proftpd "dir" command hangs
Hi,
I'm encountering the following peculiarity and have not yet found any other instances in my web travels, and certainly not any that would aid me in resolving the problem. When ftp'ing to the remote server, login is accepted, cwd is accepted, get is accepted, but 'dir' does nothing. Here's what it does: ftp> dir 200 PORT command successful <sits here for 60 seconds or so> Connection closed by remote host. ftp> Oddly enough, when I ftp to localhost -on- the remote server, everything works perfectly. Here's what happens: ftp> dir 227 Entering Passive Mode (127,0,0,1,58,247). 150 Opening ASCII mode data connection for file list <list of files> 226-Transfer complete. 226 Quotas off ftp> Since passive mode never works when attempting to login, I'm reasonably certain that the problem with the directory listing is that proftpd (or the clients?) switches to a passive connection for the directory listing. Something is preventing passive mode from working. My proftpd.conf is as follows: # This is a basic ProFTPD configuration file (rename it to # 'proftpd.conf' for actual use. It establishes a single server # and a single anonymous login. It assumes that you have a user/group # "nobody" and "ftp" for normal operation and anon. ServerName "ProFTPD" ServerType inetd ServerType inetd DefaultServer on <Global> DefaultRoot ~ psacln AllowOverwrite on </Global> DefaultTransferMode binary UseFtpUsers on # Port 21 is the standard FTP port. Port 21 PassivePorts 15000 20000 # Umask 022 is a good standard umask to prevent new dirs and files # from being group and world writable. Umask 022 # To prevent DoS attacks, set the maximum number of child processes # to 30. If you need to allow more than 30 concurrent connections # at once, simply increase this value. Note that this ONLY works # in standalone mode, in inetd mode you should use an inetd server # that allows you to limit maximum number of processes per service # (such as xinetd) MaxInstances 30 #Following part of this config file were generate by PSA automatically #Any changes in this part will be overwritten by next manipulation #with Anonymous FTP feature in PSA control panel. #Include directive should point to place where FTP Virtual Hosts configurations #preserved ScoreboardFile /var/run/proftpd/scoreboard # Primary log file mest be outside of system logrotate province TransferLog /usr/local/psa/var/log/xferlog #Change default group for new files and directories in vhosts dir to psacln <Directory /var/www/vhosts> GroupOwner psacln </Directory> # Enable PAM authentication AuthPAM on AuthPAMConfig proftpd IdentLookups off UseReverseDNS off AuthGroupFile /etc/group Include /etc/proftpd.include Any assistance at all will be greatly appreciated! |
does your firewall log show any packets getting filtered when this happens??
|
Oddly enough, I have this exact problem - and have it with both vsftpd and proftpd, so the chances of it being a networking problem are getting greater and greater. Unfortunately I have a router with the world's worst configuration utility, so I can't trace blocked packets or anything of that nature.
If I come up with something, I'll post it back here. 'Til then, it all works as long as I'm using a client where I an explicitly turn off passive mode, i.e. any linux commandline client. WinXP's commandline client doesn't recognize any of 'pasv', 'PASV' or 'passive', so it's altogether useless except for further testing. |
All times are GMT -5. The time now is 02:02 PM. |