Re: [SLUG] ftp client recomendations ?

Tue, 18 Aug 2009 17:02:46 -0700 

On Fri, August 14, 2009 12:54 pm, Daniel Pittman wrote:
> "Voytek Eymont" <[email protected]> writes:

Daniel, thanks

> So, when the user tries to connect, what state are the relevant sockets
> at the client and server end?  My guess is the client is trying to connect
> to the server, but the server firewall is blocking the (passive FTP)
> connection.

how to assess, netstat --?


>> Command:    PORT 192,168,97,49,226,65
>> Response:    500 Illegal PORT command
>>
>
> That isn't a good start: the client asked the server to connect to a
> private IP address (192.168.97.49) with active FTP.  Behind NAT like that
> the client should either improve their firewall, or disable active FTP
> entirely.

server has like:
/etc/sysconfig/iptables
...
-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 21 -j
ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j
ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 25 -j
ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 53 -j
ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j
ACCEPT


...


>
>> Command:    PASV
>> Response:    227 Entering Passive Mode (116,197,145,51,175,75).
>>
>
> At this point the server *should* be expecting a connection from the
> client, on TCP/44875, but I bet the firewall isn't letting that through.
>
> Check your firewall logs first, to see if you have a record of blocking
> that connection or not.


what log to look at?

I see this in messages:


Aug 19 09:55:34 proftpd[3851]: bilby (::ffff:121.217.999.999[::ffff:121.21
7.231.228]) - FTP session opened.
Aug 19 09:55:34 proftpd(pam_unix)[3851]: session opened for user xxxxxx by
 (uid=0)
Aug 18 18:55:34 proftpd[3851]: bilby (::ffff:121.217.999.999[::ffff:121.21
7.231.228]) - Preparing to chroot to directory '/home/xxxxxx'




-- 
Voytek

-- 
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html

Reply via email to