FTP doesnt work more..

Discussion in 'Server Operation' started by wapa17, Apr 5, 2007.

  1. wapa17

    wapa17 New Member

    I installed ISPConfig in November 2006 (Mandrake 2006 - perfect setup).
    Well - some mail and DNS related issues but this has been solved manually ;-)

    Then I decided to install a CRON-job to look for updates automatically....and here began the trouble: I cannot login into FTP more (neither via ISPConfig-Admin nor with a FTP-Client).
    It has something to do with the "auto-update" (I have it disabled now).
    Well, it looks like if I have to downgrade the ProFTP.

    My question is: HOW to downgrade without to break the ISPConfig - configuration ?
     
  2. till

    till Super Moderator

    I think its not nescessary to downgrade proftpd as all proftpd versions should be compatible with ISPConfig.

    Please have a look if your last proftpd update has replaced the proftpd.conf file and left a copy of the old configuration in the same directory which you can compare to the new config.

    Please post the output of:

    netstat -tap | grep ftp

    and

    ps aux | grep ftp
     
  3. wapa17

    wapa17 New Member

    Hi Till,

    thanks for your answer.
    The outputs are:
    --------------- cut -----------------
    > netstat -tap | grep ftp
    tcp 0 0 *:ftp *:* LISTEN 29701/proftpd: (acc


    and

    > ps aux | grep ftp
    nobody 29701 0.0 0.5 5660 2580 ? Ss Apr08 0:00 proftpd: (accepting connections)
    root 11928 0.0 0.2 2204 1024 ? R 09:05 0:00 sh -c (ps aux | grep ftp) 2>&1
    root 11929 0.0 0.2 2204 1040 ? R 09:05 0:00 sh -c (ps aux | grep ftp) 2>&1

    ------------- cut ------------------

    It seems, that the command netstat -tap | grep ftp outputs incomplete data ..
     
  4. falko

    falko Super Moderator

    That's normal.
    FTP seems to be running.
    Is FTP allowed in the firewall? What's the output of
    Code:
    iptables -L
    ? Are there any errors in your logs?
     
  5. wapa17

    wapa17 New Member

    Output of Iptables -L
    --------------------- cut ----------------------
    > iptables -L
    Chain INPUT (policy ACCEPT)
    target prot opt source destination

    Chain FORWARD (policy ACCEPT)
    target prot opt source destination

    Chain OUTPUT (policy ACCEPT)
    target prot opt source destination
    ------------------------ cut ------------------------------

    and yes. ftp is allowed in the firewall ... and it was running before very well, but now I cannot more access FTP neither outside nor locally (and this has something to do with the auto-update..).

    Sometimes I have a strange log in syslog:
    -------------- cut --------------------
    Apr 10 10:30:00 mail proftpd[8538]: mail.myname.net (mail.myname.net [127.0.0.1]) - FTP session opened.
    Apr 10 10:30:00 mail proftpd[8538]: mail.myname.net (mail.myname.net [127.0.0.1]) - invalid CommandBufferSize size (0) given, resetting to default buffer size (512)
    Apr 10 10:30:00 mail proftpd[8538]: mail.myname.net (mail.myname.net [127.0.0.1]) - FTP session closed.
    ----------------cut -----------------------
     
  6. falko

    falko Super Moderator

    What's in /etc/proftpd.conf?
     
  7. wapa17

    wapa17 New Member

    Hi Falko,

    here is the output of /etc/proftpd.conf
    -------------------- cut ----------------------
    > cat /etc/proftpd.conf
    # This is a basic ProFTPD configuration file (rename it to
    # 'proftpd.conf' for actual use. It establishes a single server
    # and a single anonymous login. It assumes that you have a user/group
    # "nobody" and "ftp" for normal operation and anon.

