proftpd on Debian Lenny w. Netgear wgr614, cannot connect in passive mode
Hi all,
I'm revamping a small ftp-server of mine. The only ftp-server that I have any real experience with is glftpd. I was fairly satisfied with it but I wanted to run my server on a fresh Debian install (it ran on an old Ubuntu Dapper) and I prefer to use software from the standard repos' so I opted for a change. My first try was pure-ftpd but that gave me a hard time so I tried out proftpd instead. So, now I got a clean install of Debian Lenny with proftpd from Debian's standard repos' hooked up to the net with a Netgear wgr614 router. It's up and running just fine, I can log in from the account that I created but I cannot connect using a passive connection. I've specified the ports for passive connections in the /etc/proftpd/proftpd.conf file and I've opened those ports on my router. I don't have a firewall up and running (yet). When I try to connect it hangs on the LIST command, giving this output: Code:
Status: Connecting to MY.EXTERNAL.IP:PORT... Code:
PassivePorts 49200 49399 Thanks CZ |
That looks a lot like your router is still blocking the ports, you may want to fire echo up on one of the ports and attempt to connect to it... or maybe reboot the router.
|
Quote:
As for fire echo up one of the ports I'm gonna do a full disclosure and admit that I don't have a clue about what that mean. (I tried to google it up to hide my ignorance but that didn't work so I might as well come clean about it. ;) ) /CZ |
Quote:
Code:
echo | nc -l -p portnumber & Code:
core$ echo | nc -l -p 9999 & |
Thanks, I really appreciate your help rweaver!
I was actually trying nmap (among other things) out when I saw your reply but the echo with telnet was really neat. :cool: I can telnet from my desktop into the server and whatever I write on the desktop is echoed on the server, on the ports that are set to be used for passive transfer. However, it is not echoed back to the desktop. Neither have a firewall running and both are inside the network. Could it still be a problem with the router? I don't have access to a computer outside the network (at least until friday or so) but before I read your reply I had tried three things. First I used nmap and probed the passive ports on the router. The result was that all specified ports were filtered. The second thing I did was to pop by www.grc.com and try their shields up! The result was that the ports were closed. Still, it failed the test saying: "Unknown Protocol for this port. Unknown Application for this port". Third thing I did was to try nmap on my external IP but it just said that no scan information was available. As an added bonus I tried Shields up! one more time, after I had opened three ports with your nifty echo command and fired up Filezilla, pointing it to the external IP with passive connection. Shields up! now say I have four of the passive ports open, three of which I opened with the echo command plus one more. I killed the (three) echo jobs and tried once more. All ports closed. Fired up filezilla again and tried yet once more. All ports closed. So, I can't reproduce the forth open port, which is a bit unnerving. Is this information of any use for you? Because I'm still lost. Thanks! /CZ |
Ok, I sorted it out. Turned out the problem wasn't with the router at all.
In the proftpd.conf I added this: Code:
DefaultAddress MY.INTERNAL.IP.ADRRESS Still, thanks for the help rweaver, you taught me a few new tricks. regards CZ |
All times are GMT -5. The time now is 12:50 AM. |