FTP not working

[jim.thornton]

I've recently installed DA on CentOS 6.5.

I can use the FTP client if I am connecting through SFTP. However, I'm trying to setup an FTP account for one of the users (and I don't want them to have SSH access).

I've added the user and password into DA but when I try to connect via FileZilla it is failing. I'm not getting an error and the pure-ftp.log file is at 0 bytes.

I've run a search for pure-ftpd.conf and there is no file that is returned. I've searched the /etc directory and there is no conf file there.

There is a conf file there for proftp but when I checked custombuild it shows at ftp=pure-ftp (or something like that).

Can someone please help me get the FTP working on my server?

 

[JohanAtBlueMoon]

I had a problem where I couldn't connect via normal FTP on other accounts, I think it had to do with a missing PassivePorts statement in the proftpd vhosts files and template.

It might help if you post the FileZilla connection log, then we can see at which point the connection fails.

 

[jim.thornton]

The FileZilla connection log can be found here.

It goes all the way through, makes me think it is going to list the directory and then stops and times out.

 

[JohanAtBlueMoon]

I had that same problem with proftpd - your logs show it stops after the following line:

227 Entering Passive Mode

Which means that it can't do Passive FTP. This could be a firewall issue, or there could be something misconfigured in your FTP server. For some people switching to active FTP helps, though that's not really user friendly as this may require their firewall to be configured.

I'm not sure whether you actually have pureftp or not, and I don't know how to solve it for that. You can check which services are running by visiting the Service Monitor in the Admin Level.

If it is proftpd, can you check that the vhost for your IP exists in /etc/proftpd.vhosts.conf? And that it has a PassivePorts entry?

 

[jim.thornton]

DA uses pureftpd with the CB 2.0 and passes the settings through via the command line. I've looked at the script and it is using passive ports 35000:35999 and I have opened those OUTGOING ports on my CSF firewall for both IPV6 and IPV4 connections. I restarted my firewall and still cannot connect via FileZilla. I have gone into the command line and tested and the ports have been successfully opened for outgoing traffic.

Do I need to also open the ports for incoming traffic on those ports??

 

[JohanAtBlueMoon]

It's incoming connections from the client for the FTP data, so I think you should open up incoming traffic.

 

[jim.thornton]

Thanks for the help. I got it working and opened the required INCOMING ports.

Question: Do I need to open TCP and UDP or only TCP?

 

[JohanAtBlueMoon]

I haven't tested it, but the website I linked says "FTP is a TCP based service exclusively.", so TCP should be enough?

 

[nobaloney]

You don't need that question mark at the end . FTP runs over TCP/IP, not over UDP.

I've neer opened any FTP ports for UDP, from my earliest days working manually with firewalls. My early work with the KISS firewall never opened up any UDP ports for FTP.

Jeff