Proftpd (FTP) connects but shows no directories

Awd

Awd

Verified User
Joined
Aug 9, 2015
Messages
270
Hi,

I have a strange problem. After update centos 7 (yum update) I can connect to FTP server (proftpd) , but it shows nothing, no directories no files....? Failed to retrieve directory listing...

I thought that normally yum update does not effect Directadmin files. I checked before yum update the yum config file (
exclude=apache* httpd* mod_* mysql* MySQL* mariadb* da_* *ftp* exim* sendmail* php* bind-chroot*

Anyone suggestions where to look?

Kind regards, Fred
 
Solved, I added range ports 35000 and 35999 to CSF and now it is working. Why something changed during the yum update, I have no idea?
 
Hello,

Updates with yum hardly could change CSF or ProFTPd settings. So it might be something else different, for example your IP changed. As when you installed CSF/LFD (if you are the person who did it) your IP got into whitelist of CSF and you could connect to any port on your server, and now if your IP changed you could connect only to a list of allowed ports.
 
Or something changed at your home provider. So you first was able to connect to port 21 and did not need PASV mode, and now you do.

your IP got into whitelist of CSF and you could connect to any port on your server
Click to expand...
No that's not correct. The whitelisting does not enable you to connect to any port, it only prevents you from being blocked by CSF/LFD. But if a ports is closed, even with a whitelisted ip you won't be able to connect to it.
 
An IP of your current SSH-connection is added by CSF/LFD into its whitelist at the moment of an installation, which is located in /etc/csf/csf.allow

You can see it with:

Code: 
[root@host csf]# grep SSH /etc/csf/csf.allow
37.xxx.xxx.xxx # csf SSH installation/upgrade IP address - Mon Mar 20 21:06:20 2017
[root@host csf]#

and that IP will have no restrictions on connections to the server. Sure a service should be listening connections on the port to which you want to connect.
 
Last edited:
Ah sorry, yes that is correct, there is a seperate iptables line created for the ip's in the csf.allow file which gives access to everything.
I was thinking about the csf.ignore file, but the allow is the whitelisting file indeed.
 
You must log in or register to reply here.
Back
Top