LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 07-08-2004, 01:44 PM   #1
apberzerk
Member
 
Registered: Sep 2003
Location: kansas....
Distribution: gentoo
Posts: 51

Rep: Reputation: 15
proftpd, passive mode, and a router....


I know there are other threads concerning proftpd, passive mode, and routers, but none of them seemed to help me. I am still stuck with the following problem when I try to ftp to my proftpd server from outside the network. Note: it works when connecting from another computer inside the LAN.

When trying to transfer files or do a directory listing, I get this:

227 Entering Passive Mode (192,168,1,129,234,107).

And then it just sits there.........

I have ports 20 (i dont think it's needed, but it's there anyways), 21, and 59000 through 63000 forwarded to the computer that is running proftpd, which you can see is consistent with my following proftpd.conf:

------------------------------------------------------------------------------------------------
# Lock users into the ftproot directory
DefaultRoot ~

AllowForeignAddress on
#TCPAccessFiles /etc/ftpd.allow /etc/ftpd.deny

ServerIdent on "Enter username and password. Anonymous logins are disabled.
ServerName bla
ServerType standalone
ServerAdmin Private@whatever.net
DeferWelcome on

#ShowDotFiles off
ShowSymlinks on
MultilineRFC2228 on
DefaultServer on
AllowOverwrite on
MaxClients 10
MaxClientsPerHost 1 "You are already logged on once."
RequireValidShell off

TimeoutNoTransfer 120
TimeoutStalled 10
TimeoutLogin 20
TimeoutIdle 1200

RootLogin off
UseFtpUsers off

Port 21
PassivePorts 59000 63000
MaxInstances 30

ExtendedLog /var/log/ftp.log auth,all

ListOptions "-l"

DenyFilter \*.*/

# Set the user and group that the server normally runs at.
User ftp
Group ftp-users

<Directory ~/*>
Umask 022 022
AllowOverwrite off
<Limit MKD STOR DELE XMKD RNRF RNTO RMD XRMD>
DenyAll
</Limit>
</Directory>

<Directory ~/music/*>
Umask 022 022
AllowOverwrite off
<Limit MKD STOR DELE XMKD RNEF RNTO RMD XRMD>
DenyAll
</Limit>
</Directory>

<Directory ~/movies/*>
Umask 022 022
AllowOverwrite off
<Limit MKD STOR DELE XMKD RNEF RNTO RMD XRMD>
DenyAll
</Limit>
</Directory>


<Directory ~/shows/*>
Umask 022 022
AllowOverwrite off
<Limit MKD STOR DELE XMKD RNEF RNTO RMD XRMD>
DenyAll
</Limit>
</Directory>


<Directory> ~/upload>
Umask 022 022
AllowOverwrite on
<Limit MKD XMKD RNRF RNTO DELE RMD XRMD STOR>
AllowAll
</Limit>
</Directory>

<Directory> ~/documents/*>
Umask 022 022
AllowOverwrite on
<Limit MKD XMKD RNRF RNTO DELE RMD XRMD STOR>
AllowAll
</Limit>
</Directory>
 
Old 07-08-2004, 02:04 PM   #2
Donboy
Member
 
Registered: Aug 2003
Location: Little Rock, Arkansas
Distribution: RH, Fedora, Suse, AIX
Posts: 736

Rep: Reputation: 31
I don't think you're gonna be able to use passive mode, since you're behind a router. The problem is... in passive mode, the client initiates all of the connections. So what happens is... the client is trying to initiate the first connection to your port 21, which is fine, because you've got that forwarded to your box. Then, the client tries to initiate the data connection to some high-numbered port on your machine. Since this is actually trying to connect to your router, I'm sure you don't have all of the high-numbered ports forwarded to your server, and you probably shoudln't anyway. So this is where you're having trouble.

If you're running active FTP (as opposes to passive) the client starts the conversation by connecting to your port 21 and then the server uses port #20 to connect to a high-numbered port on the client for the data connection.

Bottom line... turn off passive mode and try it.

Here's something for your reference that may help explain more about active vs. passive.

http://slacksite.com/other/ftp.html
 
Old 07-11-2004, 08:05 PM   #3
apberzerk
Member
 
Registered: Sep 2003
Location: kansas....
Distribution: gentoo
Posts: 51

Original Poster
Rep: Reputation: 15
Well, I've tried using it with passive mode off, and couldnt get that to work either.

Besides, if you look at my original post, I have set which ports to use for passive mode on the proftpd.conf file and I DO have that range of ports forwarded from the router to server, which is exactly what all the other threads have been suggesting.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
ProFTPD hangs on "227 Entering Passive Mode" VirusHater Linux - Newbie 4 06-30-2010 06:26 PM
ProFTPd, Redhat 8.0 and passive mode Slasher Linux - Networking 10 05-09-2008 05:08 PM
ftp passive mode ? lenlutz Linux - Networking 1 11-05-2003 02:11 PM
How to have passive mode off by default in wu-ftpd alisajjad Linux - Networking 0 07-30-2003 07:34 AM
kermit in passive mode? bbeers Linux - Software 1 08-23-2002 08:53 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 03:45 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration