Hi all I have a problem with anonymus ftp.when i try to connect with smartftp and windows as anonymus and i get this error. I have enable the anonymus ftp in ispconfig and because i can connect to my user ftp i believe that my firewall settings r ok. i have the same problem with both internal and external ip's . ftp://wrl.homelinux.com 220 FTP Server ready. [12:26:19] USER anonymous [12:26:19] 331 Password required for anonymous. [12:26:19] PASS (hidden) [12:26:19] 530 Login incorrect. My web9_nikolis ftp with password is working with no problems the proftpd_ispconfig.conf output is: ################################### # # ISPConfig proftpd Configuration File # Version 1.0 # ################################### <VirtualHost 10.10.64.164> DefaultRoot ~ AllowOverwrite on Umask 002 <Anonymous /var/www/web9/ftp> User web9_anonftp Group web9_anonftp UserAlias anonymous web9_anonftp UserAlias guest web9_anonftp MaxClients 10 <Directory *> <Limit WRITE> DenyAll </Limit> </Directory> <Directory /var/www/web9/ftp/incoming> Umask 002 <Limit STOR> AllowAll </Limit> <Limit READ> DenyAll </Limit> </Directory> </Anonymous> </VirtualHost> and the proftpd.conf output is : # This is the ProFTPD configuration file # $Id: proftpd.conf,v 1.1 2004/02/26 17:54:30 thias Exp $ ServerName "ProFTPD server" ServerIdent on "FTP Server ready." ServerAdmin root@localhost ServerType standalone #ServerType inetd DefaultServer on AccessGrantMsg "User %u logged in." #DisplayConnect /etc/ftpissue #DisplayLogin /etc/ftpmotd #DisplayGoAway /etc/ftpgoaway DeferWelcome off # Use this to excude users from the chroot DefaultRoot ~ !adm # Use pam to authenticate (default) and be authoritative AuthPAMConfig proftpd AuthOrder mod_auth_pam.c* mod_auth_unix.c # Do not perform ident nor DNS lookups (hangs when the port is filtered) IdentLookups off UseReverseDNS off # Port 21 is the standard FTP port. Port 21 # Umask 022 is a good standard umask to prevent new dirs and files # from being group and world writable. Umask 022 # Default to show dot files in directory listings ListOptions "-a" # See Configuration.html for these (here are the default values) #MultilineRFC2228 off #RootLogin off #LoginPasswordPrompt on #MaxLoginAttempts 3 #MaxClientsPerHost none #AllowForeignAddress off # For FXP # Allow to resume not only the downloads but the uploads too AllowRetrieveRestart on AllowStoreRestart on # To prevent DoS attacks, set the maximum number of child processes # to 30. If you need to allow more than 30 concurrent connections # at once, simply increase this value. Note that this ONLY works # in standalone mode, in inetd mode you should use an inetd server # that allows you to limit maximum number of processes per service # (such as xinetd) MaxInstances 20 # Set the user and group that the server normally runs at. User nobody Group nobody # This is where we want to put the pid file ScoreboardFile /var/run/proftpd.score # Normally, we want users to do a few things. <Global> AllowOverwrite yes <Limit ALL SITE_CHMOD> AllowAll </Limit> </Global> # Define the log formats LogFormat default "%h %l %u %t \"%r\" %s %b" LogFormat auth "%v [%P] %h %t \"%r\" %s" # TLS # Explained at http://www.castaglia.org/proftpd/modules/mod_tls.html #TLSEngine on #TLSRequired on #TLSRSACertificateFile /etc/pki/tls/certs/proftpd.pem #TLSRSACertificateKeyFile /etc/pki/tls/certs/proftpd.pem #TLSCipherSuite ALL:!ADH:!DES #TLSOptions NoCertRequest #TLSVerifyClient off ##TLSRenegotiate ctrl 3600 data 512000 required off timeout 300 #TLSLog /var/log/proftpd/tls.log # SQL authentication Dynamic Shared Object (DSO) loading # See README.DSO and howto/DSO.html for more details. #<IfModule mod_dso.c> # LoadModule mod_sql.c # LoadModule mod_sql_mysql.c # LoadModule mod_sql_postgres.c #</IfModule> # A basic anonymous configuration, with an upload directory. #<Anonymous ~ftp> # User ftp # Group ftp # AccessGrantMsg "Anonymous login ok, restrictions apply." # # # We want clients to be able to login with "anonymous" as well as "ftp" # UserAlias anonymous ftp # # # Limit the maximum number of anonymous logins # MaxClients 10 "Sorry, max %m users -- try again later" # # # Put the user into /pub right after login # #DefaultChdir /pub # # # We want 'welcome.msg' displayed at login, '.message' displayed in # # each newly chdired directory and tell users to read README* files. # DisplayLogin /welcome.msg # DisplayFirstChdir .message # DisplayReadme README* # # # Some more cosmetic and not vital stuff # DirFakeUser on ftp # DirFakeGroup on ftp # # # Limit WRITE everywhere in the anonymous chroot # <Limit WRITE SITE_CHMOD> # DenyAll # </Limit> # # # An upload directory that allows storing files but not retrieving # # or creating directories. # <Directory uploads/*> # AllowOverwrite no # <Limit READ> # DenyAll # </Limit> # # <Limit STOR> # AllowAll # </Limit> # </Directory> # # # Don't write anonymous accesses to the system wtmp file (good idea!) # WtmpLog off # # # Logging for the anonymous transfers # ExtendedLog /var/log/proftpd/access.log WRITE,READ default # ExtendedLog /var/log/proftpd/auth.log AUTH auth # #</Anonymous> DefaultRoot ~ Include /etc/proftpd_ispconfig.conf
I did but i got this message trying to connect with smartftp so i turn the default server back on . [08:43:11] SmartFTP v2.0.996.25 [08:43:11] Resolving host name "10.10.64.164" [08:43:11] Connecting to 10.10.64.164 Port: 21 [08:43:11] Connected to 10.10.64.164. [08:43:11] 500 Sorry, no server available to handle request on ::ffff:10.10.64.164 [08:43:11] Cannot login waiting to retry (30s)... [08:43:11] Server closed connection nikolis
[root@wrl ~]# netstat -tap Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address Stat e PID/Program name tcp 0 0 *:48868 *:* LIST EN 1618/rpc.statd tcp 0 0 *:mysql *:* LIST EN 1945/mysqld tcp 0 0 *:sunrpc *:* LIST EN 1600/portmap tcp 0 0 *:hosts2-ns *:* LIST EN 11725/ispconfig_htt tcp 0 0 10.10.64.164:domain *:* LIST EN 21310/named tcp 0 0 localhost.localdomai:domain *:* LIST EN 21310/named tcp 0 0 localhost.localdomain:ipp *:* LIST EN 1823/cupsd tcp 0 0 *:smtp *:* LIST EN 18508/master tcp 0 0 localhost.localdomain:rndc *:* LIST EN 21310/named tcp 0 0 *:imaps *:* LIST EN 1970/dovecot tcp 0 0 *op3s *:* LIST EN 1970/dovecot tcp 0 0 *op3 *:* LIST EN 1970/dovecot tcp 0 0 *:imap *:* LIST EN 1970/dovecot tcp 0 0 *:http *:* LIST EN 11750/httpd tcp 0 0 *:ftp *:* LIST EN 9412/proftpd: (acce tcp 0 0 *:ssh *:* LIST EN 1841/sshd tcp 0 0 localhost:rndc *:* LIST EN 21310/named tcp 0 0 *:https *:* LIST EN 11750/httpd tcp 0 0 ::ffff:10.10.64.164:ssh ::ffff:10.10.64.:seagulllms ESTA BLISHED 31453/0 tcp 0 932 ::ffff:10.10.64.164:ssh ::ffff:10.10:isoipsigport-1 ESTA BLISHED 31552/1 [root@wrl ~]# iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination the path cd /var/log/proftpd is empty no error logs there