    ServerName "ProFTPD CommerceDAT"
    ServerType standalone
    DefaultServer on

    # Allow FTP resuming.
    # Remember to set to off if you have an incoming ftp for upload.
    AllowStoreRestart off

    # Port 21 is the standard FTP port.
    Port 21

    # Umask 022 is a good standard umask to prevent new dirs and files
    # from being group and world writable.
    Umask 022

    # To prevent DoS attacks, set the maximum number of child processes
    # to 30. If you need to allow more than 30 concurrent connections
    # at once, simply increase this value. Note that this ONLY works
    # in standalone mode, in inetd mode you should use an inetd server
    # that allows you to limit maximum number of processes per service
    # (such as xinetd).
    MaxInstances 30

    # Set the user and group under which the server will run.
    User nobody
    Group nogroup

    # To cause every FTP user to be "jailed" (chrooted) into their home
    # directory, uncomment this line.
    DefaultRoot ~

    # Normally, we want files to be overwriteable.
    AllowOverwrite on

    # Bar use of SITE CHMOD by default
    # <Limit SITE_CHMOD>
    # DenyAll
    # </Limit>

    # Needed for NIS.

    PersistentPasswd off

    # Default root can be used to put users in a chroot environment.
    # As an example if you have a user foo and you want to put foo in /home/foo
    # chroot environment you would do this:
    #
    # DefaultRoot /home/foo foo

    DefaultRoot ~
    IdentLookups off
    ServerIdent on "FTP Server ready."


    Include /etc/proftpd_ispconfig.conf
    --------------------- cut -----------------------------
     
  8. memphis

    memphis New Member

    I have made this too. I upgradet my Proftpd and now ist is no longer runnin. I need some quick help.
    My System is an Debian Sarge System with ISPConfig.

    I can not find anything in my logs.
     
  9. wapa17

    wapa17 New Member

    ..and,.. i forgot:
    the /etc/proftpd_ispconfig.conf:
    -------------------- cut -------------------------
    > cat /etc/proftpd_ispconfig.conf
    ###################################
    #
    # ISPConfig proftpd Configuration File
    # Version 1.0
    #
    ###################################
    DefaultAddress 127.0.0.1
    <VirtualHost 10.0.0.101>
    DefaultRoot ~
    AllowOverwrite on
    Umask 002
    </VirtualHost>
    <VirtualHost 192.168.0.101>
    DefaultRoot ~
    AllowOverwrite on
    Umask 002
    <Anonymous /var/www/web1/ftp>
    User web1_anonftp
    Group web1_anonftp
    UserAlias anonymous web1_anonftp
    UserAlias guest web1_anonftp
    MaxClients 10
    <Directory *>
    <Limit WRITE>
    DenyAll
    </Limit>
    </Directory>
    <Directory /var/www/web1/ftp/incoming>
    Umask 002
    <Limit STOR>
    AllowAll
    </Limit>
    <Limit READ>
    DenyAll
    </Limit>
    </Directory>
    </Anonymous>
    </VirtualHost>
    ----------------------- cut -----------------------
     
  10. falko

    falko Super Moderator

    The configuration looks ok, so it must be a problem with ProFTPd itself. :(
     
  11. wapa17

    wapa17 New Member

    ..Hi falko,

    ..yes.. I think so. I will guard the proftp.conf and downgrade to the original version of the Mandriva 2006 CD ..
     
  12. chjie

    chjie New Member

    A cue for you - the log cheated

    I've just experienced similar thing as you.

    I failed to run "urpmi" with message after updated proftpd.conf:
    But I overlooked the "access denied" and went to check log message, which showed the same strange triplet as you:

    I started snort to check the packets and found it's indeed some "Permission denied" condition.

    So I suggest that you check again the error message in your ftp client. It's quite probable an access permission problem.
     
  13. wapa17

    wapa17 New Member

    FTP - the solucion ?

    Well, as I wrote before I deleted the FTP and installed it again (of course with the config-fies backed up).

    AND YES .. I could access the sites with the built-in FTP-access in the administration-panel. BUT .. ftp-access via Kbear didnt run (OS Linux).

    I gave it a try and installed GFTP .. and YESSS .. it runs ok.

    I did not test it with windows-FTP-clients .. but if there is a connecting-problem I think its worth to try another FTP-client.
     

Share This Page