Re: can't connect to ftp server
On Tue, Feb 17, 2004 at 04:34:04PM -0500, Marty Landman wrote: Something related which I'd like to understand Matthew. I don't know what the base install ftpd is as # /usr/libexec/ftpd -V ftpd: illegal option -- V ftpd: unknown flag -V ignored # /usr/libexec/ftpd -v # However I installed wu-ftpd from the ports yesterday and it's in /usr/local/libexec/ftpd so I changed /etc/inetd.conf accordingly and then did kill -HUP `cat /var/run/inetd.pid` and for laughs (or developing the understanding now that navigating unix is similar to driving in New Jersey) I tried ftp'g into my box w/o first (starting) inetd and I got in, and ps -ax showed inetd running as well. Yet I don't see in the man pages for inetd(8) where any of these options imply automatic restart. There's two ways of running ftpd(8) -- either out of inetd(8) or as a standalone process. Some software packages will do one, some will do the other and several will do both given the correct configuration. The system ftpd(8) assumes that it is going to be run out of inetd(8) -- which means that inetd(8) is going to do all the grunt work of receiving any incoming connection and then fire up ftpd(8) with it's standard in- and outputs already connected to the network socket. If you try and start a daemon designed to work with inetd from the command line, as you showed, it will either sit there waiting for input on stdin or close down immediately. Most of the other FTP server ports are intended to run standalone -- that is the ftpd process runs continually and manages all of the incoming connections to port 21 itself. Generally running these daemons from the command line will look as if they just shut down immediately, but actually what happens is that they 'daemonized' themselves: ie. spawn another copy of themselves, which isn't associated with any terminal (plus various other changes -- see daemon(3), setsid(2) for details). You won't be able to run both inetd(8) providing FTP service and a standalone FTP daemon -- only one process at a time can take control of the FTP port on your system. However, most system level programs like this don't print out error messages on the command line -- rather, they use syslog(3) to write the errors into the system log files. However there isn't any obvious notification to you typing at the console if this sort of thing occurs -- you'll just find that some process you expected to be running isn't and have to go hunting through the log files to work out why. Running ftpd out of inetd is generally appropriate for low-traffic FTP sites or sites where FTP access is only required occasionally. A stand-alone FTPd setup would be more appropriate for a machine tasked with being a full-time FTP server. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgp0.pgp Description: PGP signature
Re: can't connect to ftp server
On Tue, Feb 17, 2004 at 11:19:10AM -0500, Marty Landman wrote: I'm running 4.8 on a lan with sshd, httpd and no known problems except that I can't connect to ftp from another box. The message I get on my ftp client (filezilla) is 'unable to connect'. Inetd is running and /etc/inetd.conf has ftp stream tcp nowait root/usr/libexec/ftpd ftpd -l ftp stream tcp6nowait root/usr/libexec/ftpd ftpd -l Couple of things to check... 1. Does /usr/libexec/ftpd exist 2. Is there anything listening on port 21 (netstat -an | grep LISTEN | grep 21) 3. Check the contents of /var/log/messages Hope that helps... -- Wayne Pascoe A good sysadmin always carries around a few feet of fiber. If he gets lost, he simply drops the fiber on the ground, waits 10 minutes and asks the backhoe operator for directions - Bill Bradford ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: can't connect to ftp server
At 11:24 AM 2/17/2004, Wayne Pascoe wrote: On Tue, Feb 17, 2004 at 11:19:10AM -0500, Marty Landman wrote: I can't connect to ftp from another box. Couple of things to check... 1. Does /usr/libexec/ftpd exist yes 2. Is there anything listening on port 21 (netstat -an | grep LISTEN | grep 21) nope, but tcp4 tcp46 are listening on port 22; so I just connected that way. 3. Check the contents of /var/log/messages nothing appears here when I try to connect on port 21 and as said I can connect on port 22 Hope that helps... Well, I know more than before and I can get sftp access to my fbsd box so yes. Now I gather the problem is that the machine isn't listening on port 21; is that supposed to be controlled by inetd? What do I do now? Marty Landman Face 2 Interface Inc 845-679-9387 This Month's New Quiz --- Past Superbowl Winners Make a Website: http://face2interface.com/Home/Demo.shtml ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: can't connect to ftp server
On Tue, Feb 17, 2004 at 12:04:51PM -0500, Marty Landman wrote: Well, I know more than before and I can get sftp access to my fbsd box so yes. Now I gather the problem is that the machine isn't listening on port 21; is that supposed to be controlled by inetd? What do I do now? Kinda obvious, but is inetd(8) running at all? If it is running, did you restart it after editing the configuration file? To make inetd(8) start automatically on reboots add this to /etc/rc.conf: inetd_enable=YES You might want to tweak inetd's runtime flags something like the following: inetd_flags=-wWl -R 1024 -c 128 which makes inetd log every connection to it and imposes some limits on the number and rate of connections inetd will accept. In order to make inetd(8) reread it's config file: # kill -HUP `cat /var/run/inetd.pid` You should now see something listening on port 21 -- if you still can't connect by FTP, double check your firewall rules (remember that FTP uses both ports 20 and 21) and /etc/hosts.allow. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgp0.pgp Description: PGP signature
Re: can't connect to ftp server
