Fedora Linux Support Community & Resources Center
  #1  
Old 15th June 2010, 04:50 PM
Beralus Offline
Registered User
 
Join Date: Dec 2007
Posts: 69
linuxfedorafirefox
vsftpd problem

vsftpd works fine ( i 've tested in LAN aloso)
but nobody could not connect fromi nternet (WAN)
router configured properly
all servers from ssh to httpd works fine ,except vsftpd
Any ideas? thanks for any attention.
(selinux disabled)
//------------------------
Code:
[root@compname:/var/www/html] # cat /etc/vsftpd/vsftpd.conf
anonymous_enable=NO
dirlist_enable=YES
local_enable=YES
write_enable=YES
anon_upload_enable=YES
anon_mkdir_write_enable=YES
anon_other_write_enable=YES
anon_world_readable_only=NO
chroot_local_user=YES
guest_enable=YES
connect_timeout=150
data_connection_timeout=500
dirmessage_enable=YES
connect_from_port_20=YES
pam_service_name=/etc/pam.d/vsftpd
user_sub_token=$USER
guest_username=virtualftp
local_root=/home/vweb/$USER
listen=YES
listen_port=21
#pasv_min_port=30000
pasv_max_port=1024
accept_timeout=200
#listen_ipv6=YES
ftpd_banner=welcome
xferlog_enable=YES
/////------------------------------------------

Code:
[root@compname:/var/www/html] # cat /etc/pam.d/vsftpd
#%PAM-1.0
##session    optional     pam_keyinit.so    force revoke
##auth       required	pam_listfile.so item=user sense=deny file=/etc/vsftpd/ftpusers 
##onerr=succeed
##auth       required	pam_shells.so
##auth       include	password-auth
##account    include	password-auth
##session    required     pam_loginuid.so
##session    include	password-auth
auth    required /lib/security/pam_userdb.so db=/etc/vsftpd/vsftpd_users
account required /lib/security/pam_userdb.so db=/etc/vsftpd/vsftpd_users
#session required pam_loginuid.so
[root@compname:/var/www/html] #
[/code]

Code:
[root@compname:/var/www/html] # service vsftpd start
Starting vsftpd for vsftpd:                                [  OK  ]
[root@compname:/var/www/html] #
///-----------------------------------

Code:
[root@compname:/var/www/html] # ftp localhost
Trying ::1...
ftp: connect to address ::1Connection refused
Trying 127.0.0.1...
Connected to localhost (127.0.0.1).
220 welcome
Name (localhost:me): virt2
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> ls
227 Entering Passive Mode (127,0,0,1,234,252).
150 Here comes the directory listing.
drwx------    2 502      501          4096 Jun 16 09:55 New Folder
-rw-------    1 502      501             0 Jun 16 06:53 virt2.txt
226 Directory send OK.
ftp>


---------- Post added at 07:50 AM CDT ---------- Previous post was at 07:43 AM CDT ----------

b.t.w , i know these
connect_timeout=150
data_connection_timeout=500
pasv_max_port=1024
accept_timeout=200
are not nomal at all ...
Reply With Quote
  #2  
Old 15th June 2010, 06:01 PM
Keldorn Offline
Registered User
 
Join Date: Jun 2008
Location: Russia
Age: 26
Posts: 517
linuxfedorafirefox
Re: vsftpd problem

What about iptables?
pasv_max_port =1024. So you should run vsftpd with root privileges.
Reply With Quote
  #3  
Old 15th June 2010, 07:08 PM
Beralus Offline
Registered User
 
Join Date: Dec 2007
Posts: 69
linuxfedorafirefox
Re: vsftpd problem

Quote:
Originally Posted by Keldorn View Post
What about iptables?
pasv_max_port =1024. So you should run vsftpd with root privileges.
Code:
[root@compname:/etc] # iptables --list |grep 1024
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:1024 
[root@compname:/etc] # iptables --list |grep ftp
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:ftp

nothing changed after next config

anonymous_enable=NO
dirlist_enable=YES
local_enable=YES
write_enable=YES
anon_upload_enable=YES
anon_mkdir_write_enable=YES
anon_other_write_enable=YES
anon_world_readable_only=NO
chroot_local_user=YES
guest_enable=YES
dirmessage_enable=YES
connect_from_port_20=YES
pam_service_name=/etc/pam.d/vsftpd
user_sub_token=$USER
guest_username=virtualftp
local_root=/home/vweb/$USER
listen=YES
listen_port=21
ftpd_banner=welcome
xferlog_enable=YES
Reply With Quote
  #4  
Old 15th June 2010, 07:13 PM
Keldorn Offline
Registered User
 
Join Date: Jun 2008
Location: Russia
Age: 26
Posts: 517
linuxfedorafirefox
Re: vsftpd problem

I was talking about nf_conntrack_ftp module for FTP.
While trying to find why something don't work - don't just look at possible causes of things - remove them for a period of testing. So just disable firewall and try to connect.
Do you really understand what I am talking about?
Vsftpd running under VSFTPD user. In order to work with ports below 1024 it should have root privileges
Reply With Quote
  #5  
Old 15th June 2010, 07:20 PM
Beralus Offline
Registered User
 
Join Date: Dec 2007
Posts: 69
linuxfedorafirefox
Re: vsftpd problem

ok, i've disabled firewall , please test ftp://virt2:123@213.154.4.24 if you have a litle spare time
SElinux and firewall switched off

