I am serving an FTP site from my Ubuntu 5.1 computer and am having troubles logging on from outside my network. Actually, logging on is no problem, but listing the files and downloading is the problem (although I can still change directories). Between computers inside the network works perfectly.
Here's a typical scenario using FileZilla under WindowsXP from outside the network:
USER blah
PASS blah
230 Login successful
PWD
257 "/home/blah"
PASV
227 Entering Passive Mode (192,168,2,2,42,46)
LIST
Transfer channel can't be opened. Reason: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.
Could not retrieve directory listing
Another scenario using 'ftp' under Linux from outside the network:
[becker@esus ~]$ ftp adambecker.homelinux.com 2102
Connected to adambecker.homelinux.com.
220 You have successfully entered Adam's FTP site.
530 Please login with USER and PASS.
Name (adambecker.homelinux.com:becker):
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> ls
227 Entering Passive Mode (192,168,2,2,237,138)
ftp: connect: Network is unreachable
ftp> cd mydocs ### <-- I can 'cd' fine
250 Directory successfully changed.
ftp> ls ### <-- But 'ls' fails
227 Entering Passive Mode (192,168,2,2,74,122)
ftp: connect: Network is unreachable
ftp> get test.txt
local: test.txt remote: test.txt
227 Entering Passive Mode (192,168,2,2,235,86)
ftp: connect: Network is unreachable
ftp>
I am using iptables which blocks all unused ports. Should I be opening one up besides port 2102 (my FTP port)? Is this a network problem or a vsftpd problem? Thanks for any suggestions!
--Beebop
###### Here's my /etc/vsftpd.conf ######
listen_port=2102
ftpd_banner=You have successfully entered Adam's FTP site. Upload some pictures. Show me what you look like
# You may specify an explicit list of local users to chroot() to their home
# directory. If chroot_local_user is YES, then this list becomes a list of
# users to NOT chroot().
chroot_list_enable=YES
chroot_list_file=/etc/vsftpd.chroot_list
#make sure the 'auth required pam_shells.so' line is commented out in /etc/pam.d/vsftpd
pam_service_name=vsftpd
#default userlist_enable is NO, but I don't want to let anyone in EXCEPT those in the list
userlist_enable=YES
#Used when userlist is enabled.
#When userlist_deny is NO, all users are denied except those in userlist_file
userlist_deny=NO
userlist_file=/etc/vsftpd.user_list
#enable for standalone mode
listen=YES
tcp_wrappers=YES
anonymous_enable=NO
local_enable=YES
write_enable=YES
local_umask=022
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
xferlog_std_format=YES
#idle_session_timeout=600
#data_connection_timeout=120
chroot_local_user=YES