Navigation

IzFazt · #1 17th July 2009, 23:18

pure-ftpd (followed howto install for centos) generates this in with PASV off and a hanging loop passive mode, see data below? Any ideas?

PASV on:

Quote:

Connecting to jl-websites.discounthost.biz on port 121. Attempt 1 of 3...
220---------- Welcome to Pure-FTPd [TLS ----------
220-You are user number 2 of 5 allowed.
220-Local time is now 00:10. Server port: 121.
220-This is a private system - No anonymous login
220-IPv6 connections are also welcome on this server.
220 You will be disconnected after 15 minutes of inactivity.
USER leppers001
331 User leppers001 OK. Password required
PASS *****
230-User leppers001 has group access to: client4
230 OK. Current restricted directory is /
SYST
215 UNIX Type: L8
Server Type: UNIX (standard)
FEAT
211-Extensions supported:
EPRT
IDLE
MDTM
SIZE
REST STREAM
MLST type*;size*;sizd*;modify*;UNIX.mode*;UNIX.uid*;UNI X.gid*;unique*;
MLSD
ESTP
PASV
EPSV
SPSV
ESTA
AUTH TLS
PBSZ
PROT
UTF8
211 End.
PWD
257 "/" is your current location
TYPE A
200 TYPE is now ASCII
PASV
227 Entering Passive Mode (192,168,1,4,164,25)
Operation timed out
Processing item, attempt 2...
PASV
227 Entering Passive Mode (192,168,1,4,164,22)
Operation timed out
Processing item, attempt 3...
PASV
227 Entering Passive Mode (192,168,1,4,164,24)
Operation timed out
Failed timed out
PASV
227 Entering Passive Mode (192,168,1,4,164,23)
Operation timed out
Processing item, attempt 2...
PASV
227 Entering Passive Mode (192,168,1,4,164,18)
Operation timed out
Processing item, attempt 3...
PASV
227 Entering Passive Mode (192,168,1,4,164,21)
Operation timed out
Failed timed out
PASV
227 Entering Passive Mode (192,168,1,4,164,19)
Operation timed out
Processing item, attempt 2...
PASV
227 Entering Passive Mode (192,168,1,4,164,21)
Operation timed out
Processing item, attempt 3...
PASV
227 Entering Passive Mode (192,168,1,4,164,17)
Operation timed out
Failed timed out
PASV
227 Entering Passive Mode (192,168,1,4,164,17)
Operation timed out
Processing item, attempt 2...
PASV
227 Entering Passive Mode (192,168,1,4,164,16)

PASV off:

Quote:

Connecting to jl-websites.discounthost.biz on port 121. Attempt 1 of 3...
220---------- Welcome to Pure-FTPd [TLS ----------
220-You are user number 1 of 5 allowed.
220-Local time is now 00:48. Server port: 121.
220-This is a private system - No anonymous login
220-IPv6 connections are also welcome on this server.
220 You will be disconnected after 15 minutes of inactivity.
USER leppers001
331 User leppers001 OK. Password required
PASS *****
230-User leppers001 has group access to: client4
230 OK. Current restricted directory is /
Server Type: UNIX (standard)
FEAT
211-Extensions supported:
EPRT
IDLE
MDTM
SIZE
REST STREAM
MLST type*;size*;sizd*;modify*;UNIX.mode*;UNIX.uid*;UNI X.gid*;unique*;
MLSD
ESTP
PASV
EPSV
SPSV
ESTA
AUTH TLS
PBSZ
PROT
UTF8
211 End.
PWD
257 "/" is your current location
TYPE A
200 TYPE is now ASCII
PORT 192,168,1,101,242,84
500 I won't open a connection to 192.168.1.101 (only to 83.87.8.129)
Unable to open data socket
Processing item, attempt 2...
PORT 192,168,1,101,242,85
500 I won't open a connection to 192.168.1.101 (only to 83.87.8.129)
Unable to open data socket
Processing item, attempt 3...
PORT 192,168,1,101,242,86
500 I won't open a connection to 192.168.1.101 (only to 83.87.8.129)
Unable to open data socket
Failed to open data socket
PORT 192,168,1,101,242,87
500 I won't open a connection to 192.168.1.101 (only to 83.87.8.129)
Unable to open data socket
Processing item, attempt 2...
PORT 192,168,1,101,242,88
500 I won't open a connection to 192.168.1.101 (only to 83.87.8.129)
Unable to open data socket
Processing item, attempt 3...
PORT 192,168,1,101,242,89
500 I won't open a connection to 192.168.1.101 (only to 83.87.8.129)
Unable to open data socket
Failed to open data socket
PORT 192,168,1,101,242,90

falko · #2 18th July 2009, 11:13

This is probably a firewall problem.