---------- Post added at 10:20 AM CDT ---------- Previous post was at 10:17 AM CDT ----------

is there result?
Reply With Quote
  #6  
Old 15th June 2010, 07:21 PM
Keldorn Offline
Registered User
 
Join Date: Jun 2008
Location: Russia
Age: 26
Posts: 517
linuxfedorafirefox
Re: vsftpd problem

Ok, I have found your problem -) It is in router.
To solve it you should to determine port range in vsftpd with pasv_max_port and pasv_min_port and make forwarding on this ports in your router.
when it will be done everything should be ok.
Reply With Quote
  #7  
Old 15th June 2010, 07:38 PM
Beralus Offline
Registered User
 
Join Date: Dec 2007
Posts: 69
linuxfedorafirefox
Re: vsftpd problem

Current config :
may be 20-th port???

anonymous_enable=NO
dirlist_enable=YES
local_enable=YES
write_enable=YES
anon_upload_enable=YES
anon_mkdir_write_enable=YES
anon_other_write_enable=YES
anon_world_readable_only=NO
chroot_local_user=YES
guest_enable=YES
dirmessage_enable=YES
connect_from_port_20=YES
pam_service_name=/etc/pam.d/vsftpd
user_sub_token=$USER
guest_username=virtualftp
local_root=/home/vweb/$USER
listen=YES
listen_port=21
ftpd_banner=welcome
xferlog_enable=YES

---------- Post added at 10:25 AM CDT ---------- Previous post was at 10:22 AM CDT ----------

forfarding in router:
Server Name External Port Start External Port End Protocol Internal Port Start Internal Port End Server IP Address
FTP20 20 20 TCP 20 20 192.168.1.65
FTP Server 21 2 1 TCP 21 21 192.168.1.65

---------- Post added at 10:27 AM CDT ---------- Previous post was at 10:25 AM CDT ----------

and my only hesistaion is the router, but it does not seems wrong

---------- Post added at 10:37 AM CDT ---------- Previous post was at 10:27 AM CDT ----------

in /var/log/vsftpd.log i see even next lines:

Wed Jun 16 23:17:57 2010 [pid 2] CONNECT: Client ""XX.XXX.XXX.XX1"
Wed Jun 16 23:17:58 2010 [pid 1] [virt2] OK LOGIN: "XX.XXX.XXX.XX1"
Wed Jun 16 23:18:37 2010 [pid 2] CONNECT: Client "XX.XXX.XXX.XX1"
Wed Jun 16 23:18:37 2010 [pid 1] [virt2] OK LOGIN: Client "XX.XXX.XXX.XX1"

---------- Post added at 10:38 AM CDT ---------- Previous post was at 10:37 AM CDT ----------

zaebal moi mozgi et fignya uje s utra
Reply With Quote
  #8  
Old 15th June 2010, 08:05 PM
Keldorn Offline
Registered User
 
Join Date: Jun 2008
Location: Russia
Age: 26
Posts: 517
linuxfedorafirefox
Re: vsftpd problem

It may look like this
where 20101-20201 used for FTP service.
P.S. Bad idea to use this words here.
Reply With Quote
  #9  
Old 15th June 2010, 08:29 PM
Beralus Offline
Registered User
 
Join Date: Dec 2007
Posts: 69
linuxfedorafirefox
Re: vsftpd problem

Quote:
now min/max passive ports configured.
Will you try to connect?

current config:

[root@compname:/var/log] # cat /etc/vsftpd/vsftpd.conf
anonymous_enable=NO
dirlist_enable=YES
local_enable=YES
write_enable=YES
anon_upload_enable=YES
anon_mkdir_write_enable=YES
anon_other_write_enable=YES
anon_world_readable_only=NO
chroot_local_user=YES
guest_enable=YES
connect_timeout=120
#data_connection_timeout=500
dirmessage_enable=YES
connect_from_port_20=YES
pam_service_name=/etc/pam.d/vsftpd
user_sub_token=$USER
guest_username=virtualftp
local_root=/home/vweb/$USER
listen=YES
listen_port=21
pasv_min_port=1022
pasv_max_port=1024
#accept_timeout=200
#listen_ipv6=YES
ftpd_banner=welcome
xferlog_enable=YES
#pasv_enable=NO
[root@compname:/var
Reply With Quote
Reply

Tags
problem, vsftpd

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Problem with vsftpd Rosoft Security and Privacy 5 20th February 2007 01:02 AM
vsftpd problem senzacionale Using Fedora 2 23rd July 2005 05:42 AM
vsftpd problem senzacionale Using Fedora 6 4th July 2005 03:09 PM
Another vsftpd problem sstevens Servers & Networking 6 3rd March 2005 12:26 PM


Current GMT-time: 08:08 (Monday, 20-10-2014)

TopSubscribe to XML RSS for all Threads in all ForumsFedoraForumDotOrg Archive
logo

All trademarks, and forum posts in this site are property of their respective owner(s).
FedoraForum.org is privately owned and is not directly sponsored by the Fedora Project or Red Hat, Inc.

Privacy Policy | Term of Use | Posting Guidelines | Archive | Contact Us | Founding Members

Powered by vBulletin® Copyright ©2000 - 2012, vBulletin Solutions, Inc.

FedoraForum is Powered by RedHat
Nagarote Photos - Radcliffe Travel Photos - Serik Instagram Photos