LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices


Reply
  Search this Thread
Old 03-28-2004, 04:43 PM   #1
ryedunn
Member
 
Registered: Jul 2003
Location: Chicago
Distribution: Fedora, ubuntu
Posts: 459

Rep: Reputation: 30
Proftp with non standard port


the proftpd.conf has a entry where I can easily change the port. But what about the ftp-data port? For example, if I want to setup port 4000 as the sourceport does that mean 3999 will automatically be the data port or will it stay 20?
 
Old 04-06-2006, 06:50 PM   #2
leosgb
Member
 
Registered: Nov 2004
Location: Brazil
Distribution: Gentoo
Posts: 363

Rep: Reputation: 31
I am having the same problem here. I setup my server to port 34012 and open it in my iptables:

iptables -A INPUT -p tcp -m state --state NEW -m tcp --dport 34012 -j ACCEPT

I followed these instructions:
http://gentoo-wiki.com/HOWTO_setup_a...server#ProFTPd

I just want to have a FTP server running for a couple minutes so a friend can upload some pics to me and then i will turn it off because i dont use it and i've heard it is unreliable.

I try:
ftp
ftp> open 192.168.1.231 34012
ftp: connect: Connection refused

I want to connect as user ftp or anonymous. As ryedunn said do we need to open port 20? Or, in my case, port 34011? I am running my server in standalone mode.

Does anyone know how to help?

***************************************************************************
EDIT1: I just found out that i can connect as a regular user (one already registered in the system) if i "open 127.0.0.1 34012". My proftpd.conf is:

ServerName "FTP server"
ServerType standalone
DefaultServer on
RequireValidShell off

# Port 21 is the standard FTP port.
Port 34012

# Umask 022 is a good standard umask to prevent new dirs and files
# from being group and world writable.
Umask 022

# To prevent DoS attacks, set the maximum number of child processes
# to 30. If you need to allow more than 30 concurrent connections
# at once, simply increase this value. Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd).
MaxInstances 30

# Set the user and group under which the server will run.
User ftp
Group ftp

# To cause every FTP user to be "jailed" (chrooted) into their home
# directory, uncomment this line.
DefaultRoot ~

# Normally, we want files to be overwriteable.
AllowOverwrite on

# Bar use of SITE CHMOD by default
<Limit SITE_CHMOD>
DenyAll
</Limit>

# A basic anonymous configuration, no upload directories. If you do not
# want anonymous users, simply delete this entire <Anonymous> section.
<Anonymous ~ftp>
User ftp
Group ftp
AnonRequirePassword on

# We want clients to be able to login with "anonymous" as well as "ftp"
UserAlias anonymous ftp

# Limit the maximum number of anonymous logins
MaxClients 10

# We want 'welcome.msg' displayed at login, and '.message' displayed
# in each newly chdired directory.
DisplayLogin welcome.msg
DisplayFirstChdir .message

# Limit WRITE everywhere in the anonymous chroot
<Limit WRITE>
DenyAll
</Limit>
<Directory incoming>
<limit READ WRITE DIRS STOR CWD CDUP>
AllowAll
</limit>
</Directory>
</Anonymous>

The problem as user "ftp":

ftp> open 127.0.0.1 34012
Connected to 127.0.0.1 (127.0.0.1).
220 ProFTPD 1.2.10 Server (FTP server) [127.0.0.1]
Name (127.0.0.1:johndoe): ftp
500 AUTH not understood
SSL not available
331 Password required for ftp.
Password:
530-Unable to set anonymous privileges.
530 Login incorrect.
Login failed.
Remote system type is UNIX.
Using binary mode to transfer files.

***********************************************
EDIT2:ALMOST SOLVED
I just found out that /home/ftp was set to 644. I changed it to 744 and it works now. The last problem to solve is to figure how to get my server to be reacheable thru its ip address not just 127.0.0.1

Last edited by leosgb; 04-06-2006 at 08:51 PM.
 
Old 04-07-2006, 07:30 AM   #3
ryedunn
Member
 
Registered: Jul 2003
Location: Chicago
Distribution: Fedora, ubuntu
Posts: 459

Original Poster
Rep: Reputation: 30
well

silly question but are you sure the process is running? what do you see when you run a netstat?
 
Old 04-07-2006, 12:17 PM   #4
leosgb
Member
 
Registered: Nov 2004
Location: Brazil
Distribution: Gentoo
Posts: 363

Rep: Reputation: 31
Right now I have a connection from my server to my server using
ftp 127.0.0.1 34012

My netstat displays:
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 localhost:34012 localhost:43799 ESTABLISHED
tcp 0 0 localhost:34011 localhost:37752 TIME_WAIT
tcp 0 48 aloha.homesystem.:34010 192.168.1.125:1781 ESTABLISHED
tcp 0 0 localhost:43799 localhost:34012 ESTABLISHED
tcp 0 0 localhost:43798 localhost:34012 TIME_WAIT
Active UNIX domain sockets (w/o servers)
Proto RefCnt Flags Type State I-Node Path
unix 2 [ ] DGRAM 6657 @/org/kernel/udev/udevd
unix 9 [ ] DGRAM 14282 /dev/log
unix 2 [ ] DGRAM 1933909
unix 2 [ ] DGRAM 1933908
unix 2 [ ] DGRAM 1933901
unix 3 [ ] STREAM CONNECTED 1933848
unix 3 [ ] STREAM CONNECTED 1933847
unix 2 [ ] DGRAM 16720
unix 2 [ ] DGRAM 16281
unix 2 [ ] DGRAM 16192
unix 2 [ ] DGRAM 16049
unix 3 [ ] STREAM CONNECTED 14285
unix 3 [ ] STREAM CONNECTED 14284
 
Old 04-07-2006, 12:59 PM   #5
leosgb
Member
 
Registered: Nov 2004
Location: Brazil
Distribution: Gentoo
Posts: 363

Rep: Reputation: 31
My firewall is blocking the connections. I stopped it and I was able to connect to the FTP server correctly.

My rule to allow ftp access in iptables is:

-A INPUT -p tcp -m tcp --dport 34012 -j ACCEPT

I know this is not enough but I dont know what else I need to add. Can anyone help me?
 
Old 04-08-2006, 10:36 PM   #6
ryedunn
Member
 
Registered: Jul 2003
Location: Chicago
Distribution: Fedora, ubuntu
Posts: 459

Original Poster
Rep: Reputation: 30
firewall

its nice to know what is happening and how to add firewall rules but if you plan on writing everything yourself, you need to do more research to find out what all is involved. Some have been prewritten with hundreds of rules for your protection. You should look at what your needs are and which are best for you.

If you insist on writing your own rules there are other forums which would be best for you.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
vsftpd on non-standard port baronsam Linux - Networking 3 08-21-2006 03:40 PM
Using an USB port as a standard DB9 Serial Port Lsteele Linux - Newbie 1 10-22-2005 09:48 AM
VNC on non-standard port king_scott_2 Linux - Software 2 07-19-2005 07:25 AM
how do i know if port 21 is open? (proFTP question) sirpelidor Linux - Newbie 2 02-12-2004 06:04 AM
ProFTPD+PASV+non standard port Code_Zero Linux - Software 3 08-05-2002 03:39 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 08:06 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration