cannot connect vsftpd from computer client
 

dear all,

My name is djunaedi i'm from indonesia, i'll try to build public ftp use
vsftpd. i followed manual installation from vsftpdrocks.org. Its work but
only in my localhost (server) when i try to connected from computer client
use dos command :

ftp> o 202.152.19.189
connected to 202.152.19.189
connection closed by remote host.

what should i do ? where is the mistakes ?.For u'r information i used Fedora Core 5.

Are you able to ftp from your own machine(running vsftpd service) itself?

It seems that you are blocked by TCP WRAPPERS, as it does not ask you to even enter the username and password. Check /etc/hosts.deny file.(assuming your vsftpd service is running well and not having any firewall issue.)

or

You can test by temporarily shutting down the firewall and then login, to dignose if the problem is with firewall or not.


Regards,

Suhas,

yes, i can ftp from my machine and i didn't give any comment in /etc/hosts.deny, i hv been accept port 21 in iptables. when i install FC 5 i was enabled firewall to ftp.

In that case, it seems your firewall is misconfigured... you have to configure firewall to accept incoming/outgoing traffic to both channels (command and data). For that you need to consider which mode your ftp server is running in... that is "active" or "passive". By default vsftpd works in passive mode.

Allow incoming connection from client on port 21,

and

for passive mode --- > you need to also allow any incoming connection from client having arbitrary source port > 1024 and destination port > 1024.


for active mode ----> allow any outgoing traffic from the server having source port 20.


Hope this works....

I also have read that using packet states like RELATED, ESTABLISHED we can sort this issue but have not been successful so far....



See u..........

Fedora Core 5 is getting a bit dated. Since you are offering a service on the internet, it is very important to keep the server up to date with security updates, so using a version where security updates are supported is very important.

Check the server's logs. A rejected connection will probably be logged by whatever denied the access. If your firewall drops packets rather than rejecting them, that may be further evidence that the solution is somewhere else.

thank for u'r advice to using a new version. Back to my problem how to check the server log, sorry if my question so ridiculous. i'm still newbie in linux programing.