#1  
Old 14th June 2012, 12:28
Captain Captain is offline
Senior Member
 
Join Date: Feb 2009
Posts: 285
Thanks: 79
Thanked 7 Times in 6 Posts
Exclamation Active mode Pure-ftpd dont work

Hello!

I have ISPConfig 3 final, Ubuntu 12.04 LTS.
Today I restart server (after kernel updates) and now pure-ftpd
dont want to work in active mode.
passive mode work ok.

pure-ftpd start:
Code:
 Running: /usr/sbin/pure-ftpd-mysql-virtualchroot -l mysql:/etc/pure-ftpd/db/mysql.conf -l pam -H -u 1000 -d -b -Y 1 -A -8 UTF-8 -p 40110:40210 -L 5000:500 -D -O clf:/var/log/pure-ftpd/transfer.log -E -B
Verbose mode:
Code:
Jun 14 13:22:49 in pure-ftpd: (?@12.12.12.12) [INFO] New connection from 12.12.12.12
Jun 14 13:22:49 in pure-ftpd: (?@12.12.12.12) [DEBUG] Command [user] [inf2ftp2]
Jun 14 13:22:49 in pure-ftpd: (?@12.12.12.12) [DEBUG] Command [pass] [<*>]
Jun 14 13:22:49 in pure-ftpd: (?@12.12.12.12) [INFO] inf2ftp2 is now logged in
Jun 14 13:22:49 in pure-ftpd: (inf2ftp2@12.12.12.12) [DEBUG] Command [opts] [UTF8 ON]
Jun 14 13:22:49 in pure-ftpd: (inf2ftp2@12.12.12.12) [DEBUG] Command [pwd] []
Jun 14 13:22:49 in pure-ftpd: (inf2ftp2@12.12.12.12) [DEBUG] Command [type] [I]
Jun 14 13:22:49 in pure-ftpd: (inf2ftp2@12.12.12.12) [DEBUG] Command [port] [12,12,12,12,19,138]
Jun 14 13:22:49 in pure-ftpd: (inf2ftp2@12.12.12.12) [DEBUG] Command [mlsd] []
12.12.12.12 is client internal IP.

Thank you.
Reply With Quote
Sponsored Links
  #2  
Old 15th June 2012, 12:45
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,740 Times in 2,575 Posts
Default

Looks like a firewall issue. What's the output of
Code:
iptables -L
?
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #3  
Old 15th June 2012, 17:01
Captain Captain is offline
Senior Member
 
Join Date: Feb 2009
Posts: 285
Thanks: 79
Thanked 7 Times in 6 Posts
Default

Hello Falko!

Thank you for your reply.
Output:
Code:
root@in:~# iptables -L
Chain INPUT (policy DROP)
target     prot opt source               destination
fail2ban-dovecot-pop3imap  tcp  --  anywhere             anywhere             multiport dports pop3,pop3s,imap2,imaps
fail2ban-pureftpd  tcp  --  anywhere             anywhere             multiport dports ftp
fail2ban-sasl  tcp  --  anywhere             anywhere             multiport dports smtp,ssmtp,imap2,imap3,imaps,pop3,pop3s
fail2ban-courierauth  tcp  --  anywhere             anywhere             multiport dports smtp,ssmtp,imap2,imap3,imaps,pop3,pop3s
fail2ban-couriersmtp  tcp  --  anywhere             anywhere             multiport dports smtp,ssmtp
fail2ban-postfix  tcp  --  anywhere             anywhere             multiport dports smtp,ssmtp
fail2ban-apache-overflows  tcp  --  anywhere             anywhere             multiport dports http,https
fail2ban-apache-noscript  tcp  --  anywhere             anywhere             multiport dports http,https
fail2ban-apache-multiport  tcp  --  anywhere             anywhere             multiport dports http,https
fail2ban-apache  tcp  --  anywhere             anywhere             multiport dports http,https
fail2ban-ssh-ddos  tcp  --  anywhere             anywhere             multiport dports ssh
fail2ban-ssh  tcp  --  anywhere             anywhere             multiport dports ssh
DROP       tcp  --  anywhere             127.0.0.0/8
ACCEPT     all  --  anywhere             anywhere             state RELATED,ESTABLISHED
ACCEPT     all  --  anywhere             anywhere
DROP       all  --  base-address.mcast.net/4  anywhere
PUB_IN     all  --  anywhere             anywhere
PUB_IN     all  --  anywhere             anywhere
PUB_IN     all  --  anywhere             anywhere
PUB_IN     all  --  anywhere             anywhere
PUB_IN     all  --  anywhere             anywhere
DROP       all  --  anywhere             anywhere

