Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
12-05-2004, 10:18 AM
|
#1
|
LQ Newbie
Registered: Aug 2003
Location: Stillwater, OK
Distribution: Red Hat Fedora Core 3
Posts: 5
Rep:
|
vsftpd not allowing external access
I am running RH Fedora Core 3. I installed FTP from the install CDs. I have port 21 forwarding on my router and the linux firewall has ftp open. The vsftpd.conf file shows anonymous_enable=YES and local_enable=YES.
Here's the weird part...
From a command prompt, I can type "ftp localhost" and connect using my username and pwd.
From my windows machine, I can connect using ws_ftp and the internal 192.168... NAT address using my username and pwd.
When I try to connect using my server address (i.e. myserver.myhost.org), I can't connect. Most of the time, ws_ftp spins its wheels and will give me the connect sound (train whistle) after about three minutes but it obviously isn't connected since it doesn't show any files or folders. I was noodling with the conf file and set anonymous_enable=NO and ws_ftp gave me an "unable to connect" error rather quickly. I have also tried setting connect_from_port_20=NO (it's currently set to YES) and restarting the service but that didn't help.
I have reset the config file to its defaults. I'm relatively new to linux and don't want to break anything.
What am I missing? vsftpd is obviously running but it will only listen to internal requests.
Thanks,
Joe Fusco
|
|
|
12-05-2004, 10:27 AM
|
#2
|
LQ Guru
Registered: Jan 2001
Posts: 24,149
|
vsftpd doesn't know the difference from internal or external requests from your setup. If you're sure port 21 is forwarding to your server from your router, you now need to make sure your ISP doesn't block port 21, etc. What kind of router is this?
|
|
|
12-05-2004, 02:19 PM
|
#3
|
Senior Member
Registered: Sep 2003
Location: Sweden
Distribution: Debian
Posts: 3,032
Rep:
|
On several distributions, the default for xinetd is to have "only_from = localhost" set in xinetd.conf. If you have vsftpd launched from xinetd - as opposed to running as a daemon - you should have a look at this file and the vsftpd xinetd.d entry to make sure they allow external access.
Håkan
|
|
|
12-05-2004, 08:29 PM
|
#4
|
LQ Newbie
Registered: Aug 2003
Location: Stillwater, OK
Distribution: Red Hat Fedora Core 3
Posts: 5
Original Poster
Rep:
|
It's a linksys befsr41 cable/dsl router. I can check on port blocking, that makes sense. I'll look and see how to specify listening on another port and maybe try that, too (unless you can give me a hint).
I didn't find a vsftpd entry in xinetd.d. Is there anything wrong with running it as a daemon?
Thanks
|
|
|
12-05-2004, 08:38 PM
|
#5
|
LQ Guru
Registered: Jan 2001
Posts: 24,149
|
Quote:
Originally posted by bubby
I didn't find a vsftpd entry in xinetd.d. Is there anything wrong with running it as a daemon?
|
There is absolutely nothing wrong running it in standalone mode.
But yes, try to set it up so it possibly listens on port say.. 2121, if that works after forwarding that port to your server, it could very well be that your ISP blocks port 21 to prevent people from running FTP servers, etc.
|
|
|
12-05-2004, 10:35 PM
|
#6
|
Senior Member
Registered: Mar 2004
Location: far enough
Distribution: OS X 10.6.7
Posts: 1,690
Rep:
|
might be funny but
- do you have a firewall?
- is the firewall accepting incoming connections on ftp port number?
- like trickykid said could be your isp too you can try different ports. If you don't run a web server try to run ftp server on port 80.
Last edited by mrcheeks; 12-05-2004 at 10:37 PM.
|
|
|
12-06-2004, 09:29 AM
|
#7
|
LQ Newbie
Registered: Aug 2003
Location: Stillwater, OK
Distribution: Red Hat Fedora Core 3
Posts: 5
Original Poster
Rep:
|
No firewall. The Fedora firewall is set to allow FTP.
I went to Shields Up!! ( https://grc.com/x/ne.dll?bh0bkyd2) and probed port 21. At first, it came back as open. I read some information about port 20 & 21 related ot FTP and decided to probe ports 20-22. 20 came back open but 21 came back as "stealth." According to the description, "Not a single packet — solicited or otherwise — was received from your system as a result of our security probing tests. Your system ignored and refused to reply to repeated Pings (ICMP Echo Requests). "
Does this mean it's being blocked? Or does it mean my system is not configured properly?
Incidentally, SSH and port 22 work fine.
I also tried running it on port 2121 but that even failed with the internal NAT address.
|
|
|
12-06-2004, 12:38 PM
|
#8
|
LQ Newbie
Registered: Aug 2003
Location: Stillwater, OK
Distribution: Red Hat Fedora Core 3
Posts: 5
Original Poster
Rep:
|
This is interesting...
As I first stated, ws_ftp is indicating that it connects using the server name but it doesn't list any files. I decided to test the connection and send a small file.
The file didn't upload successfully, but the server *did* create a zero-length file of the same name.
So, there's a connection being established but not completely... any thoughts?
|
|
|
12-06-2004, 12:48 PM
|
#9
|
LQ Newbie
Registered: Aug 2003
Location: Stillwater, OK
Distribution: Red Hat Fedora Core 3
Posts: 5
Original Poster
Rep:
|
Here's the connection log from ws_ftp if it's helpful (IPs and names hidden)
Finding Host unclebubby.dnsalias.org ...
Connecting to xxx.xxx.xxx.xxx:21
Connected to xxx.xxx.xxx.xxx:21 in 0.000000 seconds, Waiting for Server Response
220 (vsFTPd 2.0.1)
Host type (1): Automatic Detect
USER user
331 Please specify the password.
PASS (hidden)
230 Login successful.
SYST
215 UNIX Type: L8
Host type (2): Unix (Standard)
PWD
257 "/home/user"
CWD /home/user
250 Directory successfully changed.
PWD
257 "/home/user"
TYPE A
200 Switching to ASCII mode.
PASV
227 Entering Passive Mode (192,168,1,99,190,15)
connecting data channel to 192.168.1.99:190,15(48655)
Substituting connection address xxx.xxx.xxx.xxx for private address 192.168.1.99 from PASV
PORT 192,168,1,98,15,84
200 PORT command successful. Consider using PASV.
LIST
425 Failed to establish connection.
Could it be that I'm connecting from the same IP and it doesn't like that I'm routing outside to come back in? I'll try connecting from a remote computer and see how it goes.
|
|
|
All times are GMT -5. The time now is 03:17 PM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|