LinuxQuestions.org
Visit the LQ Articles and Editorials section
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices



Reply
 
Search this Thread
Old 10-24-2007, 06:58 AM   #1
snowx
LQ Newbie
 
Registered: Apr 2007
Posts: 4

Rep: Reputation: 0
Active FTP problem with vsftpd


Hi,
I want to run an Active FTP server with vsftpd service on SuSE 10 Enterprise Server ...

my vsftpd.conf file :
=====================================
anonymous_enable=NO
chroot_local_user=YES
listen=YES
local_enable=YES
pam_service_name=vsftpd
pasv_enable=NO
pasv_promiscuous=YES
session_support=NO
use_localtime=YES
xferlog_enable=YES
async_abor_enable=YES
connect_from_port_20=YES
download_enable=NO
local_umask=0027
=====================================
With this configuration I can ftp with shell but can't ftp using firefox and give me an error : "550 permission denied" .
Also when I ftp with shell , I run a command on server : "netstat -na | grep -i :20" and my port 20 is not open for this Active FTP !!!
I have no use any firewall : iptables or rcSuSEfirewall2 and my network not closed for ports 20 , 21 .

Where is my mistake ?!

Last edited by snowx; 10-24-2007 at 09:04 AM.
 
Old 10-24-2007, 11:04 AM   #2
selva146
Member
 
Registered: Oct 2007
Location: INDIA
Distribution: Rehat, Fedora, RHEL
Posts: 47

Rep: Reputation: 15
Hi,
When you run the active or passive ftp server, first it only listens on port 21(command port).

In Active Mode :

If any requests comes for port 21, then
Server creates aconnection from port 20(server side) to port (client request port +1) client side

so port 20 is open during the data transfer only. it will not open always.


In Passive mode :

If any requests comes for port 21, then
Server send the client on which port client should connect to server for data transfer;
so client initiates connection from (client request port +1) to server's mentioned port
 
Old 10-24-2007, 12:18 PM   #3
snowx
LQ Newbie
 
Registered: Apr 2007
Posts: 4

Original Poster
Rep: Reputation: 0
Dear Selva146
I wrote for you , when I try to access ftp from firefox I have an error : "550 permission denied ", It's before data transfering !
 
Old 10-25-2007, 10:46 AM   #4
selva146
Member
 
Registered: Oct 2007
Location: INDIA
Distribution: Rehat, Fedora, RHEL
Posts: 47

Rep: Reputation: 15
Hi

FTP error codes

550 - No such file or directory
550 - Permission Denied.

So i think you trying to access a directory which you do not have permission to access.

ensure that you have permission
 
Old 10-25-2007, 11:10 AM   #5
BPS
LQ Newbie
 
Registered: Sep 2007
Posts: 5

Rep: Reputation: 0
just open all the socket and yo will be free to use anything in your server, hahahaha
 
Old 10-25-2007, 03:39 PM   #6
gerben12
LQ Newbie
 
Registered: Oct 2007
Distribution: SuSE, Redhat, Debian
Posts: 25

Rep: Reputation: 15
Hello,

I think I had the same problem.

Try (depending on your distro though):

In your firewall settings in
/etc/sysconfig/iptables-config

edit:
IPTABLES_MODULES"ip_nat_ftp"
and restart iptables and vsftpd

And if you use IE7 as a broswer, also edit the conf-file with:
chroot_list=YES
Or else you will see the ROOT! directory.

Last edited by gerben12; 10-25-2007 at 03:41 PM. Reason: typo's
 
Old 10-27-2007, 12:29 AM   #7
snowx
LQ Newbie
 
Registered: Apr 2007
Posts: 4

Original Poster
Rep: Reputation: 0
Thank for your comments

Dear Selva146
when I try ftp with firefox in passive-mode , I don't have any error and have access to files easily !
I have " 550 - Permission denied " error only in active-mode ftp ... so I think permision is OK , NO ?!

Dear BPS
I don't know How do I do this ...!
Please guide me ... and tell me what does happen for my security after this ?
I think your answer is near to problem

Dear Gerben12
I don't use iptables ... but I'm trying chroot_list !
You think my problem is solved with chroot_list ?!
 
Old 10-27-2007, 07:05 AM   #8
gerben12
LQ Newbie
 
Registered: Oct 2007
Distribution: SuSE, Redhat, Debian
Posts: 25

Rep: Reputation: 15
Hi,

No your pprlem wont beesolved bby the chroot list, but that a bug in IE7 I saw.

There is an option in vsftp on which you can enable passive ftp:
put this line in you vsftpd.ccnf

pasv_enable = YES (or NO, depending on your current config)

and restart vsftpd
That hould solve a passive ftp-probem.

Last edited by gerben12; 10-27-2007 at 07:30 AM.
 
Old 10-27-2007, 09:18 AM   #9
snowx
LQ Newbie
 
Registered: Apr 2007
Posts: 4

Original Poster
Rep: Reputation: 0
Dear Gerben12
I don't want to use passive mode for security reasons ...
I just running Active-mode FTP
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
vsftpd non-annoy ftp cannot upload, mkdir problem sleepyhomme Linux - Server 2 04-29-2007 12:39 PM
vsftpd ftp problem kehkok Linux - Networking 1 09-19-2006 10:20 AM
FTP: active and passive mode problem with some windows client tda71 Linux - Networking 2 06-14-2005 09:31 AM
Konqueror FTP passive/active problem & .netrc perl21 Linux - General 0 03-17-2005 05:43 PM
FTP Problem (VSFTPD) williew Linux - Software 0 01-01-2005 11:15 AM


All times are GMT -5. The time now is 10:03 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration