Linux - SoftwareThis forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I am trying to set up an FTP server on my Debian system, but it appears I port 21 is blocked. I do have an ftp server installed (proftpd).
This is what it says when I try and log in through ftp locally:
Connected to localhost.localdomain.
421 Service not available, remote server has closed connection
If I change the port to something other than 21, it allows me to connect in. So what could be causing this to be blocked? This is a fresh installation by the way.
Which I assume means there is no firewall. And tcpdump shows that there is at least some traffic going on... not really sure what it means though. But at least its not completely blocked. Anything else to try
And tcpdump shows that there is at least some traffic going on... not really sure what it means though. But at least its not completely blocked. Anything else to try
Yes, posting the result of tcpdump
When you do this, change your IPs if they are public and they appear (probably localhost will show so no problem).
Code:
tcpdump -i lo
I see connected and then connection closed (421). Do these 2 events happen with a delay between them? like more than 3 seconds or is it instantaneous?
Yes that would be an idea. I wanted to tell the OP to try with netcat.
Because actually the message "connected" doesn't mean anything if I remember well?!
(The 1649 ports scanned but not shown below are in state: closed)
PORT STATE SERVICE
20/tcp open ftp-data
21/tcp open ftp
22/tcp open ssh
25/tcp open smtp
80/tcp open http
111/tcp open rpcbind
113/tcp open auth
139/tcp open netbios-ssn
445/tcp open microsoft-ds
548/tcp open afpovertcp
631/tcp open ipp
934/tcp open unknown
3306/tcp open mysql
5432/tcp open postgres
11:57:41.513373 IP localhost.localdomain.ftp > localhost.localdomain.38213: F 1:1(0) ack 1 win 32767 <nop,nop,timestamp 15837738 15837237>
The connection is made,
No ident is asked by the server (optionnal)
No rDNS request is done (optionnal)
No Welcome message is sent (not good)
The connection is closed after 5s, probably the time out of ftpserver.
Could you try with another ftp server?
You say that it works on another port right?
Hum.. still no more clue Out of idea here but interested.
edit:
Could be an iptables conntrack helper module, that's the only that I can see that uses specifically the port 21.
check if ip_conntrack_ftp is or not in lsmod on the server.
Yeah I've tried 3 different ftp servers. All the same results. The strange thing is, I was using an older server originally but it had the same setup exactly, and there were no problems.
ip_conntrack_ftp is not in lsmod
And yes it does work on other ports. How strange eh?
Its working now! A co-worker of mine who is much more versed in Linux than I am tried his hand at it (its a slow day here. lol)
This is what it looks like happened:
I had originally set proftpd to start with inetd. For whatever reason it doesn't seem to work that way, so I set it up as a standalone program. But I guess in my lack of linux knowledge, I didn't take it out of inetd so it was trying to start it both ways. We figured it out from checking the syslog file. It was saying:
Code:
Feb 22 14:12:24 localhost proftpd[1342]: connect from 192.168.0.75 (192.168.0.75)
Feb 22 14:12:25 localhost proftpd[1343]: localhost.localdomain - Failed binding to 0.0.0.0, port 21: Address already in use
Feb 22 14:12:25 localhost proftpd[1343]: localhost.localdomain - Check the ServerType directive to ensure you are configured correctly.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.