proFTPd access from outside network

[remix]

i got my proFTPd access to work, i'm in the same network and i'm able to FTP to my web directories perfectly fine, people can view my web directories fine also. but i can't access my ftp account from outside the network. i have my router forwarding ports 80, 21, and 22 to the server on my network. all using TCP ( does it have to be UDP ? ) i get errors like unable to access file listing, and unable to login from my ftp client outside the network. the ownership for the directory is ftp:ftp-users (like in hayl's howto) my proftpd.conf has the directory listed like this\

[Maup]

How do you start your ProFTPD server ?

If you are doing that via xinetd, please include your /etc/xinetd.d/proftpd file.

If you are running it on its own, please include your config file...

greetz

Maurits
_________________
It must be logic: Before you can shutdown, you have to use Start....

[remix]

[Maup]

Mmm,

config seems ok to me...

You weren't very clear about if you run ProFTPD from xinetd or standalone.

BTW: Only TCP settings are necessary in the firewall. Thats because the main difference between TCP and UDP packets is that UDP is broadcast (for example used for DHCP) and TCP needs a verified connection (a channel).
So it seems quite strange wanting to run a UDP FTP server, let alone an broadcast SSH server ...

In your first post you mentioned ownership for directories, but what directories do you mean ?
Please consider that when a user logs in to your server and accesses files or directories, it is done as the user himself. For proper access the owner of the directory you want to access has to be the username you use to log in.

Does this ring any bells ?

greetz

Maup
_________________
It must be logic: Before you can shutdown, you have to use Start....

[nobspangle]

are you using passive or non-passive mode to connect?

Is the client behind a firewall?

[remix]

Servertype Standalone

passive mode

no firewall

what is with the ftp:ftp-users ?
how do i configure it so that a client can access anything in the <Directory> should it be user1:ftp-users ?

thanks btw.

[remix]

ok i double checked everything and still an outside client is unable to access his own directory. its error 200 everytime, unable to retrieve file listing, connection aborted.

my router is forwarded to that server using port 21, the server is listening on port 21, proftpd is started, the configuration is correct because i can login to any of the accounts using my computer within the network, i have full access to uploading, downloading, anything.

would anyone happen to know of any solutions they have experienced when trying to connect to a server from outside of the lan?

[Maup]

Mmm, strange...

You can change the owner:group with chown <owner>:<group> so in your case chown <username>:ftpusers.

One question though: are you able to login under every username successfully when accessing the server locally ?

BTW (maybe completely unnessecary remark) What I meant with or without xinetd is if you have started the server via /etc/init.d/proftpd start (or via the rc-update add proftpd default) or via /etc/init.d/xinetd start (with the configuration of the access to the ftp server in /etc/xinetd.d/proftpd).
This is because it seems to me that there is something on the server or in the gateway that is filtering outside traffic...

greetz

Maurits
_________________
It must be logic: Before you can shutdown, you have to use Start....

[leszcz]

Hi,

remix, you need two addition options in proftpd.conf

MasqueradeAddress a.b.c.d (a.b.c.d - your public ip)
PassivePorts xxxxx yyyyy

You have to forward passive ports range to proftpd machine on your firewall.

Regards