[CentOS] vsftpd and active mode connections causes FTP session to hang
John R Pierce
pierce at hogranch.com
Fri Jun 6 03:04:15 UTC 2008
Filipe Brandenburger wrote:
> On Thu, Jun 5, 2008 at 2:05 PM, Timothy Selivanow
> <timothy.selivanow at virtualxistenz.com> wrote:
>
>> things like 'put' and 'get', etc.), the connection hangs. If you wait a
>> bit it returns with a "425 Failed to establish connection". I've tried
>>
>
> Is the FTP client behind NAT? If it is then active FTP won't work,
> since the client will request the server to connect to the internal
> IP.
>
its somewhat more complex than that. many NAT boxes (home routers,
etc) recognize FTP on port 21, and monitor the PORT commands, and mangle
them automatically. A linux masquerading server can do this too, with
the right ip_masq module. if the FTP is running on a nonstandard
port other than 21, the automagic stuff won't work. If the FTP
/server/ is behind NAT using a port forward, it also gets messy.
there's a detailed discussion of these and other salient points here,
http://www.ncftp.com/ncftpd/doc/misc/ftp_and_firewalls.html it bears
reading carefully.
More information about the CentOS
mailing list