Re: [Fail2ban-users] ProFtpd DROP net-fw TLS connection from client ftp

Wed, 09 Aug 2017 01:58:14 -0700 

Hi,

There is a big difference between sftp (SSH file transfer) and ftps (FTP
over SSL).

For SFTP, port 115 seems to be reserved (but I believe most ssh
implementations just use the ssh port (22) for this).
For FTPS, ports 989 (data) and 990 are reserved. It depends on what you
configured in proftpd, maybe it can do both protocols.

The commmand "sudo netstat -tunlp | grep -i proftp" will show you on
which ports your running instance of proftpd is listening. Then decide
which ports you need to open in your firewall.

Anyway, this is no fail2ban question :)

Good luck,

        Tom Hendrikx

On 09-08-17 10:16, Davide Marchi wrote:
> Il 2017-08-08 21:55 Bill Shirley ha scritto:
>> Looks like you haven't opened up sftp(port 115) in Shorewall.  Post on
>> the
>> shorewall-us...@lists.sourceforge.net list.  Tom Eastep is very helpful.
> 
> 
> I've open the 115 port both with Shorewall and PROFTPD (and restart),
> but with no luck.
> Now I open a post to Shorewall-users!
> 
> 
>>
>> If it were fail2ban blocking traffic, you would see it in the log file.
>>
> 
> 
> Yes I know, but I had the fear of not having read well all the logs..
> 
> 
>> Note if you're not using fail2ban with ipsets actions instead of
>> iptables, you're
>> going to run into problems if you do a 'shorewall restart'.  It will
>> clear your bans.
>>
> 
> 
> I think I'm right in this situation! Obviously I would like to switch to
> Ipsets mode now that you warned me of the danger (and thank you very
> much for that!)
> Could you give me some documentation link to deepen the topic?
> 
> 
>> If you still think the problem could be fail2ban, post your config,
>> action, and log
>> files.
>>
>> Billlists.sourceforge.net/lists/listinfo/fail2ban-users
> 
> 
> 
> 
> Many thanks Bill!
> 
> ------------------------------------------------------------------------------
> 
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> _______________________________________________
> Fail2ban-users mailing list
> Fail2ban-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/fail2ban-users

------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Fail2ban-users mailing list
Fail2ban-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/fail2ban-users

Reply via email to