Chain FORWARD (policy DROP)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere             state RELATED,ESTABLISHED
DROP       all  --  anywhere             anywhere

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
PUB_OUT    all  --  anywhere             anywhere
PUB_OUT    all  --  anywhere             anywhere
PUB_OUT    all  --  anywhere             anywhere
PUB_OUT    all  --  anywhere             anywhere
PUB_OUT    all  --  anywhere             anywhere

Chain INT_IN (0 references)
target     prot opt source               destination
ACCEPT     icmp --  anywhere             anywhere
DROP       all  --  anywhere             anywhere

Chain INT_OUT (0 references)
target     prot opt source               destination
ACCEPT     icmp --  anywhere             anywhere
ACCEPT     all  --  anywhere             anywhere

Chain PAROLE (14 references)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere

Chain PUB_IN (5 references)
target     prot opt source               destination
ACCEPT     icmp --  anywhere             anywhere             icmp destination-unreachable
ACCEPT     icmp --  anywhere             anywhere             icmp echo-reply
ACCEPT     icmp --  anywhere             anywhere             icmp time-exceeded
ACCEPT     icmp --  anywhere             anywhere             icmp echo-request
PAROLE     tcp  --  anywhere             anywhere             tcp dpt:ftp
PAROLE     tcp  --  anywhere             anywhere             tcp dpt:ssh
PAROLE     tcp  --  anywhere             anywhere             tcp dpt:smtp
PAROLE     tcp  --  anywhere             anywhere             tcp dpt:domain
PAROLE     tcp  --  anywhere             anywhere             tcp dpt:http
PAROLE     tcp  --  anywhere             anywhere             tcp dpt:pop3
PAROLE     tcp  --  anywhere             anywhere             tcp dpt:imap2
PAROLE     tcp  --  anywhere             anywhere             tcp dpt:https
PAROLE     tcp  --  anywhere             anywhere             tcp dpt:imaps
PAROLE     tcp  --  anywhere             anywhere             tcp dpt:pop3s
PAROLE     tcp  --  anywhere             anywhere             tcp dpt:ssmtp
PAROLE     tcp  --  anywhere             anywhere             tcp dpt:mysql
PAROLE     tcp  --  anywhere             anywhere             tcp dpt:http-alt
PAROLE     tcp  --  anywhere             anywhere             tcp dpts:40110:40210
ACCEPT     udp  --  anywhere             anywhere             udp dpt:domain
ACCEPT     udp  --  anywhere             anywhere             udp dpt:mysql
DROP       icmp --  anywhere             anywhere
DROP       all  --  anywhere             anywhere

Chain PUB_OUT (5 references)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere

Chain fail2ban-apache (1 references)
target     prot opt source               destination
RETURN     all  --  anywhere             anywhere

Chain fail2ban-apache-multiport (1 references)
target     prot opt source               destination
RETURN     all  --  anywhere             anywhere

Chain fail2ban-apache-noscript (1 references)
target     prot opt source               destination
RETURN     all  --  anywhere             anywhere

Chain fail2ban-apache-overflows (1 references)
target     prot opt source               destination
RETURN     all  --  anywhere             anywhere

