just open all the socket and yo will be free to use anything in your server, hahahaha
|
Hello,
I think I had the same problem. Try (depending on your distro though): In your firewall settings in /etc/sysconfig/iptables-config edit: IPTABLES_MODULES"ip_nat_ftp" and restart iptables and vsftpd And if you use IE7 as a broswer, also edit the conf-file with: chroot_list=YES Or else you will see the ROOT! directory. |
Thank for your comments
Dear Selva146 when I try ftp with firefox in passive-mode , I don't have any error and have access to files easily ! I have " 550 - Permission denied " error only in active-mode ftp ... so I think permision is OK , NO ?! Dear BPS I don't know How do I do this ...! Please guide me ... and tell me what does happen for my security after this ? I think your answer is near to problem Dear Gerben12 I don't use iptables ... but I'm trying chroot_list ! You think my problem is solved with chroot_list ?! |
Hi,
No your pprlem wont beesolved bby the chroot list, but that a bug in IE7 I saw. There is an option in vsftp on which you can enable passive ftp: put this line in you vsftpd.ccnf pasv_enable = YES (or NO, depending on your current config) and restart vsftpd That hould solve a passive ftp-probem. |
Dear Gerben12
I don't want to use passive mode for security reasons ... I just running Active-mode FTP |
All times are GMT -5. The time now is 05:17 AM. |