| View previous topic :: View next topic |
| Author |
Message |
fbd
n00b
Joined: 12 Sep 2004
Posts: 21
Location: Akureyri, Iceland
|
 Posted: Sun Feb 20, 2005 2:18 am Post subject: Weird problem with FTP transfers |
 |
|
Hi everyone!
Ok, here is the deal I am running proftpd and I am trying to transfer data between my server and others. This usually works with my default settings but now it seems not to be working. Normal upload/download transfer between server and client work perfectly.
Here is how my configuration looks like:
| Code: | ServerName "FTP Server"
ServerType standalone
DefaultServer on
ServerIdent on "Go away"
[b]AllowForeignAddress on[/b]
Port 21
Umask 022
MaxInstances 30
MaxClients 10 "Only 10 connections allowed"
MaxClientsPerHost 10
MaxClientsPerUser 10
TimeoutStalled 120
TimeoutNoTransfer 360
TimeoutLogin 360
#PassivePorts 49152 65534
User nobody
Group nogroup
AllowOverwrite on
AllowRetrieveRestart on
AuthUserFile "/etc/proftpd/passwd"
AuthGroupFile "/etc/proftpd/group"
DefaultRoot ~
TransferLog /var/log/ftptransferlog
#Problems with globbing
DenyFilter \*.*/
|
As you can see AllowForeignAddress is on and the PORT command executes normaly when I try to start the transfer, but when the STOR tries to execute the file appiers on my server but the transfer never begins (so the file is always 0 Kb, it's just the name).
My firewall blocks only port 22 on foreign addresses so the firewall should not be a problem. I also tried pure-ftpd but I get the same error.
There is no problem with the servers I am trying to get data from. And there are no errors on the command stream.
What am I missing?
P.s. i tried with the PassivePort on and off and the passive modes seems to work but still no transfer.
_________________
Frailty, thy name is woman! |
|
| Back to top |
|
 |
moocha
Watchman
Joined: 21 Oct 2003
Posts: 5722
|
| Posted: Sun Feb 20, 2005 3:01 am Post subject: |
|
|
The firewall needs to be able to track FTP connections, since FTP is one of the protocols using more than one connection at the same time - one control connection and one data connection). If you're in control of the firewall, do | Code: | | modprobe ip_conntrack_ftp |
and additionally (if it's a masquerading firewall) | Code: | | modprobe ip_nat_ftp |
_________________
Military Commissions Act of 2006: http://tinyurl.com/jrcto
"Those who would give up essential liberty to purchase a little temporary safety deserve neither liberty nor safety."
-- attributed to Benjamin Franklin |
|
| Back to top |
|
|
fbd
n00b
Joined: 12 Sep 2004
Posts: 21
Location: Akureyri, Iceland
|
| Posted: Sun Feb 20, 2005 6:06 pm Post subject: |
|
|
Thank you, I was not aware of this setting in the kernel, but I have tried probing both modules and I still have the same problem:
| Code: | [R] REST STREAM
[R] SIZE
[R] 211 End
[R] PWD
[R] 257 "/" is current directory.
[R] TYPE I
[R] 200 Type set to I
[L] PASV
[L] 227 Entering Passive Mode (81,15,36,144,241,0)
[R] PORT 81,15,36,144,241,0
[R] 200 PORT command successful
[R] STOR file.doc
|
Do you have any other suggestions, I have even tried the Windowz way and restarted and hoped for everything to work after that, nothing happens 
_________________
Frailty, thy name is woman! |
|
| Back to top |
|
|
j-m
Retired Dev
Joined: 31 Oct 2004
Posts: 975
|
| Posted: Sun Feb 20, 2005 9:21 pm Post subject: |
|
|
| fbd wrote: | Thank you, I was not aware of this setting in the kernel, but I have tried probing both modules and I still have the same problem:
|
I cannot see any problem from the log above...  |
|
| Back to top |
|
|
fbd
n00b
Joined: 12 Sep 2004
Posts: 21
Location: Akureyri, Iceland
|
| Posted: Mon Feb 21, 2005 1:11 am Post subject: |
|
|
Well, that is because there isn't any 
It just stoppes there with out any error or anything, I just don't understand this.
_________________
Frailty, thy name is woman! |
|
| Back to top |
|
|
fbd
n00b
Joined: 12 Sep 2004
Posts: 21
Location: Akureyri, Iceland
|
| Posted: Wed Feb 23, 2005 4:42 pm Post subject: RFC |
|
|
At least, any ideas on how I could debug this, what I should double check etc?
_________________
Frailty, thy name is woman! |
|
| Back to top |
|
|
linuxbum
Tux's lil' helper
Joined: 20 Dec 2003
Posts: 131
Location: USA
|
| Posted: Wed Feb 23, 2005 5:09 pm Post subject: |
|
|
fdp
Have Firewall admin to check logs and filter on the servers IP or the service FTP see if it is dropping your packet.
Please see this link http://slacksite.com/other/ftp.html
It explains how FTP really uses many ports other than 20&21..
Also try nmap to each server and see if FTP ports are open of filtered or blocked.
Bryan |
|
| Back to top |
|
|
j-m
Retired Dev
Joined: 31 Oct 2004
Posts: 975
|
| Posted: Thu Feb 24, 2005 9:19 am Post subject: |
|
|
| Are you talking about FXP (server-to-server) transfers? If so, you need fxp=1 option with modprobe. |
|
| Back to top |
|
|
fbd
n00b
Joined: 12 Sep 2004
Posts: 21
Location: Akureyri, Iceland
|
| Posted: Thu Feb 24, 2005 6:33 pm Post subject: |
|
|
| j-m wrote: | | Are you talking about FXP (server-to-server) transfers? If so, you need fxp=1 option with modprobe. |
That did the trick, I get reply code 150 
Thanks alot! 
_________________
Frailty, thy name is woman! |
|
| Back to top |
|
|
|
Networking & Security
