(linux-br)Proftpd conecta mas =?iso-8859-1?q?n=E3o_permite?=listar

Fri, 14 Jan 2005 10:31:08 -0800 

Caros Amigos,

Uso Conectiva Linux Servidor 10.
Instalei com os seguintes servi�os:

a) Servidor www (httpd) em http://mbtec.no-ip.org:1313
b) Servidor de ftp(proftpd) em ftp://mbtec.no-ip.org:2222
c) Servidor de email (postfix)

Utilizou ADSL Brasiltelecom IP Din�mico.
Cadastrei em www.no-ip.com e utilizo como servidor web no endere�o:

O problema est� no servi�o de FTP. Os clientes conectam (controlo a entrada
no servidor pelo comando ftptop), mas n�o conseguem listar as pastas. Ocorre o 
erro:

 200 Type set to A
500 illegal port
500 LPRT not understood

Agrade�o a aten��o e aux�lio.

Seguem arquivos de configura��o para eventuais consultas a resposta.

***************************************
Lista de pastas do /srv com as permiss�es.
****************************************
# ls -l /srv

 total 28
drwxr-xr-x 6 root root 4096 2005-01-06 18:39 cvs
drwxrwxrwx 8 nobody nobody 4096 2005-01-10 16:33 ftp
drwx------ 2 root root 16384 2005-01-06 18:10 lost+found
drwxr-xr-x 3 root root 4096 2005-01-06 18:38 www

Pastas do /srv
anonymous bin etc incoming lib pub teste

# ls -l
total 28
drwxrwxrwx 2 ftp ftp 4096 2005-01-10 23:16 anonymous
d--x--x--x 2 root root 4096 2005-01-07 13:31 bin
d--x--x--x 2 root root 4096 2005-01-07 13:31 etc
drwxrwxrwx 2 ftp ftp 4096 2005-01-10 23:16 incoming
drwxr-xr-x 2 root root 4096 2005-01-07 13:31 lib
drwxr-sr-x 2 root ftp 4096 2004-05-01 14:05 pub
-rw-r--r-- 1 ftp ftp 72 2005-01-07 14:21 teste

*********************************
CONFIGURA��O DO PROFTPD
*********************************
/etc/proftpd.conf
ServerName "ProFTPD - Default Instalation"
ServerType standalone
DefaultServer on
ScoreboardFile /var/run/proftpd/scoreboard
DeferWelcome on
ServerAdmin [EMAIL PROTECTED]
SyslogFacility AUTH
Port 2222
Umask 022
MaxInstances 30
DefaultRoot ~
User ftp
Group ftp
Directory /*>
AllowOverwrite no
</Directory>
<Anonymous /srv/ftp/anonymous>
User ftp
Group ftp
DirFakeUser on ftp
DirFakeGroup on ftp
RequireValidShell off
UserAlias anonymous ftp
MaxClients 10 "Sorry, max %m users -- try again later"
MaxClientsPerHost 2 "Muitas conex�es simult�neas - Tente mais tarde"
DisplayLogin welcome.msg
DisplayFirstChdir .message
AccessGrantMsg "Anonymous access granted for %u."
<Directory *>
<Limit WRITE>
DenyAll
</Limit>
</Directory>
<Directory /srv/ftp/incoming>
Umask 022 022
<Limit READ WRITE>
DenyAll
</Limit>
<Limit STOR>
AllowAll
</Limit>
GroupOwner ftp
UserOwner ftp
</Directory>
</Anonymous>

***************************
/etc/services
***************************
ftp-data 2121/tcp # File Transfer [Default Data]
ftp-data 2121/udp
ftp 2222/udp # File Transfer [Control]
ftp 2222/tcp

***************************
/etc/resolv.conf
***************************
search imagembureau.com.br
nameserver 200.193.65.26
nameserver 200.193.65.1
nameserver 192.168.0.1

***************************
/etc/hosts
****************************
127.0.0.1 localhost.localdomain localhost
192.168.0.1 roteador.imagembureau.com.br roteador

