Issue with ispconfig 3.1.7, Debian 9, ufw and ftp passive

Discussion in 'Installation/Configuration' started by maumar, Oct 26, 2017.

  1. maumar

    maumar Member HowtoForge Supporter

    Hi
    in a fresh ispconfig install, after enabled ufw with suggested tcp ports, ftp does not work with passive, it works only in active mode.

    Pureftpd is configured as default, no
    echo "40000 65535" > PassivePortRange
    still done.

    I would know which do you suggest as best practice in this case to solve the issue.
    Best Regards
     
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    It might be necessary that you set the passive IP as well:

    echo "YOUR_EXTERNAL_IP_HERE" > /etc/pure-ftpd/conf/ForcePassiveIP
     
  3. maumar

    maumar Member HowtoForge Supporter

    Hello
    I have server with public ip, I would know if I can add custom rules to ufw firewall that will be nont overwritte by ispconfig
    Best Regards
     
  4. till

    till Super Moderator Staff Member ISPConfig Developer

    Yes, you can do that. But when you refer to the passive port range, you can configure the range in UFW directly from within ISPConfig.
     
  5. maumar

    maumar Member HowtoForge Supporter

    I have found documentation and forum posts about Bastille custom rules, but I have found nothing about ufw custom rules. I need to close ssh 22 standard port to everything, lettin it open to my company ip, for example.
    Do you support custom rules? If not, what is the best practice to handle exceptions?
    Best Regards
     
  6. till

    till Super Moderator Staff Member ISPConfig Developer

    You can add custom rules to ufw with the normal ufw commands on the shell.
     

Share This Page