Re: [Proftpd-user] unable to ls with active ftp - proftpd
This is a discussion on Re: [Proftpd-user] unable to ls with active ftp - proftpd ; --===============1663174732==
Content-Type: multipart/alternative;
boundary="----=_Part_707_8783004.1206522014951"
------=_Part_707_8783004.1206522014951
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
hi !
chances are good that this is a firewall-issue: check to allow connections
like defined here:
http://www.proftpd.de/Active-Passive...tion.35.0.html
:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
...
-
Re: [Proftpd-user] unable to ls with active ftp
--===============1663174732==
Content-Type: multipart/alternative;
boundary="----=_Part_707_8783004.1206522014951"
------=_Part_707_8783004.1206522014951
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
hi !
chances are good that this is a firewall-issue: check to allow connections
like defined here:
http://www.proftpd.de/Active-Passive...tion.35.0.html
:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hi,
>
> I'm new to proftp and this is a fresh install. Any thots or suggestions
> will be greatly appreciated.
>
> PASV seems to work fine. I can ls and download with no trouble.
> However, in active mode, the client reports the error:
>
> ftp> passive
> Passive mode: off; fallback to active mode: off.
> ftp> ls
> 200 EPRT command successful
> 425 Unable to build data connection: Invalid argument
>
> The host is FreeBSD 7.0 amd64. It does have a firewall; but I see no
> change with the firewall completely defeated (e.g. rule 1 ===
> ~ allow from any to any
> ).
>
> Nothing elaborate in the config (included below).
>
> Sadly, the debug doesn't seem to report any errors:
>
> debug level 6:
>
> jack.vineyard.net (foobar.my.tld[::ffff:192.168.0.33]) - dispatching
> PRE_CMD command 'EPRT |1|192.168.0.33|53066|' to mod_tls
> jack.vineyard.net (foobar.my.tld[::ffff:192.168.0.33]) - dispatching
> PRE_CMD command 'EPRT |1|192.168.0.33|53066|' to mod_rewrite
> jack.vineyard.net (foobar.my.tld[::ffff:192.168.0.33]) - dispatching
> PRE_CMD command 'EPRT |1|192.168.0.33|53066|' to mod_core
> jack.vineyard.net (foobar.my.tld[::ffff:192.168.0.33]) - dispatching
> PRE_CMD command 'EPRT |1|192.168.0.33|53066|' to mod_core
> jack.vineyard.net (foobar.my.tld[::ffff:192.168.0.33]) - dispatching CMD
> command 'EPRT |1|192.168.0.33|53066|' to mod_core
> jack.vineyard.net (foobar.my.tld[::ffff:192.168.0.33]) - in
> dir_check_full(): path = '/usr/home/ericx', fullpath = '/usr/home/ericx'.
> jack.vineyard.net (foobar.my.tld[::ffff:192.168.0.33]) - dispatching
> LOG_CMD command 'EPRT |1|192.168.0.33|53066|' to mod_log
> jack.vineyard.net (foobar.my.tld[::ffff:192.168.0.33]) - dispatching
> PRE_CMD command 'LIST' to mod_tls
> jack.vineyard.net (foobar.my.tld[::ffff:192.168.0.33]) - dispatching
> PRE_CMD command 'LIST' to mod_rewrite
> jack.vineyard.net (foobar.my.tld[::ffff:192.168.0.33]) - dispatching
> PRE_CMD command 'LIST' to mod_core
> jack.vineyard.net (foobar.my.tld[::ffff:192.168.0.33]) - dispatching
> PRE_CMD command 'LIST' to mod_core
> jack.vineyard.net (foobar.my.tld[::ffff:192.168.0.33]) - dispatching CMD
> command 'LIST' to mod_ls
> jack.vineyard.net (foobar.my.tld[::ffff:192.168.0.33]) - dispatching
> LOG_CMD_ERR command 'LIST' to mod_log
> jack.vineyard.net (foobar.my.tld[::ffff:192.168.0.33]) - dispatching
> LOG_CMD_ERR command 'LIST' to mod_ls
>
>
> # This is a basic ProFTPD configuration file (rename it to
> # 'proftpd.conf' for actual use. It establishes a single server
> # and a single anonymous login. It assumes that you have a user/group
> # "nobody" and "ftp" for normal operation and anon.
