Linux - SoftwareThis forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I have an FTP on my box and it's ok to connect to it. But when I try to list the content in any dir I get this:
Code:
Connected to xxx.xxx.xxx.xxx.
Name (xxx.xxx.xxx.xxx:root): xxxx
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> ls
200 PORT command successful. Consider using PASV.
...and then nothing more happens. I don't get back to any prompt it just seems to "hang" or something. I tried to connect with gFTP and enabled "passive transfer" to check if that had anything to do with PASV.
Code:
Looking up localhost
Trying localhost:738
Connected to localhost:738
USER xxxx
331 Please specify the password.
PASS xxxx
230 Login successful.
SYST
215 UNIX Type: L8
TYPE I
200 Switching to Binary mode.
PWD
257 "/home/ftp/accounts/normal"
Loading directory listing /home/ftp/accounts/normal from server (LC_TIME=en_US)
PASV
227 Entering Passive Mode (127,0,0,1,157,175)
Connected to localhost.
Name (localhost:mezzymeat): biztroo
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> ls
200 PORT command successful. Consider using PASV.
425 Failed to establish connection.
After that I try with gFTP:
Code:
Looking up localhost
Trying localhost:738
Connected to localhost:738
USER biztroo
331 Please specify the password.
PASS xxxx
230 Login successful.
SYST
215 UNIX Type: L8
TYPE I
200 Switching to Binary mode.
PWD
257 "/home/ftp/accounts/normal"
Loading directory listing /home/ftp/accounts/normal from server (LC_TIME=en_US)
PASV
227 Entering Passive Mode (127,0,0,1,63,243)
Loading directory listing /home/ftp/accounts/normal from server (LC_TIME=en_US)
PASV
227 Entering Passive Mode (127,0,0,1,240,49)
So that does not work either. Now here are the logs from vsftpd:
Code:
Sat Dec 11 17:01:18 2004 [pid 25101] CONNECT: Client "127.0.0.1"
Sat Dec 11 17:01:20 2004 [pid 25101] FTP command: Client "127.0.0.1", "USER biztroo"
Sat Dec 11 17:01:20 2004 [pid 25101] [biztroo] FTP response: Client "127.0.0.1", "331 Please specify the password."
Sat Dec 11 17:01:21 2004 [pid 25101] [biztroo] FTP command: Client "127.0.0.1", "PASS <password>"
Sat Dec 11 17:01:21 2004 [pid 25100] [biztroo] OK LOGIN: Client "127.0.0.1"
Sat Dec 11 17:01:21 2004 [pid 25102] [biztroo] FTP response: Client "127.0.0.1", "230 Login successful."
Sat Dec 11 17:01:21 2004 [pid 25102] [biztroo] FTP command: Client "127.0.0.1", "SYST"
Sat Dec 11 17:01:21 2004 [pid 25102] [biztroo] FTP response: Client "127.0.0.1", "215 UNIX Type: L8"
Sat Dec 11 17:01:23 2004 [pid 25102] [biztroo] FTP command: Client "127.0.0.1", "PORT 127,0,0,1,229,209"
Sat Dec 11 17:01:23 2004 [pid 25102] [biztroo] FTP response: Client "127.0.0.1", "200 PORT command successful. Consider using PASV."
Sat Dec 11 17:01:23 2004 [pid 25102] [biztroo] FTP command: Client "127.0.0.1", "LIST"
Sat Dec 11 17:01:56 2004 [pid 25096] [biztroo] FTP response: Client "127.0.0.1", "425 Failed to establish connection."
Sat Dec 11 17:02:23 2004 [pid 25102] [biztroo] FTP response: Client "127.0.0.1", "425 Failed to establish connection."
Sat Dec 11 17:02:52 2004 [pid 25112] CONNECT: Client "127.0.0.1"
Sat Dec 11 17:02:52 2004 [pid 25112] FTP command: Client "127.0.0.1", "USER biztroo"
Sat Dec 11 17:02:52 2004 [pid 25112] [biztroo] FTP response: Client "127.0.0.1", "331 Please specify the password."