Chain fail2ban-courierauth (1 references)
target     prot opt source               destination
RETURN     all  --  anywhere             anywhere

Chain fail2ban-couriersmtp (1 references)
target     prot opt source               destination
RETURN     all  --  anywhere             anywhere

Chain fail2ban-dovecot-pop3imap (1 references)
target     prot opt source               destination
RETURN     all  --  anywhere             anywhere

Chain fail2ban-postfix (1 references)
target     prot opt source               destination
DROP       all  --  84-55-108-33.customers.ownit.se  anywhere
DROP       all  --  85-130-25-203.2073795190.shumen.cablebg.net  anywhere
DROP       all  --  c935b135.virtua.com.br  anywhere
RETURN     all  --  anywhere             anywhere

Chain fail2ban-pureftpd (1 references)
target     prot opt source               destination
RETURN     all  --  anywhere             anywhere

Chain fail2ban-sasl (1 references)
target     prot opt source               destination
RETURN     all  --  anywhere             anywhere

Chain fail2ban-ssh (1 references)
target     prot opt source               destination
RETURN     all  --  anywhere             anywhere

Chain fail2ban-ssh-ddos (1 references)
target     prot opt source               destination
RETURN     all  --  anywhere             anywhere
Reply With Quote
  #4  
Old 16th June 2012, 15:29
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,740 Times in 2,575 Posts
Default

Have you tried to disable the firewall for testing purposes?
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #5  
Old 18th June 2012, 12:26
Captain Captain is offline
Senior Member
 
Join Date: Feb 2009
Posts: 285
Thanks: 79
Thanked 7 Times in 6 Posts
Default

Yes I tried to off ISPConfig firewall.

But result is the same.

Iptables after firewall off:
Code:
root@in:~# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Chain fail2ban-apache (0 references)
target     prot opt source               destination
RETURN     all  --  anywhere             anywhere

Chain fail2ban-apache-multiport (0 references)
target     prot opt source               destination
RETURN     all  --  anywhere             anywhere

Chain fail2ban-apache-noscript (0 references)
target     prot opt source               destination
RETURN     all  --  anywhere             anywhere

Chain fail2ban-apache-overflows (0 references)
target     prot opt source               destination
RETURN     all  --  anywhere             anywhere

Chain fail2ban-courierauth (0 references)
target     prot opt source               destination
RETURN     all  --  anywhere             anywhere

Chain fail2ban-couriersmtp (0 references)
target     prot opt source               destination
RETURN     all  --  anywhere             anywhere

Chain fail2ban-dovecot-pop3imap (0 references)
target     prot opt source               destination
RETURN     all  --  anywhere             anywhere

Chain fail2ban-postfix (0 references)
target     prot opt source               destination
RETURN     all  --  anywhere             anywhere

Chain fail2ban-pureftpd (0 references)
target     prot opt source               destination
RETURN     all  --  anywhere             anywhere

Chain fail2ban-sasl (0 references)
target     prot opt source               destination
RETURN     all  --  anywhere             anywhere

Chain fail2ban-ssh (0 references)
target     prot opt source               destination
RETURN     all  --  anywhere             anywhere

Chain fail2ban-ssh-ddos (0 references)
target     prot opt source               destination
RETURN     all  --  anywhere             anywhere
Reply With Quote
  #6  
Old 20th June 2012, 00:00
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,740 Times in 2,575 Posts
Default

Are there any firewalls between you and the server (routers, etc.)?
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
The Following User Says Thank You to falko For This Useful Post:
Captain (20th June 2012)
  #7  
Old 20th June 2012, 16:22
Captain Captain is offline
Senior Member
 
Join Date: Feb 2009
Posts: 285
Thanks: 79
Thanked 7 Times in 6 Posts
Default

Thank you Falko that dont forget about me.

Yes we have MikroTik router.
But all work with this router configurations until server was rebooted.

