I made a new server with this how-to: The Perfect Server - Debian 10 (Buster) with Apache, BIND, Dovecot, PureFTPD and ISPConfig 3.1 All works fine but I noticed that if I turn on the ISPConfig firewall with these rules I can't login to FTP anymore. Open TCP ports: 20,21,22,25,53,80,110,143,443,465,587,993,995,3306,8080,8081,10000 Open UDP ports: 53,3306 If firewall it's OFF all works fine. Best regards Alberto
I assume you're using passive mode ftp, if so, what port range are you using for it? cat /etc/pure-ftpd/conf/PassivePortRange add that port range to the firewall.
No such file or directory I'm using ISPConfig from many years without adding any port to firewall rules...
When you want to use the firewall, then you have to configure a passive port range that must match the port range in the firewall. https://www.faqforge.com/linux/cont...ange-in-pure-ftpd-on-denian-and-ubuntu-linux/
it might be set in /etc/pure-ftpd/pure-ftpd.conf active mode only uses port 20 and port 21. so that should work with those rules, whether the firewall is on or not. passive mode needs the publicly accessible ip set (ForcePassiveIP) and the port range (PassivePortRange). it's the only thing that makes sense to not be working with the firewall on given those ports you list. the only other thing I've seen would depend on what ftp client you're using. FileZilla has a bug with TLS 1.3 but I don't see the firewall being on or off making any difference with that.