Can you change Code: ################################### # # ISPConfig proftpd Configuration File # Version 1.0 # ################################### <VirtualHost 10.10.64.164> DefaultRoot ~ AllowOverwrite on Umask 002 <Anonymous /var/www/web9/ftp> User web9_anonftp Group web9_anonftp UserAlias anonymous web9_anonftp UserAlias guest web9_anonftp MaxClients 10 <Directory *> <Limit WRITE> DenyAll </Limit> </Directory> <Directory /var/www/web9/ftp/incoming> Umask 002 <Limit STOR> AllowAll </Limit> <Limit READ> DenyAll </Limit> </Directory> </Anonymous> </VirtualHost> to Code: ################################### # # ISPConfig proftpd Configuration File # Version 1.0 # ################################### [B][COLOR="Red"]DefaultAddress 127.0.0.1[/COLOR][/B] <VirtualHost 10.10.64.164> DefaultRoot ~ AllowOverwrite on Umask 002 <Anonymous /var/www/web9/ftp> User web9_anonftp Group web9_anonftp UserAlias anonymous web9_anonftp UserAlias guest web9_anonftp MaxClients 10 <Directory *> <Limit WRITE> DenyAll </Limit> </Directory> <Directory /var/www/web9/ftp/incoming> Umask 002 <Limit STOR> AllowAll </Limit> <Limit READ> DenyAll </Limit> </Directory> </Anonymous> </VirtualHost> in /etc/proftpd_ispconfig.conf and restart Proftpd?
no , no luck sould i add a virual ip and set that up for the anonymus ftp..ill try that and ill post results. tnx nikolis
still same problem with the virual ip even tryed to to use it as a defaultaddress (virtual ip) anwell as 127.0.0.1 nothing... ftp://wrl.homelinux.com [10:53:23] Connected to 10.10.64.165. [10:53:23] 220 Welcomme to my Ftp Server. Enjoy! [10:53:23] USER anonymous [10:53:23] 331 Password required for anonymous. [10:53:23] PASS (hidden) [10:53:23] 530 Login incorrect. [10:53:23] Active Help: http://www.smartftp.com/support/kb/index.php/51 [10:53:27] Server closed connection
Can you add the DefaultAddress line to /etc/proftpd_ispconfig.conf and /root/ispconfig/isp/conf/proftpd_ispconfig.conf.master and restart Proftpd and try again?
I added : ################################### # # ISPConfig proftpd Configuration File # Version 1.0 # ################################### DefaultAddress 127.0.0.1 <!-- BEGIN DYNAMIC BLOCK: vhost --> DefaultAddress 127.0.0.1 <VirtualHost {IP}> DefaultRoot ~ AllowOverwrite on Umask 002 {ANON_FTP} </VirtualHost> <!-- END DYNAMIC BLOCK: vhost --> and ################################### # # ISPConfig proftpd Configuration File # Version 1.0 # ################################### DefaultAddress 127.0.0.1 <VirtualHost 10.10.64.164> DefaultRoot ~ AllowOverwrite on Umask 002 <Anonymous /var/www/web9/ftp> User web9_anonftp Group web9_anonftp UserAlias anonymous web9_anonftp UserAlias guest web9_anonftp MaxClients 10 <Directory *> <Limit WRITE> DenyAll </Limit> </Directory> <Directory /var/www/web9/ftp/incoming> Umask 002 <Limit STOR> AllowAll </Limit> <Limit READ> DenyAll </Limit> </Directory> </Anonymous> </VirtualHost> with no luck! it seems to be a some sort of authentication/authorisation mix up with the anonymus ftp. tnx nikolis
the user web9 root there is a .htpassword file that contains the following web9_anonftp:!!web9_nikolis:}somethingsomething does this create the problem? tnx
No, at least not for ProFTPD. It might be a problem for Apache. Do you get any error messages when you restart ProFTPD?