At 01:25 PM 2/17/2004, Matthew Seaman wrote: Kinda obvious, but is inetd(8) running at all? # ps -ax | fgrep inetd 20482 ?? Is 0:00.01 inetd start If it is running, did you restart it after editing the configuration file? yes To make inetd(8) start automatically on reboots add this to /etc/rc.conf: inetd_enable=YES # cat /etc/rc.conf | fgrep inetd inetd_enable=YES You might want to tweak inetd's runtime flags something like the following: inetd_flags=-wWl -R 1024 -c 128 pretty generous for my little office, did it In order to make inetd(8) reread it's config file: # kill -HUP `cat /var/run/inetd.pid` ok You should now see something listening on port 21 No. But I do see this on /var/log/messages inetd[20482]: start: No such file or directory I assumed it was running because it showed up in top and ps -ax, but I guess it really didn't because of this failure on attempting to start? Yet I can ssh into the box, and sftp in too. None of which shows on the /var/log/messages -- I guess because inetd isn't running; now I can see sshd and sftp-server running on `top`. if you still can't connect by FTP, double check your firewall rules (remember that FTP uses both ports 20 and 21) and /etc/hosts.allow. # cat /etc/rc.conf|fgrep secure kern_securelevel_enable=NO # cat /etc/rc.conf | fgrep firewall firewall_enable=no # cat /etc/hosts.allow | fgrep ftp # Provide a small amount of protection for ftpd ftpd : localhost : allow ftpd : .nice.guy.example.com : allow ftpd : .evil.cracker.example.com : deny ftpd : ALL : allow So does the problem appear to be that inetd isn't able to start? Why is it that I get so totally lost before finding out where I'm going? :) Marty Landman Face 2 Interface Inc 845-679-9387 This Month's New Quiz --- Past Superbowl Winners Make a Website: http://face2interface.com/Home/Demo.shtml ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: can't connect to ftp server
On Tue, Feb 17, 2004 at 02:48:14PM -0500, Marty Landman wrote: At 01:25 PM 2/17/2004, Matthew Seaman wrote: Kinda obvious, but is inetd(8) running at all? # ps -ax | fgrep inetd 20482 ?? Is 0:00.01 inetd start Right -- this is where the problem is. inetd(8) doesn't understand 'start' as a command line argument. It's not like the startup scripts in /usr/local/etc/rc.d -- those are wrappers that start the required processes themselves, whereas inetd /is/ the required process itself. Try this: # kill 20482 # /usr/bin/inetd -wWl -R 1024 -c 128 Then you should find your ftp service working OK. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgp0.pgp Description: PGP signature
Re: can't connect to ftp server
On Tue, 17 Feb 2004, Marty Landman wrote: At 01:25 PM 2/17/2004, Matthew Seaman wrote: Kinda obvious, but is inetd(8) running at all? # ps -ax | fgrep inetd 20482 ?? Is 0:00.01 inetd start If it is running, did you restart it after editing the configuration file? yes To make inetd(8) start automatically on reboots add this to /etc/rc.conf: inetd_enable=YES # cat /etc/rc.conf | fgrep inetd inetd_enable=YES You might want to tweak inetd's runtime flags something like the following: inetd_flags=-wWl -R 1024 -c 128 pretty generous for my little office, did it In order to make inetd(8) reread it's config file: # kill -HUP `cat /var/run/inetd.pid` ok You should now see something listening on port 21 No. But I do see this on /var/log/messages inetd[20482]: start: No such file or directory killall -9 inetd inetd telnet 0 21 there is nothing more to it. all as root. m I assumed it was running because it showed up in top and ps -ax, but I guess it really didn't because of this failure on attempting to start? Yet I can ssh into the box, and sftp in too. None of which shows on the /var/log/messages -- I guess because inetd isn't running; now I can see sshd and sftp-server running on `top`. if you still can't connect by FTP, double check your firewall rules (remember that FTP uses both ports 20 and 21) and /etc/hosts.allow. # cat /etc/rc.conf|fgrep secure kern_securelevel_enable=NO # cat /etc/rc.conf | fgrep firewall firewall_enable=no # cat /etc/hosts.allow | fgrep ftp # Provide a small amount of protection for ftpd ftpd : localhost : allow ftpd : .nice.guy.example.com : allow ftpd : .evil.cracker.example.com : deny ftpd : ALL : allow So does the problem appear to be that inetd isn't able to start? Why is it that I get so totally lost before finding out where I'm going? :) Marty Landman Face 2 Interface Inc 845-679-9387 This Month's New Quiz --- Past Superbowl Winners Make a Website: http://face2interface.com/Home/Demo.shtml ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: can't connect to ftp server
At 03:27 PM 2/17/2004, Matthew Seaman wrote: On Tue, Feb 17, 2004 at 02:48:14PM -0500, Marty Landman wrote: # ps -ax | fgrep inetd 20482 ?? Is 0:00.01 inetd start Right -- this is where the problem is. inetd(8) doesn't understand 'start' as a command line argument. It's not like the startup scripts in /usr/local/etc/rc.d -- those are wrappers that start the required processes themselves, whereas inetd /is/ the required process itself. Try this: # kill 20482 # /usr/bin/inetd -wWl -R 1024 -c 128 Yep. Something related which I'd like to understand Matthew. I don't know what the base install ftpd is as # /usr/libexec/ftpd -V ftpd: illegal option -- V ftpd: unknown flag -V ignored # /usr/libexec/ftpd -v # However I installed wu-ftpd from the ports yesterday and it's in /usr/local/libexec/ftpd so I changed /etc/inetd.conf accordingly and then did kill -HUP `cat /var/run/inetd.pid` and for laughs (or developing the understanding now that navigating unix is similar to driving in New Jersey) I tried ftp'g into my box w/o first (starting) inetd and I got in, and ps -ax showed inetd running as well. Yet I don't see in the man pages for inetd(8) where any of these options imply automatic restart. Anyhow thanks much. On to my next bonehead problem. Marty Landman Face 2 Interface Inc 845-679-9387 This Month's New Quiz --- Past Superbowl Winners Make a Website: http://face2interface.com/Home/Demo.shtml ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
