You are not logged in.
Hi, ive installed vsFTPd and configure it.
I can log in localy, and it works great, but anyone from outside can succesfully connect. And i dont know why.
Ive searched in google for more that 5 hours but still have the same problem.
# vsftpd.conf
listen=YES
listen_port=21
background=YES
listen_address=192.169.129.59
ftp_data_port=20
port_enable=YES
pasv_enable=YES
pasv_min_port=44400
pasv_max_port=44499
pasv_address=24.24.24.24
connect_from_port_20=YES
anonymous_enable=YES
anon_root=/pub
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
ftpd_banner=Welcome to blah FTP service.
iptables -L:
[jk@arch4linux ~]$ sudo iptables -L
Contraseña:
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Is something wrong here?
OS -----> Arch Linux DE -----> KDE4
CPU ---> 2.66GHz RAM ---> 512 MB
SWAP -> 2 G / -------> 10 G
/home -> 50 G /boot ---> 64 MB
Offline
/etc/hosts.allow ?
Offline
Offline
@djszapi: obviously iptables is not "running". there are no rules set.
@B4RR13N705:
what do you mean with locally and externally?
same pc, lan or wan? is it only a local server?
i think it has smth to do with the "listen_address=192.169.129.59" entry...
or with hosts.allow/deny:
add
"
vsftpd : ALL : ALLOW
"
to your /etc/hosts.allow file.
Offline
@djszapi: obviously iptables is not "running". there are no rules set.
@B4RR13N705:
what do you mean with locally and externally?
same pc, lan or wan? is it only a local server?
i think it has smth to do with the "listen_address=192.169.129.59" entry...
or with hosts.allow/deny:
add
"
vsftpd : ALL : ALLOW
"
to your /etc/hosts.allow file.
With localy and externaly i mean, that i can connect to the FTP from the same computer, but no one from outside can...
the listen_address=192.169.129.59 is because, my eth0 ip is 192.169.129.59.
IM really newbie on all this networking stufff...
OS -----> Arch Linux DE -----> KDE4
CPU ---> 2.66GHz RAM ---> 512 MB
SWAP -> 2 G / -------> 10 G
/home -> 50 G /boot ---> 64 MB
Offline
are you using the ftp server on a lan or over the internet.
192.169.129.59 is a _private_ ip address (http://en.wikipedia.org/wiki/Private_network)
try omitting the listen_address entry. afais it's used only for virtual ips (http://viki.brainsware.org/?en/FAQ -> "Help! Does vsftpd do virtual hosting setups?" section).
but first try setting entries in /etc/hosts.allow as formerly suggested.
Offline
I have the same problem with a play ftp server / internet connection sharing router
The problem is nobody from outside can connect and I think iptables does a good job:
iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
REJECT udp -- anywhere anywhere udp dpt:bootps reject-with icmp-port-unreachable
REJECT udp -- anywhere anywhere udp dpt:domain reject-with icmp-port-unreachable
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh
DROP tcp -- anywhere anywhere tcp dpts:0:1023
DROP udp -- anywhere anywhere udp dpts:0:1023Chain FORWARD (policy DROP)
target prot opt source destination
DROP all -- anywhere 192.168.0.0/16
ACCEPT all -- 192.168.0.0/16 anywhere
ACCEPT all -- anywhere 192.168.0.0/16Chain OUTPUT (policy ACCEPT)
target prot opt source destination
how do i open port 20 and 21?
I tryed what I found on the net:
iptables -t filter -A OUTPUT -p tcp –dport 20:21 -j ACCEPT
Bad argument `–dport'
Try `iptables -h' or 'iptables --help' for more information.
any ideeas would be great.
LATER: solution found
iptables -I INPUT -p tcp --dport 21 -j ACCEPT
iptables -I INPUT -p udp --dport 20 -j ACCEPT
Last edited by Cosmin (2009-09-10 20:59:38)
Offline