>
> ServerName "Vineyard.NET"
> ServerType standalone
> DefaultServer on
> ScoreboardFile /var/run/proftpd.scoreboard
>
> # Port 21 is the standard FTP port.
> Port 21
>
> # Umask 022 is a good standard umask to prevent new dirs and files
> # from being group and world writable.
> Umask 022
>
> # To prevent DoS attacks, set the maximum number of child processes
> # to 30. If you need to allow more than 30 concurrent connections
> # at once, simply increase this value. Note that this ONLY works
> # in standalone mode, in inetd mode you should use an inetd server
> # that allows you to limit maximum number of processes per service
> # (such as xinetd).
> MaxInstances 30
>
> CommandBufferSize 512
>
> # Set the user and group under which the server will run.
> User ftpd
> Group ftpd
>
> # chroot all users (except group staff) to their home directory
> DefaultRoot ~ !staff
>
> # Normally, we want files to be overwriteable.
> AllowOverwrite on
>
> # Bar use of SITE CHMOD by default
>
> ~ DenyAll
>
>
> # for the sake of the firewall, we are going to restrict the available
> # passive ports
> PassivePorts 49152 65534
>
>
> thank you for your time.
>
> - --
> Eric W. Bates
> ericx@vineyard.net
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.8 (FreeBSD)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iEYEARECAAYFAkfpdsYACgkQD1roJTQ4LlFC5QCfS7dbRupqxs mdLByB9JJLIbeJ
> ooYAnRTSnFWoIwbNxq2aADV6F66/TuE4
> =VfJB
> -----END PGP SIGNATURE-----
>
> -------------------------------------------------------------------------
> Check out the new SourceForge.net Marketplace.
> It's the best place to buy or sell services for
> just about anything Open Source.
>
> http://ad.doubleclick.net/clk;164216...et/marketplace
> _______________________________________________
> ProFTPD Users List
> Unsubscribe problems?
> http://www.proftpd.org/list-unsub.html
>
------=_Part_707_8783004.1206522014951
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi,
I'm new to proftp and this is a fresh install. Any thots or suggestions
will be greatly appreciated.
PASV seems to work fine. I can ls and download with no trouble.
However, in active mode, the client reports the error:
ftp> passive
Passive mode: off; fallback to active mode: off.
ftp> ls
200 EPRT command successful
425 Unable to build data connection: Invalid argument
The host is FreeBSD 7.0 amd64. It does have a firewall; but I see no
change with the firewall completely defeated (e.g. rule 1 ===
~ allow from any to any
).
Nothing elaborate in the config (included below).
Sadly, the debug doesn't seem to report any errors:
debug level 6:
jack.vineyard.net (foobar.my.tld[::ffff:192.168.0.33]) - dispatching
PRE_CMD command 'EPRT |1|192.168.0.33|53066|' to mod_tls
jack.vineyard.net (foobar.my.tld[::ffff:192.168.0.33]) - dispatching
PRE_CMD command 'EPRT |1|192.168.0.33|53066|' to mod_rewrite
jack.vineyard.net (foobar.my.tld[::ffff:192.168.0.33]) - dispatching
PRE_CMD command 'EPRT |1|192.168.0.33|53066|' to mod_core
jack.vineyard.net (foobar.my.tld[::ffff:192.168.0.33]) - dispatching
PRE_CMD command 'EPRT |1|192.168.0.33|53066|' to mod_core
jack.vineyard.net (foobar.my.tld[::ffff:192.168.0.33]) - dispatching CMD
command 'EPRT |1|192.168.0.33|53066|' to mod_core
jack.vineyard.net (foobar.my.tld[::ffff:192.168.0.33]) - in
dir_check_full(): path = '/usr/home/ericx', fullpath = '/usr/home/ericx'.
