Hi list, I've a problem with vsftpd on C7.3. This is a dedicated server protected by a Zywall5. SELINUX is disabled.
This is my vsftpd configuration:
anonymous_enable=NO local_enable=YES write_enable=YES local_umask=022 dirmessage_enable=YES xferlog_enable=YES connect_from_port_20=YES xferlog_file=/var/log/vsftpd.log xferlog_std_format=YES idle_session_timeout=600 data_connection_timeout=120 ftpd_banner=Welcome listen=YES listen_port=21 pasv_enable=YES pasv_min_port=50000 pasv_max_port=50100 pasv_address=public-ip port_enable=YES pasv_addr_resolve=NO listen_ipv6=NO pam_service_name=vsftpd userlist_enable=YES tcp_wrappers=YES
Connecting from localhost to the local ip with ftp command, I've no problems. If I try to connect from remote host to the ftp server I got some problems.
Connecting from my workstation I can log in with user and pwd but when listing I get:
230 Login successful. Remote system type is UNIX. Using binary mode to transfer files. ftp> ls 227 Entering Passive Mode (188,213,172,158,206,207) ftp: connect: Connection refused ftp>
Seems to be a firewall (zywall5) problem. On server firewalld is disabled and there are not iptables rules.
So I've open port 20,21,50000:50100 from my ip to server ip. The problem persists.
I've tried to open all ports (Using Any TCP and Any UDP) but the problem persists.
I've tried with another local server with the same vsftpd configuration and I've reproduced the problem by closing all ports with iptables. I get the same messages but after enabling specified ports with iptables on server the issue is solved.
How I can solve this issue on remote server?
THanks in advance.
Hi list, I've an update:
I've changed listen_port from 21 to 10021 restarted again vsftpd and problem is solved.
I can't understand whats happened.
Any ideas?
Il 15/02/2017 13:37, Alessandro Baggi ha scritto:
Hi list, I've a problem with vsftpd on C7.3. This is a dedicated server protected by a Zywall5. SELINUX is disabled.
This is my vsftpd configuration:
anonymous_enable=NO local_enable=YES write_enable=YES local_umask=022 dirmessage_enable=YES xferlog_enable=YES connect_from_port_20=YES xferlog_file=/var/log/vsftpd.log xferlog_std_format=YES idle_session_timeout=600 data_connection_timeout=120 ftpd_banner=Welcome listen=YES listen_port=21 pasv_enable=YES pasv_min_port=50000 pasv_max_port=50100 pasv_address=public-ip port_enable=YES pasv_addr_resolve=NO listen_ipv6=NO pam_service_name=vsftpd userlist_enable=YES tcp_wrappers=YES
Connecting from localhost to the local ip with ftp command, I've no problems. If I try to connect from remote host to the ftp server I got some problems.
Connecting from my workstation I can log in with user and pwd but when listing I get:
230 Login successful. Remote system type is UNIX. Using binary mode to transfer files. ftp> ls 227 Entering Passive Mode (188,213,172,158,206,207) ftp: connect: Connection refused ftp>
Seems to be a firewall (zywall5) problem. On server firewalld is disabled and there are not iptables rules.
So I've open port 20,21,50000:50100 from my ip to server ip. The problem persists.
I've tried to open all ports (Using Any TCP and Any UDP) but the problem persists.
I've tried with another local server with the same vsftpd configuration and I've reproduced the problem by closing all ports with iptables. I get the same messages but after enabling specified ports with iptables on server the issue is solved.
How I can solve this issue on remote server?
THanks in advance.
-
Alessandro Baggi