Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
pure-ftp
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
cf25
Apprentice
Apprentice


Joined: 20 Jun 2002
Posts: 158

PostPosted: Thu Jul 11, 2002 7:52 pm    Post subject: pure-ftp Reply with quote

well, i am running pure ftp and it works fine within my lan. in fact people can even connect to it from outside my lan. the problem is they cant get the directory listing. any ideas?

the address is 65.218.56.80:42 if you wanna try it
Back to top
View user's profile Send private message
delta407
Bodhisattva
Bodhisattva


Joined: 23 Apr 2002
Posts: 2876
Location: Chicago, IL

PostPosted: Thu Jul 11, 2002 7:56 pm    Post subject: Reply with quote

Are you behind a firewall or something that is doing NAT? If so, people on the other end of the pipe have to go into "passive" mode.
_________________
I don't believe in witty sigs.
Back to top
View user's profile Send private message
cf25
Apprentice
Apprentice


Joined: 20 Jun 2002
Posts: 158

PostPosted: Thu Jul 11, 2002 8:04 pm    Post subject: right Reply with quote

so what is NAT and how do i know if my router is doing it?
Back to top
View user's profile Send private message
delta407
Bodhisattva
Bodhisattva


Joined: 23 Apr 2002
Posts: 2876
Location: Chicago, IL

PostPosted: Thu Jul 11, 2002 8:18 pm    Post subject: Reply with quote

Did you have to do anything to open port 42? Also, if your FTP server isn't residing on 65.218.56.80 (like it has a different IP), you have to specify that in your configuration file.
_________________
I don't believe in witty sigs.
Back to top
View user's profile Send private message
cf25
Apprentice
Apprentice


Joined: 20 Jun 2002
Posts: 158

PostPosted: Thu Jul 11, 2002 8:25 pm    Post subject: Reply with quote

yeah i had to rout port 42 to my local ip on the lan
Back to top
View user's profile Send private message
Zu`
l33t
l33t


Joined: 26 May 2002
Posts: 716
Location: BE

PostPosted: Fri Jul 12, 2002 8:43 am    Post subject: Re: right Reply with quote

cf25 wrote:
so what is NAT and how do i know if my router is doing it?


http://linas.org/linux/load.html

It's fairly brief and worth the read.
For more specific information, like setting it up with iptables: http://www.tldp.org/
Back to top
View user's profile Send private message
klieber
Bodhisattva
Bodhisattva


Joined: 17 Apr 2002
Posts: 3657
Location: San Francisco, CA

PostPosted: Fri Jul 12, 2002 11:59 am    Post subject: Re: pure-ftp Reply with quote

cf25 wrote:
well, i am running pure ftp and it works fine within my lan. in fact people can even connect to it from outside my lan. the problem is they cant get the directory listing. any ideas?


FTP requires the use of two TCP ports. One is for control information (21, by default) and the other is for actual data (20, by default). From what you're describing, you've correctly routed the port for control information to your FTP server, but you have not done the same for the actual data port. (or its blocked at your firewall, etc.)

You might also try establishing a passive FTP connection instead of an active one -- if a firewall on the client side is causing a problem, this will often work around that issue. (passive FTP allows the client to establish the secondary data connection, rather than having the server establish it)

And, if all of this sounds like gibberish to you, then I suggest you do a little googling. :) There's lots and lots of information out there about this stuff.

--kurt
_________________
The problem with political jokes is that they get elected
Back to top
View user's profile Send private message
delta407
Bodhisattva
Bodhisattva


Joined: 23 Apr 2002
Posts: 2876
Location: Chicago, IL

PostPosted: Fri Jul 12, 2002 1:44 pm    Post subject: Re: pure-ftp Reply with quote

klieber wrote:
FTP requires the use of two TCP ports. One is for control information (21, by default) and the other is for actual data (20, by default).


Actually, in most modern FTP servers I've used, random ports are assigned. Not one of them used port 20. Fortunately, man pure-ftpd says:

Code:
       -N     NAT mode. Force active mode. If your FTP server is behind  a  NAT  box  that
              doesn't  support  applicative  FTP  proxying, or if you use port redirection
              without a transparent FTP proxy, use this.  Well...  the  previous  sentence
              isn't very clear. Okay: if your network looks like this:
              FTP--NAT.gateway/router--Internet
              and  if  you want people coming from the internet to have access to your FTP
              server, please try without this option first. If Netscape clients  can  con-
              nect  without  any problem, your NAT gateway rulez. If Netscape doesn't dis-
              play directory listings, your NAT gateway sucks. Use -N as a workaround.

_________________
I don't believe in witty sigs.
Back to top
View user's profile Send private message
klieber
Bodhisattva
Bodhisattva


Joined: 17 Apr 2002
Posts: 3657
Location: San Francisco, CA

PostPosted: Fri Jul 12, 2002 2:25 pm    Post subject: Re: pure-ftp Reply with quote

delta407 wrote:
Actually, in most modern FTP servers I've used, random ports are assigned. Not one of them used port 20.


Hmmm...sure that wasn't for passive FTP connections? Every FTP server I've used as always initiated data connections from port 20 on the server. Otherwise, it makes setting up FTP on the firewall a challenge since you have to figure out what port your FTP server expects to use for data connections.

In passive FTP, OTOH, the server does use random, unprivileged (> 1024) ports, though the client, and not the server, does the connecting in that case.

--kurt
_________________
The problem with political jokes is that they get elected
Back to top
View user's profile Send private message
delta407
Bodhisattva
Bodhisattva


Joined: 23 Apr 2002
Posts: 2876
Location: Chicago, IL

PostPosted: Fri Jul 12, 2002 8:37 pm    Post subject: Re: pure-ftp Reply with quote

klieber wrote:
Every FTP server I've used as always initiated data connections from port 20 on the server.


Most clients use passive mode by default nowadays, since a lot of people are NATed at home. And since he's not being firewalled, just NATed, it doesn't much matter what port connections originate from, so...
_________________
I don't believe in witty sigs.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum