[sllug-members]: FTP Problems

Adam Barrett dragen at gmail.com
Tue Aug 22 12:27:04 MDT 2006 

I am not running any firewall on this server.

I have tried both passive and not... still no better.

On 8/22/06, Corey Edwards <tensai at zmonkey.org> wrote:
> On Tue, 2006-08-22 at 09:25 -0600, Adam Barrett wrote:
> > Hey all!
> >
> > I am running SuSE 10.0, with Lampp/Xampp, with Proftp as the server.
> >
> > When people connect they are validating all right, but then the server
> > is failing to make connections/sockets, I can't even get directory
> > info.
> >
> > When I login locally and do a loopback to the FTP it works fine, also
> > from inside my own network (any machine) I am able to connect just
> > fine.
>
> It sounds like the classic Active vs. Passive issue. FTP uses two ports.
> Port 21 is used for control traffic. It is opened by the client. With
> active data transfers, the client opens a listen port, tells the server
> what the port is and the server opens a return connection to the client.
> That happens for every file that is sent. You can probably see how a
> firewall would get in the way. Generally it's a firewall problem on the
> client side.
>
> The other option is passive ftp where instead of the server connecting
> back to the client, the client opens a second connection to the server
> for the data transfer.
>
> Check and see whether your client is using active or passive ftp. Most,
> if not all, ftp clients now try passive by default because of all the
> firewall and NAT problems we now have.
>
> Make sure you don't have too strict of a firewall on your server. It
> needs to allow inbound connections on port 20 for passive transfers to
> work. It also needs to be able to open outgoing connections from port 20
> for active transfers.
>
> Now would also be a good time to become familiar with tcpdump if you're
> not already. Here's a couple you could try.
>
>         # tcpdump -np -s 1500 port 20 or port 21
>         # tcpdump -np -s 1500 host <client ip>
>
> Corey
>
>
>
> ______________________________________________________________________
> See http://www.sllug.org/ for latest SLLUG news, information, links.
> Join SLLUG and other UT LUG members on irc.FreeNode.net channel #Utah
> sllug-members at sllug.org
> http://www.sllug.org/cgi-bin/mailman/listinfo/sllug-members
>
>
>
>


-- 
Adam Barrett
dragen at gmail.com

More information about the sllug-members mailing list