***************************
/etc/sysconfig/networks
***************************
NETWORKING=yes
HOSTNAME=roteador.imagembureau.com.br

***************************
/etc/hosts.conf
***************************
order hosts,bind
multi on

***************************
/etc/sysconfig/network-scripts/ifcfg-eth0
****************************
GATEWAY=192.168.7.105
BOOTPROTO=none
HOSTNAME=roteador
DEVICE=eth0
NETMASK=255.255.255.248
IPADDR=192.168.7.106
NETWORK=192.168.7.104
ONBOOT=yes
DOMAIN=imagembureau.com.br

***************************
/etc/sysconfig/network-scripts/ifcfg-eth1
***************************
BOOTPROTO=none
HOSTNAME=roteador
DEVICE=eth1
NETMASK=255.255.255.0
IPADDR=192.168.0.1
NETWORK=192.168.0.0
ONBOOT=yes
DOMAIN=imagembureau.com.br

***************************
CONFIGURA��O DO DNS
***************************
/var/named/var/named/named.hosts
$TTL 43200
imagembureau.com.br. IN SOA roteador.imagembureau.com.br. 
root.imagembureau.com

2005011000 ; serial
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum

; SERVIDOR DE REDE LOCAL
localhost IN A 127.0.0.1

; SERVIDOR DE DNS PRIMARIO
imagembureau.com.br. IN NS roteador.imagembureau.com.br.
imagembureau.com.br. IN A 192.168.0.1

; SERVIDOR DE EMAIL PRIMARIO
imagembureau.com.br. IN MX 0 roteador.imagembureau.com.br.

; OUTROS SERVIDORES
mail.imagembureau.com.br. IN CNAME roteador.imagembureau.com.br.
pop.imagembureau.com.br. IN CNAME roteador.imagembureau.com.br.
ftp.imagembureau.com.br. IN CNAME roteador.imagembureau.com.br.
www.imagembureau.com.br. IN CNAME roteador.imagembureau.com.br.

; CLIENTES
maq10.imagembureau.com.br. IN A 192.168.0.10
maq11.imagembureau.com.br. IN A 192.168.0.11
maq12.imagembureau.com.br. IN A 192.168.0.12
maq13.imagembureau.com.br. IN A 192.168.0.13
maq14.imagembureau.com.br. IN A 192.168.0.14
maq15.imagembureau.com.br. IN A 192.168.0.15
maq20.imagembureau.com.br. IN A 192.168.0.20
maq21.imagembureau.com.br. IN A 192.168.0.21
maq22.imagembureau.com.br. IN A 192.168.0.22
maq23.imagembureau.com.br. IN A 192.168.0.23
maq24.imagembureau.com.br. IN A 192.168.0.24
maq25.imagembureau.com.br. IN A 192.168.0.25
maq30.imagembureau.com.br. IN A 192.168.0.30
maq31.imagembureau.com.br. IN A 192.168.0.31
maq32.imagembureau.com.br. IN A 192.168.0.32
maq33.imagembureau.com.br. IN A 192.168.0.33
maq34.imagembureau.com.br. IN A 192.168.0.34
maq35.imagembureau.com.br. IN A 192.168.0.35

***************************
/var/named/var/named/named.rev
***************************
$TTL 43200
0.168.192.in-addr.arpa. IN SOA roteador.imagembureau.com.br.
root.imagembureau.com

2005011000
3H
15M
1H
1D )

0.168.192.in-addr.arpa. IN NS roteador.imagembureau.com.br.

; SERVIDOR DNS
1.0.168.192.in-addr.arpa. IN PTR roteador.imagembureau.com.br.

; OUTROS SERVIDORES
1.0.168.192.in-addr.arpa. IN PTR ftp.imagembureau.com.br.
1.0.168.192.in-addr.arpa. IN PTR www.imagembureau.com.br.
1.0.168.192.in-addr.arpa. IN PTR mail.imagembureau.com.br..
1.0.168.192.in-addr.arpa. IN PTR pop.imagembureau.com.br.

