Linux - SoftwareThis forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
I am running RH Fedora Core 3. I installed FTP from the install CDs. I have port 21 forwarding on my router and the linux firewall has ftp open. The vsftpd.conf file shows anonymous_enable=YES and local_enable=YES.
Here's the weird part...
From a command prompt, I can type "ftp localhost" and connect using my username and pwd.
From my windows machine, I can connect using ws_ftp and the internal 192.168... NAT address using my username and pwd.
When I try to connect using my server address (i.e. myserver.myhost.org), I can't connect. Most of the time, ws_ftp spins its wheels and will give me the connect sound (train whistle) after about three minutes but it obviously isn't connected since it doesn't show any files or folders. I was noodling with the conf file and set anonymous_enable=NO and ws_ftp gave me an "unable to connect" error rather quickly. I have also tried setting connect_from_port_20=NO (it's currently set to YES) and restarting the service but that didn't help.
I have reset the config file to its defaults. I'm relatively new to linux and don't want to break anything.
What am I missing? vsftpd is obviously running but it will only listen to internal requests.
vsftpd doesn't know the difference from internal or external requests from your setup. If you're sure port 21 is forwarding to your server from your router, you now need to make sure your ISP doesn't block port 21, etc. What kind of router is this?
On several distributions, the default for xinetd is to have "only_from = localhost" set in xinetd.conf. If you have vsftpd launched from xinetd - as opposed to running as a daemon - you should have a look at this file and the vsftpd xinetd.d entry to make sure they allow external access.
It's a linksys befsr41 cable/dsl router. I can check on port blocking, that makes sense. I'll look and see how to specify listening on another port and maybe try that, too (unless you can give me a hint).
I didn't find a vsftpd entry in xinetd.d. Is there anything wrong with running it as a daemon?
Originally posted by bubby I didn't find a vsftpd entry in xinetd.d. Is there anything wrong with running it as a daemon?
There is absolutely nothing wrong running it in standalone mode.
But yes, try to set it up so it possibly listens on port say.. 2121, if that works after forwarding that port to your server, it could very well be that your ISP blocks port 21 to prevent people from running FTP servers, etc.
might be funny but
- do you have a firewall?
- is the firewall accepting incoming connections on ftp port number?
- like trickykid said could be your isp too you can try different ports. If you don't run a web server try to run ftp server on port 80.
No firewall. The Fedora firewall is set to allow FTP.
I went to Shields Up!! (https://grc.com/x/ne.dll?bh0bkyd2) and probed port 21. At first, it came back as open. I read some information about port 20 & 21 related ot FTP and decided to probe ports 20-22. 20 came back open but 21 came back as "stealth." According to the description, "Not a single packet — solicited or otherwise — was received from your system as a result of our security probing tests. Your system ignored and refused to reply to repeated Pings (ICMP Echo Requests). "
Does this mean it's being blocked? Or does it mean my system is not configured properly?
Incidentally, SSH and port 22 work fine.
I also tried running it on port 2121 but that even failed with the internal NAT address.
Here's the connection log from ws_ftp if it's helpful (IPs and names hidden)
Finding Host unclebubby.dnsalias.org ...
Connecting to xxx.xxx.xxx.xxx:21
Connected to xxx.xxx.xxx.xxx:21 in 0.000000 seconds, Waiting for Server Response
220 (vsFTPd 2.0.1)
Host type (1): Automatic Detect
331 Please specify the password.
230 Login successful.
215 UNIX Type: L8
Host type (2): Unix (Standard)
250 Directory successfully changed.
200 Switching to ASCII mode.
227 Entering Passive Mode (192,168,1,99,190,15)
connecting data channel to 192.168.1.99:190,15(48655)
Substituting connection address xxx.xxx.xxx.xxx for private address 192.168.1.99 from PASV
200 PORT command successful. Consider using PASV.
425 Failed to establish connection.
Could it be that I'm connecting from the same IP and it doesn't like that I'm routing outside to come back in? I'll try connecting from a remote computer and see how it goes.