LinuxQuestions.org
Register a domain and help support LQ
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
User Name
Password
Slackware This Forum is for the discussion of Slackware Linux.

Notices



Reply
 
Search this Thread
Old 11-10-2013, 06:10 PM   #1
markomarko
Member
 
Registered: Nov 2006
Location: Belgrade, Serbia
Distribution: Slackware
Posts: 67

Rep: Reputation: 19
ftp - vsftpd connection problem


Hi everybody.
I have slackware 14 and I'm trying to enable FTP server (vsftpd). It seems that it's working, but noone is able to connect.

What I have done:
1) uncommented in /etc/inetd.conf -> ftp stream tcp nowait root /usr/sbin/tcpd vsftpd

2) edited /etc/vsftpd.conf:
anonymous_enable=NO
local_enable=YES
write_enable=YES
local_umask=000
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
xferlog_file=/var/log/vsftpd.log
xferlog_std_format=YES
nopriv_user=mata
ftpd_banner=Maretov FTP server.
userlist_file=/etc/vsftpd.user_list
userlist_enable=YES
userlist_deny=NO
chroot_local_user=YES
chroot_list_enable=NO
ls_recurse_enable=YES
listen=NO
allow_writeable_chroot=YES

3) restarted rc.inetd
/etc/rc.d/rc.inetd restart

When I try to connect from MY computer to MY IP (not 127.0.0.1 but my IP which I saw at whatismyip.com) through Firefox everything is ok and working, I can log in, browse, etc.
But when I give my IP to my friends they can't do it, they can't connect to my computer.

I hope that I explained well.

What I have to do?

Than you, best regards.
 
Old 11-11-2013, 12:46 AM   #2
Z038
Member
 
Registered: Jan 2006
Distribution: Slackware
Posts: 805

Rep: Reputation: 158Reputation: 158
You have anonymous logins disabled, so that means your friends must login as local users. Did you set up login accounts for your friends on your system and create their home directories?

Did you open up your firewall to forward incoming connections on port 21 to the system on your lan that runs your server?

If the answer to both of those questions is yes, then what messages do they see when they attempt to login? Do you see any vsftpd messages in /var/log/messsages, /var/log/syslog, or /var/log/secure?

Last edited by Z038; 11-11-2013 at 12:51 AM.
 
Old 11-11-2013, 06:37 AM   #3
dr.s
Member
 
Registered: Feb 2010
Distribution: Slackware64
Posts: 135

Rep: Reputation: 20
Quote:
Originally Posted by Z038 View Post
You have anonymous logins disabled, so that means your friends must login as local users. Did you set up login accounts for your friends on your system and create their home directories?
In addition to above, these users have to be added to the user list file (vsftpd.user_list).
 
Old 11-11-2013, 10:16 AM   #4
markomarko
Member
 
Registered: Nov 2006
Location: Belgrade, Serbia
Distribution: Slackware
Posts: 67

Original Poster
Rep: Reputation: 19
Thanx for quick response.

I made one user that would use ftp - user is "mata" and he has his own home dir - "drwxrwx--- 3 mata users 4096 Nov 10 23:43 mata"


"Did you open up your firewall to forward incoming connections on port 21 to the system on your lan that runs your server?"

I don't know:-) I have some kind of firewall it's in the attachment.


"If the answer to both of those questions is yes, then what messages do they see when they attempt to login? Do you see any vsftpd messages in /var/log/messsages, /var/log/syslog, or /var/log/secure?"

They can't even login. I gave them my ip ftp://109.121.***.*** and they couldn't open it through web browser, there was no username/password dialog.

This is "cat |grep ftp" from:
/var/log/messages

Nov 10 23:19:09 titan kernel: [ 3627.171118] type=1326 audit(1384121949.389:2): auid=4294967295 uid=1002 gid=100 ses=4294967295 pid=2306 comm="vsftpd" sig=31 syscall=37 compat=0 ip=0x7f7606223577 code=0x0
Nov 10 23:24:26 titan kernel: [ 3943.862997] type=1326 audit(1384122266.013:3): auid=4294967295 uid=1002 gid=100 ses=4294967295 pid=2328 comm="vsftpd" sig=31 syscall=37 compat=0 ip=0x7fab19dfe577 code=0x0
Nov 10 23:38:44 titan kernel: [ 4802.704005] type=1326 audit(1384123124.670:4): auid=4294967295 uid=1002 gid=100 ses=4294967295 pid=2538 comm="vsftpd" sig=31 syscall=37 compat=0 ip=0x7ff67d3a6577 code=0x0


/var/log/syslog

nothing


/var/log/secure

Nov 10 23:14:02 titan vsftpd[2166]: connect from 127.0.0.1 (127.0.0.1)
Nov 10 23:15:15 titan vsftpd[2169]: connect from 127.0.0.1 (127.0.0.1)
Nov 10 23:16:05 titan vsftpd[2175]: connect from 127.0.0.1 (127.0.0.1)
Nov 10 23:16:25 titan vsftpd[2177]: connect from 127.0.0.1 (127.0.0.1)
Nov 10 23:17:16 titan vsftpd[2180]: connect from 127.0.0.1 (127.0.0.1)
Nov 10 23:19:05 titan vsftpd[2306]: connect from 127.0.0.1 (127.0.0.1)
Nov 10 23:23:28 titan vsftpd[2328]: connect from 127.0.0.1 (127.0.0.1)
Nov 10 23:38:03 titan vsftpd[2538]: connect from 127.0.0.1 (127.0.0.1)
Nov 10 23:54:28 titan vsftpd[2746]: connect from 127.0.0.1 (127.0.0.1)


p.s. I already added "mata" user in vsftpd.user_list
Attached Files
File Type: txt rc.firewall.txt (22.7 KB, 1 views)
 