Firewall config is:

Code:
0   ;;; Ping Allow/Drop
     chain=input action=drop protocol=icmp 

 1   ;;; default configuration
     chain=input action=accept connection-state=established 

 2   ;;; default configuration
     chain=input action=accept connection-state=related 

 4   ;;; Drop  Invalid  connections 
     chain=input action=drop connection-state=invalid 

 5   ;;; Allow  Established  connections
     chain=input action=accept connection-state=established 

 6   ;;; Allow  UDP
     chain=input action=accept protocol=udp 

 7   ;;; Allow  access  to  router  from  known  network
     chain=input action=accept src-address=192.168.0.0/24 

 8   ;;; deny TFTP
     chain=tcp action=drop protocol=tcp dst-port=69 

 9   ;;; deny RPC portmapper
     chain=tcp action=drop protocol=tcp dst-port=111 

10   ;;; deny RPC portmapper
     chain=tcp action=drop protocol=tcp dst-port=135 

11   ;;; deny NBT
     chain=tcp action=drop protocol=tcp dst-port=137-139 

12   ;;; deny cifs
     chain=tcp action=drop protocol=tcp dst-port=445 

13   ;;; deny NFS
     chain=tcp action=drop protocol=tcp dst-port=2049 

14   ;;; deny NetBus
     chain=tcp action=drop protocol=tcp dst-port=12345-12346 

15   ;;; deny NetBus
     chain=tcp action=drop protocol=tcp dst-port=20034 

16   ;;; deny BackOriffice
     chain=tcp action=drop protocol=tcp dst-port=3133 

17   ;;; deny DHCP
     chain=tcp action=drop protocol=tcp dst-port=67-68 

18   ;;; deny TFTP
     chain=udp action=drop protocol=udp dst-port=69 

19   ;;; deny PRC portmapper
     chain=udp action=drop protocol=udp dst-port=111 

20   ;;; deny PRC portmapper
     chain=udp action=drop protocol=udp dst-port=135 

21   ;;; deny NBT
     chain=udp action=drop protocol=udp dst-port=137-139 

22   ;;; deny NFS
     chain=udp action=drop protocol=udp dst-port=2049 

23   ;;; deny BackOriffice
     chain=udp action=drop protocol=udp dst-port=3133 

24   chain=forward action=drop src-address=0.0.0.0/8 

25   chain=forward action=drop dst-address=0.0.0.0/8 

26   chain=forward action=drop src-address=127.0.0.0/8 

27   chain=forward action=drop dst-address=127.0.0.0/8 

28   chain=forward action=drop src-address=224.0.0.0/3 

29   chain=forward action=drop dst-address=224.0.0.0/3
Reply With Quote
  #8  
Old 21st June 2012, 19:15
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,740 Times in 2,575 Posts
Default

Is it possible you ran iptables rules on the command line (without putting them in some configuration file)? Those iptables rules are lost on reboot.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #9  
Old 21st June 2012, 20:50
Captain Captain is offline
Senior Member
 
Join Date: Feb 2009
Posts: 285
Thanks: 79
Thanked 7 Times in 6 Posts
 
Default

Thank you Falko.

No there are no iptables that runs via command line.

We restart server at other time when active mode worked, and after restart it was ok.

I think it was some updates, and after restart active mode goes down.
it was dh-apparmor, but I delete it after that by apt-get remove.

Any ideas?
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Dovecot v2 with ISPConfig 3 CSsab Installation/Configuration 13 13th September 2012 19:01
Unable to Receve Email walner8080 Installation/Configuration 8 30th September 2010 05:58
spam sending from my server nokia80 Installation/Configuration 2 14th May 2010 12:41
Pure domain DNS doesn't work SyRenity Installation/Configuration 7 12th December 2006 12:12
Safe mode Off/On doesn't work gilas Installation/Configuration 1 8th June 2006 12:56


All times are GMT +2. The time now is 16:29.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.