jack.vineyard.net (foobar.my.tld[::ffff:192.168.0.33]) - dispatching
LOG_CMD command 'EPRT |1|192.168.0.33|53066|' to mod_log
jack.vineyard.net (foobar.my.tld[::ffff:192.168.0.33]) - dispatching
PRE_CMD command 'LIST' to mod_tls
jack.vineyard.net (foobar.my.tld[::ffff:192.168.0.33]) - dispatching
PRE_CMD command 'LIST' to mod_rewrite
jack.vineyard.net (foobar.my.tld[::ffff:192.168.0.33]) - dispatching
PRE_CMD command 'LIST' to mod_core
jack.vineyard.net (foobar.my.tld[::ffff:192.168.0.33]) - dispatching
PRE_CMD command 'LIST' to mod_core
jack.vineyard.net (foobar.my.tld[::ffff:192.168.0.33]) - dispatching CMD
command 'LIST' to mod_ls
jack.vineyard.net (foobar.my.tld[::ffff:192.168.0.33]) - dispatching
LOG_CMD_ERR command 'LIST' to mod_log
jack.vineyard.net (foobar.my.tld[::ffff:192.168.0.33]) - dispatching
LOG_CMD_ERR command 'LIST' to mod_ls
# This is a basic ProFTPD configuration file (rename it to
# 'proftpd.conf' for actual use. It establishes a single server
# and a single anonymous login. It assumes that you have a user/group
# "nobody" and "ftp" for normal operation and anon.
ServerName "Vineyard.NET"
ServerType standalone
DefaultServer on
ScoreboardFile /var/run/proftpd.scoreboard
# Port 21 is the standard FTP port.
Port 21
# Umask 022 is a good standard umask to prevent new dirs and files
# from being group and world writable.
Umask 022
# To prevent DoS attacks, set the maximum number of child processes
# to 30. If you need to allow more than 30 concurrent connections
# at once, simply increase this value. Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd).
MaxInstances 30
CommandBufferSize 512
# Set the user and group under which the server will run.
User ftpd
Group ftpd
# chroot all users (except group staff) to their home directory
DefaultRoot ~ !staff
# Normally, we want files to be overwriteable.
AllowOverwrite on
# Bar use of SITE CHMOD by default
<Limit SITE_CHMOD>
~ DenyAll
</Limit>
# for the sake of the firewall, we are going to restrict the available
# passive ports
PassivePorts 49152 65534
thank you for your time.
- --
Eric W. Bates
ericx@vineyard.net
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (FreeBSD)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAkfpdsYACgkQD1roJTQ4LlFC5QCfS7dbRupqxs mdLByB9JJLIbeJ
ooYAnRTSnFWoIwbNxq2aADV6F66/TuE4
=VfJB
-----END PGP SIGNATURE-----
-------------------------------------------------------------------------
Check out the new SourceForge.net Marketplace.
It's the best place to buy or sell services for
just about anything Open Source.
http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/marketplace
_______________________________________________
ProFTPD Users List <roftpd-users@proftpd.org">proftpd-users@proftpd.org>
Unsubscribe problems?
http://www.proftpd.org/list-unsub.html
------=_Part_707_8783004.1206522014951--
--===============1663174732==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
-------------------------------------------------------------------------
Check out the new SourceForge.net Marketplace.
It's the best place to buy or sell services for
just about anything Open Source.
http://ad.doubleclick.net/clk;164216...et/marketplace
--===============1663174732==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
ProFTPD Users List
Unsubscribe problems?
http://www.proftpd.org/list-unsub.html
--===============1663174732==--
