ProFTPd - can connect locally but...Could it be that Verizon DSL does not allow port
I think everything is AOK! Could it be that Verizon DSL does not allow port forwarding??? I know this sounds strange but....
OK I have made some progress but still don't have 100% success. Here's what I have so far: I have a dynamically assigned IP address from Verizon DSL. I have proftpd up and running and I can ftp localhost. I can also ftp 192.168.0.x from a PC on my local network. However if I were outside my local network and wanted to connect to the IP address assigned from Verizon...I would not be able to do it. My setup: Netgear Router/Nat portforwarding FTP port 21 to 192.168.0.x firewall opened ports 20 and 21 /etc/hosts.allow has ftpd: 19.2 192.168.0.x 151.xx.xx.xxx (I tried this hoping that it would allow incoming ftp connection from a specific address) and my /etc/proftpd.conf file is the basic one: ServerName "ProFTPD Default Installation" ServerType standalone DefaultServer on # Port 21 is the standard FTP port. Port 21 # Umask 022 is a good standard umask to prevent new dirs and files # from being group and world writable. Umask 022 # To prevent DoS attacks, set the maximum number of child processes # to 30. If you need to allow more than 30 concurrent connections # at once, simply increase this value. Note that this ONLY works # in standalone mode, in inetd mode you should use an inetd server # that allows you to limit maximum number of processes per service # (such as xinetd). MaxInstances 30 # Set the user and group under which the server will run. User nobody Group nogroup # To cause every FTP user to be "jailed" (chrooted) into their home # directory, uncomment this line. #DefaultRoot ~ # Normally, we want files to be overwriteable. <Directory /> AllowOverwrite on </Directory> # A basic anonymous configuration, no upload directories. If you do not # want anonymous users, simply delete this entire <Anonymous> section. <Anonymous ~ftp> User ftp Group ftp RequireValidShell no # We want clients to be able to login with "anonymous" as well as "ftp" UserAlias anonymous ftp # Limit the maximum number of anonymous logins MaxClients 10 # We want 'welcome.msg' displayed at login, and '.message' displayed # in each newly chdired directory. DisplayLogin welcome.msg DisplayFirstChdir .message # Limit WRITE everywhere in the anonymous chroot <Limit WRITE> DenyAll </Limit> </Anonymous> |
Have you tried a portscan
Hi there,
Have you tried doing a portscan from outside your internal network ? If you have nmap installed on the remote host you are trying to connnect from you can simply type: nmap -sT your.public.ip.address This should portscan your ip address and see what ports you can connect to on your ftp server. If you can't see port 21 then there might be a problem with your firewall setup. Hope this was a help to you! Martin |
Verizon Online does not allow one to run a server... Details are at the verizon website, I tried the same my self...:(
|
I'm curious, how does verison stop you?
|
They black hole port 80 incoming connections. There may be a way to get around this by using a different port (ie. 8080).
|
Verizon does not stop your FTP connection. I was wrong! The problem I had was that the Netgear MR814 router that I use does not allow more than 1 connection on the forwarded port. Since I was trying to connect from inside my network...it was preventing me. However when I went outside my local network (someone elses house - it worked). If this does not make sense let me know or go to http://kbserver.netgear.com/kb_web_f...sp#RP614Anchor
So, to summarize what I did: for anonymous connection no uploading! use proftpd-1.2.8-1386-2 modify files /etc/ftpusers (get rid of ftp) /etc/proftpd.conf (use the basic conf) remember to port forward on router ports 20 & 21 remember to open ports 20 & 21 on firewall USE gFTP for an ftp client IF LOCAL on client side: log into 192.168.x.x and do not allow passive IF WWW (make sure you are outside of your local network) on client side: log into ipaddressverizongives.x.x.x and do not allow passive/try passive |
All times are GMT -5. The time now is 07:24 AM. |