IzFazt · #3 18th July 2009, 14:50

ok, which firewall are you referring to? The user tested on more then one occasion with his firewall off and the same result. The system is using the ISP firewall and ports 120,121, 42000 tot 42010 are open, portforwarding is set correctly and of course in pure-ftpd.conf 42000 to 42010 is PassivePortsRange. FTP server was restarted more then once and just to be sure reboot also done. The result does not change. Could you be a bit more specific and explain what else there is that can cause a firewall problem ?

till · #4 19th July 2009, 13:12

Please post the output of:

netstat -tap

and

iptables -L

IzFazt · #5 20th July 2009, 02:59

ok, here they are

Quote:

Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 localhost.localdomain:10024 *:* LISTEN 2400/amavisd (maste
tcp 0 0 localhost.localdomain:10025 *:* LISTEN 2490/master
tcp 0 0 *:mysql *:* LISTEN 2326/mysqld
tcp 0 0 *:fcp-udp *:* LISTEN 1900/rpc.statd
tcp 0 0 localhost.local:dyna-access *:* LISTEN 2230/clamd
tcp 0 0 *:sunrpc *:* LISTEN 1859/portmap
tcp 0 0 server1.discounthost:domain *:* LISTEN 2356/mydns
tcp 0 0 localhost.localdomai:domain *:* LISTEN 2356/mydns
tcp 0 0 localhost.localdomain:ipp *:* LISTEN 2215/cupsd
tcp 0 0 *:erpc *:* LISTEN 32229/pure-ftpd (SE
tcp 0 0 *:smtp *:* LISTEN 1613/smtpd
tcp 0 0 localhost.localdomain:41053 localhost.localdomai:domain TIME_WAIT -
tcp 0 0 localhost.localdomain:33405 localhost.localdomain:http TIME_WAIT -
tcp 0 0 *:imaps *:* LISTEN 2418/couriertcpd
tcp 0 0 *

op3s *:* LISTEN 2430/couriertcpd
tcp 0 0 *

op3 *:* LISTEN 2424/couriertcpd
tcp 0 0 *:imap *:* LISTEN 2411/couriertcpd
tcp 0 0 *:http *:* LISTEN 2524/httpd
tcp 0 0 *:8085 *:* LISTEN 2524/httpd
tcp 0 0 localhost6.localdoma:domain *:* LISTEN 2356/mydns
tcp 0 0 *:ssh *:* LISTEN 2183/sshd
tcp 0 0 localhost6.localdomain6:ipp *:* LISTEN 2215/cupsd
tcp 0 0 *:erpc *:* LISTEN 32229/pure-ftpd (SE
tcp 0 0 *:https *:* LISTEN 2524/httpd
tcp 0 148 server1.discounthost.bi:ssh ::ffff:192.168.1.:nms-dpnss ESTABLISHED 399/0

Quote:

Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

falko · #6 20th July 2009, 13:22

What's the output of

Code:

grep erpc /etc/services

?

IzFazt · #7 20th July 2009, 16:16

as requested....

Quote:

erpc 121/tcp # Encore Expedited Remote Pro.Call
erpc 121/udp # Encore Expedited Remote Pro.Call
caerpc 42510/tcp # CA eTrust RPC
caerpc 42510/udp # CA eTrust RPC

falko · #8 21st July 2009, 14:17

Your FTP daemon is listening on port 121 instead of 21...

IzFazt · #9 21st July 2009, 16:35

I know, everything is set for port 121 and not for 21 we have a reason for that, but as you can see in the top of this post, that is not the problem, the problem is the hangs and the loops when logged in on port 121

IzFazt · #10 23rd July 2009, 17:51

Even when Joomla tries to use PASV FTP on the site to delete some cache files somewhere else in its own directory this is the response.

Quote:

* JFTP::login: Unable to login
* JFTP::write: Unable to use passive mode
* JFTP::delete: Bad response
* JFTP::delete: Bad response
* JFTP::delete: Bad response
* JFTP::delete: Bad response
* JFTP::write: Unable to use passive mode
* JFTP::delete: Bad response
* JFTP::delete: Bad response
* JFTP::delete: Bad response
* JFTP::delete: Bad response
* JFTP::write: Unable to use passive mode
* JFTP::delete: Bad response
* JFTP::delete: Bad response
* JFTP::delete: Bad response
* JFTP::delete: Bad response
* JFTP::write: Unable to use passive mode
* JFTP::delete: Bad response
* JFTP::delete: Bad response
* JFTP::delete: Bad response
* JFTP::delete: Bad response

Navigation

Facebook

News

Recent comments

Newsletter