Proftpd --- can't FXP please help

funnyusa · 06-21-2003, 03:28 AM

ok here is my proftpd.conf:
--------------------------
[root@ensim home]# cat /etc/proftpd.conf
# This is a basic ProFTPD configuration file (rename it to
# 'proftpd.conf' for actual use. It establishes a single server
# and a single anonymous login. It assumes that you have a user/group
# "nobody" and "ftp" for normal operation and anon.

ServerName "Funnyusa.net - Funnyusa.org ProFTPD"
ServerType Standalone
DefaultServer on
DefaultRoot ~

# Define this if you want to prevent your server from displaying what FTP
# server and version you are using.
ServerIdent on "Funnyusa.net-Funnyusa.org ProFTPD FTP Server ready."

#Time out parameters
TimeoutIdle 100
TimeoutNoTransfer 150
TimeoutLogin 50

# Port 21 is the standard FTP port.
Port 21

# To prevent DoS attacks, set the maximum number of child processes
# to 30. If you need to allow more than 30 concurrent connections
# at once, simply increase this value. Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd)
MaxInstances 12

# Set the user and group that the server normally runs at.

User funnyusa
Group private

SystemLog /var/log/proftpd.system.log
TransferLog /var/log/proftpd.transfer.log

# Allow resume on both upload and download
AllowStoreRestart on
AllowRetrieveRestart on
DeleteAbortedStores on
HiddenStor off

MaxClientsPerHost 2 "Sorry, only %m per host"
MaxClients 12 "Sorry but we only allow %m ftp connection"

<Limit READ DIRS>
IgnoreHidden off
#IgnoreHidden on
</Limit>

# To disable use of system-wide password file
PersistentPasswd off

<Global>
# Umask 022 is a good standard umask to prevent new dirs and files
# from being group and world writable.
Umask 022

# Setting this to 'on' makes PAM the final authority on what gets
# authenticated. Turning this off will tell PAM to allow other
# authentication modules compiled into ProFTPD a chance at the user.
AuthPAMAuthoritative On

# This is the PAM configuration file that will be referenced when
# authenticating. It can be set globally and/or per VirtualHost.
# The default is 'ftp'. Note: all PAM configuration files must be in
# /etc/pam.d
AuthPAMConfig ftp

# Don't let people pass % characters to the server and to protect against DoS attacks (Bugzilla ID 1066)
# DenyFilter (\*.*/)|%

# Allow FXP

AllowForeignAddress on

<Limit SITE_CHMOD>
AllowAll
</Limit>

RequireValidShell on
</Global>

<Limit LOGIN>
Order deny,Allow
Deny from 67.107.2.135, 4.61.187.200
Allow from all
</Limit>

# Normally, we want files to be overwriteable.

<Directory /home/ftp>

AllowOverwrite on
HideNoAccess on
HideUser root
HideGroup root
</Directory>

<Anonymous /home/upload>

User funnyusa
Group private
AnonRequirePassword on #(or off)
RequireValidShell off #(or off)

# Deny login for users with shellaccess
<Limit WRITE>
DenyAll
</Limit>

<Limit LOGIN>

AllowAll

</Limit>

<Directory /home/upload>
<Limit STOR CWD APPE READ RMD DELE MKD>
AllowAll
</Limit>
</Directory>
</Anonymous>

===============================

the annonymous account would not work, when I connect it said incorrect user/password..

And the main ftp for non-annoy, I can access, i can upload but can't FXP? anyone know why? is it because IPtables and IPchain? btw, do i have to run iptables and ipchain at the same time or just one at the time? because I see they are both running now
thanks

jharris · 06-21-2003, 04:05 AM

I don't quite follow your question. Are you trying to get any FTP working or is it just the anonymous FTP that isn't working and needs to, if that the case then what's listed in /etc/ftpusers ?

cheers

Jamie...

funnyusa · 06-21-2003, 09:46 AM

my question is why my ftp are not able to using FXP. I am able to use admin account to upload from my computer to the ftp but not able to use function FXP to transfer file from other FTP to my FTP
---------------
here is what in my /etc/ftpusers
----------

[root@ensim root]# cat /etc/ftpusers
root
bin
daemon
adm
lp
sync
shutdown
halt
mail
news
uucp
operator
games
gopher
nobody
mailnull
rpm
xfs
rpc
rpcuser
nscd
ident
radvd
vcsa
named
majordomo

jharris · 06-24-2003, 03:02 AM

Ah right, now I follow, but I can' t really help

I've never used FXP myself and am not sure what might be causing the problem. I've always just used SSH to connect to the remote machine and used straight (s)ftp from there.

cheers

Jamie...

funnyusa · 06-24-2003, 12:12 PM

someone know why? please help

guc · 07-28-2003, 11:25 AM

funnyusa did you find the reason ?

funnyusa · 07-29-2003, 01:26 AM

yeah I got a reason why now, my computer has zonealarm firewall, I try on a comp with no firewall , working just fine, a friend told me that fxp can't pass 2 firewall , so ..

t0c · 08-21-2003, 09:28 PM

Are u behind a NAT or a firewall?? cause if you are u might want to check with those. And if you are enable MasqueradeAddress <publicIP>. As well as set the passive ports using PassivePorts <startingport> <endingport> and foward that range of ports to your computer. Might be useful if you paste the log from the client ftp. Now I never had problems using ZA Pro on the client ftp (meaning I ftpd from servers to another with ZA enabled) so that was never a prob 2 me.