Old 11-11-2013, 12:20 PM   #5
Z038
Member
 
Registered: Jan 2006
Distribution: Slackware
Posts: 805

Rep: Reputation: 158Reputation: 158
The nopriv_user should not be mata, if that is the name of the user you want to be able to connect as a local user. nopriv_user should be set to a non-privileged account that your vsftpd server can use when it needs to run non-privileged. Look in /etc/passwd and see if you have a user called ftp, and use that if so. It should already be defined in Slackware. Mine looks like this:

Code:
ftp:x:14:50::/home/ftp:/bin/false

I didn't go through your firewall source in depth, but it looks like it is set to accept incoming FTP connections:

Code:
# FTP Server (Control)
$IPT -A tcp_inbound -p TCP -s 0/0 --destination-port 21 -j ACCEPT

# FTP Client (Data Port for non-PASV transfers)
$IPT -A tcp_inbound -p TCP -s 0/0 --source-port 20 -j ACCEPT

# Passive FTP
$IPT -A tcp_inbound -p TCP -s 0/0 --destination-port 62000:64000 -j ACCEPT
If you are using a router device to connect to your ISP, you need to make sure that ports 20 and 21 are also opened there, and that they forward to the system on your lan that runs the server.

You'll also want to open up a passive port range and specify the same range in your vsftpd.conf, but let's just do one step at a time.

Make sure you have a directory called /usr/share/empty on your system. It should have 755 permissions (no write access by other).

Last edited by Z038; 11-11-2013 at 12:33 PM.
 
Old 11-12-2013, 02:46 PM   #6
markomarko
Member
 
Registered: Nov 2006
Location: Belgrade, Serbia
Distribution: Slackware
Posts: 67

Original Poster
Rep: Reputation: 19
I also have ftp:x:14:50::/home/ftp:/bin/false in /et/passwd so now I changed nopriv_user=mata to nopriv_user=ftp

You are right, I'm using router to connect to my ISP (It's TP-Link Wireless N ADSL2+ Modem Router), but I don't know how to open ports 20 and 21.

I went to 192.168.1.1 and entered admin/admin and there I can setup a lot of things (it looks like this - http://www.eunet.rs/cms/view.php?id=7441), but I can't find anything that would be able to open ports 20 and 21.

Where should I look to find that out?

I have /usr/share/empty - drwxr-xr-x 2 root root 4096 Sep 18 2012 empty/
 
Old 11-12-2013, 03:16 PM   #7
Z038
Member
 
Registered: Jan 2006
Distribution: Slackware
Posts: 805

Rep: Reputation: 158Reputation: 158
Go to portforward.com for instructions on how to forward ports. There are hundreds of routers listed in their router list, and specific instructions for each one. Here is the page for TP-Link routers.

http://portforward.com/english/route...nk/default.htm

You'll need to know the model number of your router. It's probably on a label on the back or bottom of the router.
 
Old 11-13-2013, 03:58 PM   #8
markomarko
Member
 
Registered: Nov 2006
Location: Belgrade, Serbia
Distribution: Slackware
Posts: 67

Original Poster
Rep: Reputation: 19
I tried to open my 20 and 21 ports following this quide http://portforward.com/english/route...D-8616/FTP.htm.
In local ip I entered 192.168.1.10 because it doesn't allows me to leave 0.0.0.0
And it's still no working.
I have tested it, and this site http://www.yougetsignal.com/tools/open-ports/ tells me that my ports 20 and 21 are not opened.
 
Old 11-13-2013, 05:15 PM   #9
Z038
Member
 
Registered: Jan 2006
Distribution: Slackware
Posts: 805

Rep: Reputation: 158Reputation: 158
If 192.168.1.10 is the static IP address of the system on your LAN that hosts your vsftpd server, then what you did sounds right. Make sure you clicked Save after filling in the start and end port range and the IP address. If you did that, you should be able to see it on the Virtual Server Listing page. If it shows up there but the ports are still closed, then you may need to reboot your router.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Active FTP problem with vsftpd snowx Linux - Server 8 10-27-2007 09:18 AM
Very Slow FTP Connection to VSFTPD on Fedora Core 6 silent_j Linux - Server 4 05-26-2007 09:55 AM
ftp connection refused (vsftpd on RedHat 9.0) rajibshovan Linux - Networking 7 01-06-2007 10:21 AM
vsftpd ftp problem kehkok Linux - Networking 1 09-19-2006 10:20 AM
FTP Problem (VSFTPD) williew Linux - Software 0 01-01-2005 11:15 AM


All times are GMT -5. The time now is 06:31 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration