FTP not working on new install

[verruckt]

RESOLVED -- FTP not working on new install

I just built a new server recently. On this server, noone can connect by ftp. I have no problems on my other servers with an identical setup. I'm sure this is probably a simple fix, but hell if I have been able to figure it out so far. Here is my proftpd.conf file...

ServerName "ProFTPd"
ServerType standalone

Port 21
UseReverseDNS off
TimeoutLogin 120
TimeoutIdle 600
TimeoutNoTransfer 900
TimeoutStalled 3600

ScoreboardFile /var/run/proftpd/proftpd.pid

TransferLog /var/log/proftpd/xferlog.legacy
LogFormat default "%h %l %u %t \"%r\" %s %b"
LogFormat auth "%v [%P] %h %t \"%r\" %s"
LogFormat write "%h %l %u %t \"%r\" %s %b"

#DON'T modify this log format. Its used by DirectAdmin to determine user usage
LogFormat userlog "%u %b"
ExtendedLog /var/log/proftpd/##.##.###.##.bytes WRITE,READ userlog

AuthUserFile /etc/proftpd.passwd
DefaultServer on

AuthPAM off

<Global>
DeferWelcome on

RequireValidShell no

DefaultRoot ~
DirFakeUser on ftp
DirFakeGroup on ftp

User ftp
Group ftp
#UserAlias anonymous ftp

AllowStoreRestart on
AllowRetrieveRestart on

Umask 022
DisplayLogin welcome.msg
DisplayFirstChdir readme
AllowOverwrite yes
IdentLookups off
ExtendedLog /var/log/proftpd/access.log WRITE,READ write
ExtendedLog /var/log/proftpd/auth.log AUTH auth

#
# Paranoia logging level....
#
#ExtendedLog /var/log/proftpd/paranoid.log ALL default

</Global>

Include /etc/proftpd.vhosts.conf

--------------------------------



Does anyone have any ideas? The message you get when trying to ftp to the server is that the server actively refused the connection. This HAS worked previously. I have logged in as a "user" for a test site, and had no problems. Its been about a week or two, and now nothing.

 

[verruckt]

I have no "active" sites on this server, but do have some test sites etc on there. Would it be possible to re-run setup.sh ???

Or would that wipe out all the /home stuff and account settings that I have up there now?

 

[BigWil]

Are you behind a strong firewall by chance that requires passive connection to the FTP server? If so add your passive ports below the Port 21 like so.

Port 21
PassivePorts 51000 51994

Those passive ports would be defined in your firewall most likely and you would set them accordingly.

Be sure to restart your ProFTPD to pick up the new settings.

Big Wil

 

[verruckt]

Are you behind a strong firewall by chance that requires passive connection to the FTP server? If so add your passive ports below the Port 21 like so.

Port 21
PassivePorts 51000 51994

Those passive ports would be defined in your firewall most likely and you would set them accordingly.

Be sure to restart your ProFTPD to pick up the new settings.

Big Wil

Thanks. Restarted the service is all it took. Overlooking the simplest things will be my downfall one of these days.

 

[damn]

Is that ports 51,000 AND 51,994

OR

ports 51,000 THROUGH TO 51,994??

And is that incomming our outgoing?

 

[BigWil]

It is 51000-51994

Mine is a bridge and firewall so I just have it setup to both directions. Not even sure if it is right but it works. FTP is so darn hard to configure correctly. Here is my ipfw rule.

ipfw add allow tcp from any to any 51000-51994 bridged keep-state

Big Wil

 

[suhailc]

Hi,

Let's revive this year old thread shall we!

I have the following rules in my ipfw.rules:

$cmd 90 allow tcp from any to any 21 in
$cmd 100 allow tcp from any to any 21 out

And in my /etc/proftpd.conf I have the following:

Port 21
PassivePorts 61000 61994

However, I cannot FTP in if I use:

$cmd 300 allow tcp from any to any 61000-61994 bridged

The only way I can FTP in is to explicitly allow the following in ipfw.rules:

$cmd 300 allow tcp from any to any 61000-61994 in

Any advice please?

Regards,
Suhail.

 

[suhailc]

Posted new thread in FreeBSD 6 forum:

http://www.directadmin.com/forum/showthread.php?s=&threadid=15119

Sorry for double post!