Hopefully you can help me out. I've had this same problem since i
started using proftpd. Anybody outside my router, can only hit my ftp
site with internet explorer. Any gecko based browser doesn't work from
outside. (inside my network, they work fine) The browser
(netscape/mozilla) will give a "connection refused" error. I can see
the client hit my box while running proftpd in debug mode. I use the
non-inetd option because I like to be able to turn it on or off at my
discretion. In the router have forwarded ports 20 and 21 to my mandrake
box. I'm including the text of my debug error messages. I'm using
"passive mode" but it seems to me if IE works, then why can't netscape?
In fact IE will work even from win4lin.
(note: I replace the last two digits of my buddy's IP with "**" to
protect his privacy)
proftpd -n -d2
localhost.localdomain - ProFTPD 1.2.5rc1 (release) (built Fri Feb 22
12:25:28 EST 2002) standalone mode STARTUP
localhost.localdomain
(adsl-65-66-148-**.dsl.kscymo.swbell.net[65.66.148.**]) - FTP session
opened.
localhost.localdomain
(adsl-65-66-148-**.dsl.kscymo.swbell.net[65.66.148.**]) - ANON
anonymous: Login successful.
localhost.localdomain
(adsl-65-66-148-**.dsl.kscymo.swbell.net[65.66.148.**]) - Preparing to
chroot() the environment, path = '/mnt/win_c2'
localhost.localdomain
(adsl-65-66-148-**.dsl.kscymo.swbell.net[65.66.148.**]) - Environment
successfully chroot()ed.
localhost.localdomain
(adsl-65-66-148-**.dsl.kscymo.swbell.net[65.66.148.**]) - Linuxprivs:
capabilities '= cap_net_bind_service+ep'.
localhost.localdomain
(adsl-65-66-148-**.dsl.kscymo.swbell.net[65.66.148.**]) - Entering
Passive Mode (192,168,1,101,131,8).
localhost.localdomain
(adsl-65-66-148-**.dsl.kscymo.swbell.net[65.66.148.**]) - FTP session
opened.
That's as far as it gets. User gets "connection refused error" then
proftpd reports following:
localhost.localdomain
(adsl-65-66-148-**.dsl.kscymo.swbell.net[65.66.148.**]) - FTP no
transfer timeout, disconnected.
localhost.localdomain
(adsl-65-66-148-**.dsl.kscymo.swbell.net[65.66.148.**]) - FTP no
transfer timeout, disconnected.
Now with IE from same user on a windows machine in his network (he also
has a linksys router BEFSR41)
proftpd -n -d2
localhost.localdomain - ProFTPD 1.2.5rc1 (release) (built Fri Feb 22
12:25:28 EST 2002) standalone mode STARTUP
localhost.localdomain
(adsl-65-66-148-**.dsl.kscymo.swbell.net[65.66.148.**]) - FTP session
opened.
localhost.localdomain
(adsl-65-66-148-**.dsl.kscymo.swbell.net[65.66.148.**]) - ANON
anonymous: Login successful.
localhost.localdomain
(adsl-65-66-148-**.dsl.kscymo.swbell.net[65.66.148.**]) - Preparing to
chroot() the environment, path = '/mnt/win_c2'
localhost.localdomain
(adsl-65-66-148-**.dsl.kscymo.swbell.net[65.66.148.**]) - Environment
successfully chroot()ed.
localhost.localdomain
(adsl-65-66-148-**.dsl.kscymo.swbell.net[65.66.148.**]) - Linuxprivs:
capabilities '= cap_net_bind_service+ep'.
localhost.localdomain
(adsl-65-66-148-**.dsl.kscymo.swbell.net[65.66.148.**]) - Transfer
completed: 7160127 bytes in 163.07 seconds.
Notice he downloaded a file from me
I notice there's no "passive mode" message with the IE browser. Is
there a way to "trick" netscape/mozilla to using a different method?
Here's my configs:
proftpd.conf
# This is a basic ProFTPD configuration file (rename it to
# 'proftpd.conf' for actual use. It establishes a single server
# and a single anonymous login. It assumes that you have a user/group
# "nobody" and "ftp" for normal operation and anon.
ServerName "ProFTPD Default Installation"
ServerType standalone
DefaultServer on
# Allow FTP resuming.
# Remember to set to off if you have an incoming ftp for upload.
AllowStoreRestart on
# Port 21 is the standard FTP port.
Port 21
# Umask 022 is a good standard umask to prevent new dirs and files
# from being group and world writable.
Umask 022
# To prevent DoS attacks, set the maximum number of child processes
# to 30. If you need to allow more than 30 concurrent connections
# at once, simply increase this value. Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd)
MaxInstances 30
# Set the user and group that the server normally runs at.
User nobody
Group nogroup
# Normally, we want files to be overwriteable.
<Directory /*>
AllowOverwrite on
</Directory>
# Needed for NIS.
PersistentPasswd off
# Default root can be used to put users in a chroot environment.
# As an example if you have a user foo and you want to put foo in /home/foo
# chroot environment you would do this:
#
# DefaultRoot /home/foo foo
Include /etc/proftpd-anonymous.conf
And proftp-anonymous.conf
# A basic anonymous configuration, no upload directories.
<Anonymous /mnt/win_c2/>
User ftp
Group ftp
# We want clients to be able to login with "anonymous" as well as "ftp"
UserAlias anonymous ftp
# Limit the maximum number of anonymous logins
MaxClients 10
# Don't make it require a valid password or shell.
RequireValidShell off
AnonRequirePassword off
# We want 'welcome.msg' displayed at login, and '.message' displayed
# in each newly chdired directory.
#DisplayLogin welcome.msg
#DisplayFirstChdir .message
# Limit WRITE everywhere in the anonymous chroot
<Limit WRITE>
DenyAll
</Limit>
</Anonymous>
There's the info. Thanks in advance to any suggestions you send me.
Want to buy your Pack or Services from MandrakeSoft?
Go to http://www.mandrakestore.com