Sat Dec 11 17:02:52 2004 [pid 25112] [biztroo] FTP command: Client "127.0.0.1", "PASS <password>"
Sat Dec 11 17:02:52 2004 [pid 25111] [biztroo] OK LOGIN: Client "127.0.0.1"
Sat Dec 11 17:02:52 2004 [pid 25113] [biztroo] FTP response: Client "127.0.0.1", "230 Login successful."
Sat Dec 11 17:02:52 2004 [pid 25113] [biztroo] FTP command: Client "127.0.0.1", "SYST"
Sat Dec 11 17:02:52 2004 [pid 25113] [biztroo] FTP response: Client "127.0.0.1", "215 UNIX Type: L8"
Sat Dec 11 17:02:52 2004 [pid 25113] [biztroo] FTP command: Client "127.0.0.1", "TYPE I"
Sat Dec 11 17:02:52 2004 [pid 25113] [biztroo] FTP response: Client "127.0.0.1", "200 Switching to Binary mode."
Sat Dec 11 17:02:52 2004 [pid 25113] [biztroo] FTP command: Client "127.0.0.1", "PWD"
Sat Dec 11 17:02:52 2004 [pid 25113] [biztroo] FTP response: Client "127.0.0.1", "257 "/home/ftp/accounts/normal""
Sat Dec 11 17:02:52 2004 [pid 25113] [biztroo] FTP command: Client "127.0.0.1", "PASV"
Sat Dec 11 17:02:52 2004 [pid 25113] [biztroo] FTP response: Client "127.0.0.1", "227 Entering Passive Mode (127,0,0,1,63,243)"
Sat Dec 11 17:04:52 2004 [pid 25113] [biztroo] FTP command: Client "127.0.0.1", "PASV"
Sat Dec 11 17:04:52 2004 [pid 25113] [biztroo] FTP response: Client "127.0.0.1", "227 Entering Passive Mode (127,0,0,1,240,49)"
Originally posted by Emerson I would check if both ftp ports are open on your server. Sorry, no more thoughts.
Yeah, that may be it. I have a firewall but I only thought that the port 21 (ok, I have changed that one to 738) should be open. What do you mean with "both ports"? What are the other port?
EDIT:
Thanks a lot! Now I know it's some port that should be open. I opened all ports and it worked. I then tried to open just 738 (the one it connects to) and 21. Not working. Then tried 20 (ftp-data). Not working.
Now I am out of ideas. Which is "the other port"? :P
Originally posted by Emerson Try opening both low ports, 20 and 21.
That didn't do it. I have the server running on 738 and that port is opened. I then tried to open port 1-1024 but it did not fix it. After a few tries I noticed that when I opened the ports 55000-60000 it worked. I have narrowed it anymore since I believe that the case is that the "random output" port is closed.
Can this be right?
Here is a copy of the iptables-firewall just in case:
Code:
#!/bin/sh
# flush
iptables -F
iptables -Z
# drop all input
iptables -P INPUT DROP
# ssh
iptables -A INPUT -p tcp --dport 739 -j ACCEPT
# ftp
iptables -A INPUT -p tcp --dport 738 -j ACCEPT
iptables -A INPUT -p tcp --dport 21 -j ACCEPT
iptables -A INPUT -p tcp --dport 20 -j ACCEPT
# dc
iptables -A INPUT -p tcp --dport 9176 -j ACCEPT
iptables -A INPUT -p udp --dport 9176 -j ACCEPT
iptables -A OUTPUT -p tcp --dport 9176 -j ACCEPT
iptables -A OUTPUT -p udp --dport 9176 -j ACCEPT
# msn transfer
iptables -A INPUT -s 0/0 -p tcp --dport 6891:6900 -j ACCEPT
# established
iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
Note that I opened 20 and 21 temporary just to try what you said. It did not work and the ftp is not running on port 21.
It seems that I have to open a port when I am being the client on the ftp-side. I can connect to an ftp but I can't do a PORT-command. When I open all ports I can do it. So this has to do with the client, not the server.
What should I do in the above firewall to make myself able to connect to ftps?
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.