LinuxQuestions.org
View the Most Wanted LQ Wiki articles.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices

Reply
 
Search this Thread
Old 04-11-2013, 09:47 PM   #1
dougan
LQ Newbie
 
Registered: Apr 2013
Posts: 3

Rep: Reputation: Disabled
vsftpd behind router


I am trying to set up an FTP server on my home network. I am having trouble connecting from the WAN.

I am running vsftpd on Raspbian on a raspberry pi. I have an Asus router with DD-WRT installed.

I have made the following adjustments to my /etc/vsftpd.conf file:
anonymous_enable=NO
local_enable=YES
write_enable=YES
listen_port=2121
pasv_min_port=1024
pasv_max_port=1030
pasv_address=[my dyndns address]
pasv_addr_resolve=YES

The listen_port=2121 is because Charter blocks port 21.

I have my router (DD-WRT)set up to forward ports 2121, 20, and the range of 1024 to 1030 to my raspberry pi's LAN IP.

However, I am having trouble connecting from outside my network. When I run the command-line windows ftp from my computer at my work, I am able to log in. Once I am logged in, I have an exchange like this:

230 Login successful.
ftp> pwd
257 "/home/dougan"
ftp> ls
550 Permission denied.
425 Use PORT or PASV first.
ftp> literal pasv
227 Entering Passive Mode (68,187,99,74,4,2).
ftp> pwd
257 "/home/dougan"
ftp> ls

It just hangs for awhile before I get:

425 Failed to establish connection.

It keeps behaving like I'm having port forwarding problems, but I have everything set up in DD-WRT so it can't be that. Does anybody have any ideas?
 
Old 04-12-2013, 01:08 AM   #2
chrism01
Guru
 
Registered: Aug 2004
Location: Sydney
Distribution: Centos 6.5, Centos 5.10
Posts: 16,261

Rep: Reputation: 2028Reputation: 2028Reputation: 2028Reputation: 2028Reputation: 2028Reputation: 2028Reputation: 2028Reputation: 2028Reputation: 2028Reputation: 2028Reputation: 2028
You may need to add some modules for cxn tracking for ftp:

http://wiki.openwrt.org/doc/howto/netfilter
http://www.linuxhomenetworking.com/w...Using_iptables
http://www.cyberciti.biz/tips/how-do...g-feature.html

Alternately, if this is for a limited group of known clients, sftp would be simpler and also encrypted.
 
Old 04-12-2013, 03:38 PM   #3
jefro
Guru
 
Registered: Mar 2008
Posts: 11,340

Rep: Reputation: 1386Reputation: 1386Reputation: 1386Reputation: 1386Reputation: 1386Reputation: 1386Reputation: 1386Reputation: 1386Reputation: 1386Reputation: 1386
If you test within the lan does it work?
 
Old 04-14-2013, 01:12 PM   #4
dougan
LQ Newbie
 
Registered: Apr 2013
Posts: 3

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by jefro View Post
If you test within the lan does it work?

Yes, it works just fine within the LAN.
 
Old 04-14-2013, 01:37 PM   #5
dougan
LQ Newbie
 
Registered: Apr 2013
Posts: 3

Original Poster
Rep: Reputation: Disabled
Forgive me, because I am not fully familiar with how iptables works. But the fact that this works fine on my LAN makes me think I can rule out need to update iptables on the FTP server. I guess I could see why it would need to be done on the router, though.

I've found a lot of documentation, including jefro's, and they all seem to differ. I tried this on my router:

iptables -A INPUT -p tcp -s 0/0 --sport 1024:1030 -d [WAN dyndns address] --dport 22 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -p tcp -s [WAN dyndns address] --sport 22 -d 0/0 --dport 1024:1030 -m state --state ESTABLISHED -j ACCEPT

This did not do it for me. Can anybody help me understand what I should be doing here?

Thanks!
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
vsftpd behind router not working in some cases setdosa Linux - Networking 9 05-09-2008 09:22 AM
vsftpd hiding behind router claudermilk Linux - Networking 5 04-09-2004 12:50 PM
VSFTPD and DSL router probs nuzzy Linux - Networking 0 02-11-2004 10:37 AM
vsftpd, router and external access; Oh my! Imyrryr Linux - Networking 14 09-07-2003 09:22 AM
vsftpd behind router doing nat - enabling passive alansk Linux - Software 0 07-16-2003 06:13 AM


All times are GMT -5. The time now is 08:34 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration