#1  
Old 16th May 2009, 16:52
clemens clemens is offline
Junior Member
 
Join Date: May 2009
Posts: 12
Thanks: 0
Thanked 0 Times in 0 Posts
Question Pure-Ftpd problem

Hi all

got a prob, with pure-ftpd, cant connect to from outside.

User created, and works when connection to ftp from the local machine.

Quote:
Connected to localhost.localdomain.
220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
220-You are user number 1 of 50 allowed.
220-Local time is now 16:17. Server port: 21.
220-This is a private system - No anonymous login
220-IPv6 connections are also welcome on this server.
220 You will be disconnected after 15 minutes of inactivity.
Name (localhost:root): xxx.xx
331 User xxx.xx OK. Password required
Password:
230-User xxx.xx has group access to: client4
230 OK. Current restricted directory is /
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> ls
200 PORT command successful
150 Connecting to port 45331
drwxr-xr-x 2 5004 client4 4096 May 16 15:23 cgi-bin
lrwxrwxrwx 1 5004 client4 31 May 16 15:23 log -> /var/log/ispconfig/httpd/xxx.xx
drwxr-xr-x 2 5004 client4 4096 May 16 15:23 ssl
drwxrwxrwx 2 5004 client4 4096 May 16 15:23 tmp
drwxr-xr-x 4 5004 client4 4096 May 16 15:23 web
226-Options: -l
226 5 matches total
ftp>
When using a FTP client - thats a no go it seams that it connect but dont come further that resolving the ip and after a while it stops trying to connect.

Did try from a command prompt on a windows, and got the respons connecting and then the connections are cut off.

Did see if the port where open and it was.

Quote:
87.57.xxx.xxx is responding on port 21 (ftp).
a little hint would be really nice.

Thanks in advance
Reply With Quote
Sponsored Links
  #2  
Old 17th May 2009, 15:48
till till is online now
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 35,461
Thanks: 813
Thanked 5,240 Times in 4,108 Posts
Default

Please post the output of:

netstat -tap

and

iptables -L
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #3  
Old 17th May 2009, 18:32
clemens clemens is offline
Junior Member
 
Join Date: May 2009
Posts: 12
Thanks: 0
Thanked 0 Times in 0 Posts
Default

they look like this...

netstat -tap

Quote:
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 *:56929 *:* LISTEN 1614/rpc.statd
tcp 0 0 localhost.localdoma:740 *:* LISTEN 2684/famd
tcp 0 0 localhost.localdo:10024 *:* LISTEN 1848/amavisd (maste
tcp 0 0 localhost.localdo:10025 *:* LISTEN 2638/master
tcp 0 0 *:mysql *:* LISTEN 1912/mysqld
tcp 0 0 localhost.localdo:spamd *:* LISTEN 2022/spamd.pid
tcp 0 0 *:sunrpc *:* LISTEN 1603/portmap
tcp 0 0 *:ftp *:* LISTEN 2652/pure-ftpd (SER
tcp 0 0 192.168.0.120:domain *:* LISTEN 2566/mydns
tcp 0 0 localhost.locald:domain *:* LISTEN 2566/mydns
tcp 0 0 *:ssh *:* LISTEN 1820/sshd
tcp 0 0 *:smtp *:* LISTEN 2638/master
tcp 0 148 192.168.0.120:ssh 87.57.xxx.xx:54944 ESTABLISHED 7898/0
tcp 54 0 localhost.localdo:46997 localhost.localdo:10025 CLOSE_WAIT 2803/amavisd (ch1-a
tcp6 0 0 [::]:imaps [::]:* LISTEN 2543/couriertcpd
tcp6 0 0 [::]op3s [::]:* LISTEN 2561/couriertcpd
tcp6 0 0 [::]op3 [::]:* LISTEN 2549/couriertcpd
tcp6 0 0 [::]:imap2 [::]:* LISTEN 2531/couriertcpd
tcp6 0 0 [::]:http-alt [::]:* LISTEN 2393/apache2
tcp6 0 0 [::]:www [::]:* LISTEN 2393/apache2
tcp6 0 0 [::]:ftp [::]:* LISTEN 2652/pure-ftpd (SER
tcp6 0 0 localhost:domain [::]:* LISTEN 2566/mydns
tcp6 0 0 [::]:ssh [::]:* LISTEN 1820/sshd
tcp6 0 0 [::]:https [::]:* LISTEN 2393/apache2
And iptables -L

Quote:
Chain INPUT (policy DROP)
target prot opt source destination
fail2ban-ssh tcp -- anywhere anywhere multiport dports ssh
DROP tcp -- anywhere loopback/8
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT all -- anywhere anywhere
DROP all -- 224.0.0.0/4 anywhere
PUB_IN all -- anywhere anywhere
PUB_IN all -- anywhere anywhere
PUB_IN all -- anywhere anywhere
PUB_IN all -- anywhere anywhere
DROP all -- anywhere anywhere

Chain FORWARD (policy DROP)
target prot opt source destination
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
DROP all -- anywhere anywhere

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
PUB_OUT all -- anywhere anywhere
PUB_OUT all -- anywhere anywhere
PUB_OUT all -- anywhere anywhere
PUB_OUT all -- anywhere anywhere

Chain INT_IN (0 references)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere
DROP all -- anywhere anywhere

Chain INT_OUT (0 references)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere
ACCEPT all -- anywhere anywhere

Chain PAROLE (12 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere

Chain PUB_IN (4 references)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere icmp destination-unreachable
ACCEPT icmp -- anywhere anywhere icmp echo-reply
ACCEPT icmp -- anywhere anywhere icmp time-exceeded
ACCEPT icmp -- anywhere anywhere icmp echo-request
PAROLE tcp -- anywhere anywhere tcp dpt:ftp-data
PAROLE tcp -- anywhere anywhere tcp dpt:ftp
PAROLE tcp -- anywhere anywhere tcp dpt:ssh
PAROLE tcp -- anywhere anywhere tcp dpt:smtp
PAROLE tcp -- anywhere anywhere tcp dpt:domain
PAROLE tcp -- anywhere anywhere tcp dpt:www
PAROLE tcp -- anywhere anywhere tcp dptop3
PAROLE tcp -- anywhere anywhere tcp dpt:imap2
PAROLE tcp -- anywhere anywhere tcp dpt:https
PAROLE tcp -- anywhere anywhere tcp dpt:mysql
PAROLE tcp -- anywhere anywhere tcp dpt:http-alt
PAROLE tcp -- anywhere anywhere tcp dpt:webmin
ACCEPT udp -- anywhere anywhere udp dpt:domain
ACCEPT udp -- anywhere anywhere udp dpt:mysql
DROP icmp -- anywhere anywhere
DROP all -- anywhere anywhere

Chain PUB_OUT (4 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere

Chain fail2ban-ssh (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere
Reply With Quote
  #4  
Old 18th May 2009, 11:03
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,727 Times in 2,565 Posts
Default

Looks ok. Did you try both active and passive transfers in your FTP client?
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #5  
Old 19th May 2009, 09:38
clemens clemens is offline
Junior Member
 
Join Date: May 2009
Posts: 12
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Yes, but it dosent matter as im not getting so far as the passive should matter.

Only get to the resolution of the ip for the host and then a disconnect.

And a dos FTP connect would give the result, connection, and after 10 sec host closed connection.
Reply With Quote
  #6  
Old 20th May 2009, 10:45
clemens clemens is offline
Junior Member
 
Join Date: May 2009
Posts: 12
Thanks: 0
Thanked 0 Times in 0 Posts
 
Default

Did a new install from scratch and this time no problem...
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Strange email problem for one of my domains... any help appreciated paulrobert_a Installation/Configuration 5 9th August 2010 14:15
CacheALL email problem no.2 Snowman General 2 2nd August 2007 09:45
saslauthd problem: bind: Address already in use fitti70 Server Operation 4 14th May 2007 21:51
postfix mysql on fedora core5 igongora Installation/Configuration 7 17th April 2007 04:40
SMTP TLS Problem with Mail Client dschmid Installation/Configuration 1 9th December 2005 01:56


All times are GMT +2. The time now is 17:12.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.