***************************
/var/named/var/named/named.local
***************************

$TTL 43200

@ IN SOA roteador.imagembureau.com.br. root.imagembureau.com.br. (

2005011000 ; Serial
3H ; Refresh
15M ; Retry
1H ; Expire
1D ) ; Minimum

IN NS roteador.imagembureau.com.br.
;loopback
1 IN PTR localhost.

***************************
/var/named/var/named/named.conf
****************************
options {
directory "/var/named";
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
dump-file "/var/named/dump/named_dump.db";
statistics-file "/var/named/dump/named.stats";
memstatistics-file "/var/named/dump/named.memstats";
 // remove this next line if you want named to listen on
// all available interfaces, or adjust add new ones as
// you see fit
//listen-on { 127.0.0.1/32; };
listen-on { any; };
};
//
// a caching only nameserver config
//

zone "." {
type hint;
file "named.ca";
};

zone "0.0.127.in-addr.arpa" {
type master;
file "named.local";
};

zone "imagembureau.com.br" {
type master;
file "/var/named/named.hosts";
};

zone "0.168.192.in-addr.arpa" {
type master;
file "/var/named/named.rev";
};

***************************
/etc/rc.d/init.d/iptables
***************************
#! /bin/sh
# description: Inicializa��o do iptables
# chkconfig: 2345 80 30
# processname: iptables
# pidfile: /var/run/iptabless.pid
. /etc/rc.d/init.d/functions
. /etc/sysconfig/network
 if [ ${NETWORKING} = "no" ]
then
exit 0
 fi
case "$1" in
start)
 gprintf "Iniciando o Firewall com %s: " "IPtables"
echo
echo 1 > /proc/sys/net/ipv4/ip_forward
/usr/sbin/iptables -A FORWARD -i eth1 -o eth0 -m state --state
ESTABLISHED,RELATED -j
/usr/sbin/iptables -A FORWARD -i eth0 -o eth1 -j ACCEPT
/usr/sbin/iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
/usr/sbin/iptables -A FORWARD -i eth0 -o eth1 -m state --state
ESTABLISHED,RELATED -j A
/usr/sbin/iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT
/usr/sbin/iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
;;
stop)
gprintf "Parando o servi�o de %s: " "IPtables"
echo
/usr/sbin/iptables -F
;;
*)
gprintf "Firewall com Iptables... Digite : iptables (start|stop)"
echo
;;
esac
exit 0

***************************
/etc/squid/squid.conf
***************************
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563
acl Safe_ports port 80 1313
acl Safe_ports port 21 20 2121 2120 2222
acl Safe_ports port 443 563
acl Safe_ports port 70
acl Safe_ports port 210
acl Safe_ports port 1025-65535
acl Safe_ports port 280
acl Safe_ports port 488
acl Safe_ports port 591
acl Safe_ports port 777
acl CONNECT method CONNECT
acl rede_interna src 192.168.0.1-192.168.0.100

http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow rede_interna
http_access deny all
http_reply_access allow all

*********************************************
/etc/rc.d/rc.local
*********************************************
[ -f /bin/firstboot.sh ] && sh /bin/firstboot.sh
/sbin/modprobe ip_nat_ftp
/sbin/modprobe ip_conntrack
/sbin/modprobe ip_conntrack_ftp
/etc/rc.d/init.d/iptables
/etc/rc.d/init.d/noip2
**********************************************


Obrigado.

 M�rio Belolli Jr.
 Suporte em TI
 www.mbtec.com.br
 Tel. (48) 9980-7288
---------------------------------------------------------------------------
Esta lista � patrocinada pela Conectiva S.A. Visite http://www.conectiva.com.br

Arquivo: http://bazar2.conectiva.com.br/mailman/listinfo/linux-br
Regras de utiliza��o da lista: http://linux-br.conectiva.com.br
FAQ: http://www.zago.eti.br/menu.html

Responder a