Hi,

I Think you have a problem with your firewall configuration, Do you forward your
passive port (49152 65534 same a lot) on your private server ip adress ?

Best regard, stephane


Selon "ne..." :

> I am using Proftpd 1.3.0a on Fedora Core 6 with iptables off. A person
> connects to an external ip which then
> forwards all traffic to 192.168.10.11. I can login fine. My conf is
> listed below:
>
> DefaultRoot ~
> DefaultServer on
> SocketBindTight on
> UseReverseDNS off
> RootLogin off
> RequireValidShell off
>
> SQLAuthTypes Plaintext Crypt
> SQLAuthenticate users* groups*
> SQLConnectInfo ftp@localhost proftpd luvlyPassword
> SQLUserInfo ftpuser userid passwd uid gid homedir shell
> SQLGroupInfo ftpgroup groupname gid members
> SQLMinID 500
> SQLHomedirOnDemand on
> SQLLog PASS updatecount
> SQLNamedQuery updatecount UPDATE "count=count+1, accessed=now() WHERE
> userid='%u'" ftpuser
> SQLLog STOR,DELE modified
> SQLNamedQuery modified UPDATE "modified=now() WHERE userid='%u'" ftpuser
>
>
> TLSEngine on
> TLSLog /var/log/proftpd/tls.log
> TLSRequired off
> TLSProtocol SSLv23
> TLSRSACertificateFile /usr/local/etc/proftpd/server.crt
> TLSRSACertificateKeyFile /usr/local/etc/proftpd/server.key
> TLSCACertificateFile /usr/local/etc/proftpd/ca.crt
> TLSVerifyClient off
> TLSRenegotiate required off
>

>
> # Virtual host setup for port 990
>
> Port 990
> DefaultRoot ~
> MasqueradeAddress xxx.yyy.zzz.aaa
> SQLAuthTypes Plaintext Crypt
> SQLAuthenticate users* groups*
> SQLConnectInfo ftp@localhost proftpd luvlyPassword
> SQLUserInfo ftpuser userid passwd uid gid homedir shell
> SQLGroupInfo ftpgroup groupname gid members
> SQLMinID 500
> SQLHomedirOnDemand on
> SQLLog PASS updatecount
> SQLNamedQuery updatecount UPDATE "count=count+1,
> accessed=now()WHERE userid='%u'" ftpuser
> SQLLog STOR,DELE modified
> SQLNamedQuery modified UPDATE "modified=now() WHERE userid='%u'" ftpuser
> PassivePorts 49152 65534
> IdentLookups off
> RootLogin off
> RequireValidShell off
> # UseReverseDNS off
> #
> # DenyAll
> #

>
> TLSEngine on
> TLSLog /var/log/proftpd/tls.log
> TLSRequired off
> TLSRSACertificateFile /usr/local/etc/proftpd/server.crt
> TLSVerifyClient off
> TLSRenegotiate required off
>

>

>
>
> When I try to get listings of the directories, I get what is shown in
> the log snippet below:
>
> linux01.local (ext.ip[ext.ip]) - dispatching LOG_CMD command 'PASV' to
> mod_sql
> linux01.local (ext.ip[ext.ip]) - dispatching LOG_CMD command 'PASV' to
> mod_log
> linux01.local (ext.ip[ext.ip]) - dispatching PRE_CMD command 'LIST' to
> mod_tls
> linux01.local (ext.ip[ext.ip]) - dispatching PRE_CMD command 'LIST' to
> mod_core
> linux01.local (ext.ip[ext.ip]) - dispatching PRE_CMD command 'LIST' to
> mod_core
> linux01.local (ext.ip[ext.ip]) - dispatching CMD command 'LIST' to mod_ls
>
>
> Using fireftp, this is what is shown in the connexion window:
>
> 220 ProFTPD 1.3.0a Server (ProFTPD) [masq.address]
> AUTH TLS
> 234 AUTH TLS successful
> PBSZ 0
> 200 PBSZ 0 successful
> USER ftpxyz
> 331 Password required for ftpxyz.
> PASS (password not shown)
> 230 User ftpxyz logged in.
> FEAT
> 211-Features:
> MDTM
> REST STREAM
> SIZE
> AUTH TLS
> PBSZ
> PROT
> 211 End
> PWD
> 257 "/" is current directory.
> TYPE A
> 200 Type set to A
> PROT P
> 200 Protection set to Private
> PASV
> 227 Entering Passive Mode (masq,address,227,8).
> LIST
>
> Any pointers on how to fix this is much appreciated. I have trawled
> thru the list for the past year and not
> come across a solution to my problem.
>
> ne...
> --
> Registered Linux User # 125653 (http://counter.li.org)
> Now accepting personal mail for GMail invites.
>
> -------------------------------------------------------------------------
> This SF.net email is sponsored by: Microsoft
> Defy all challenges. Microsoft(R) Visual Studio 2008.
> http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
> _______________________________________________
> ProFTPD Users List
> Unsubscribe problems?
> http://www.proftpd.org/list-unsub.html
>




-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________
ProFTPD Users List
Unsubscribe problems?
http://www.proftpd.org/list-unsub.html