eth0 Link encap:Ethernet HWaddr 00:14:85:C7:A8:9D inet addr:10.10.64.164 Bcast:10.10.64.255 Mask:255.255.255.0 inet6 addr: fe80::214:85ff:fec7:a89d/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:21843 errors:0 dropped:0 overruns:0 frame:0 TX packets:24062 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:2270168 (2.1 MiB) TX bytes:11154183 (10.6 MiB) Interrupt:18 Base address:0xa800 eth0:0 Link encap:Ethernet HWaddr 00:14:85:C7:A8:9D inet addr:10.10.64.165 Bcast:10.10.64.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 Interrupt:18 Base address:0xa800 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:8680 errors:0 dropped:0 overruns:0 frame:0 TX packets:8680 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:2835038 (2.7 MiB) TX bytes:2835038 (2.7 MiB) and Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 *:45926 *:* LISTEN 1625/rpc.statd tcp 0 0 *:mysql *:* LISTEN 1955/mysqld tcp 0 0 *:sunrpc *:* LISTEN 1607/portmap tcp 0 0 *:hosts2-ns *:* LISTEN 11753/ispconfig_htt tcp 0 0 10.10.64.165:domain *:* LISTEN 21498/named tcp 0 0 10.10.64.164:domain *:* LISTEN 21498/named tcp 0 0 localhost.localdomai:domain *:* LISTEN 21498/named tcp 0 0 localhost.localdomain:ipp *:* LISTEN 1830/cupsd tcp 0 0 *:smtp *:* LISTEN 32329/master tcp 0 0 localhost.localdomain:rndc *:* LISTEN 21498/named tcp 0 0 *:imaps *:* LISTEN 1977/dovecot tcp 0 0 *op3s *:* LISTEN 1977/dovecot tcp 0 0 *op3 *:* LISTEN 1977/dovecot tcp 0 0 *:imap *:* LISTEN 1977/dovecot tcp 0 0 *:http *:* LISTEN 11911/httpd tcp 0 0 *:ftp *:* LISTEN 22802/proftpd: (acc tcp 0 0 *:ssh *:* LISTEN 1848/sshd tcp 0 0 localhost:rndc *:* LISTEN 21498/named tcp 0 0 *:https *:* LISTEN 11911/httpd tcp 0 0 ::ffff:10.10.64.164:ssh ::ffff:10.10.64.162:sacred ESTABLISHED 15285/0 tnx nikolis
Which IP address do you use to connect to your FTP server for anonymous login? 10.10.64.164 or 10.10.64.165? Are there entries for both IP addresses in /etc/proftpd_ispconfig.conf? Did you enable anonymous FTP for both IP addresses?
the 10.10.64.164 is the ip of the main site of my server and anonymus ftp is enabled from the ispconfig panel. i created a virtual 10.10.64.165 ip address to test if the anonymus ftp is will work there but i get the same result. yes, both entries are in the /etc/proftpd_ispconfig.conf i heve no error log files in /var/log/proftpd actualy there are no files the at all. Were else can they be hiding? Ps if that gives you any clues, in my previus installations i had the same problem. im sick of reinstalling the whole server every time i get stuck somewere . I would like to figure out what is the problem.. thx for your time nikolis ################################### # # ISPConfig proftpd Configuration File # Version 1.0 # ################################### DefaultAddress 127.0.0.1 DefaultAddress 127.0.0.1 <VirtualHost 10.10.64.164> DefaultRoot ~ AllowOverwrite on Umask 002 <Anonymous /var/www/web9/ftp> User web9_anonftp Group web9_anonftp UserAlias anonymous web9_anonftp UserAlias guest web9_anonftp MaxClients 10 <Directory *> <Limit WRITE> DenyAll </Limit> </Directory> <Directory /var/www/web9/ftp/incoming> Umask 002 <Limit STOR> AllowAll </Limit> <Limit READ> DenyAll </Limit> </Directory> </Anonymous> </VirtualHost> DefaultAddress 127.0.0.1 <VirtualHost 10.10.64.165> DefaultRoot ~ AllowOverwrite on Umask 002 <Anonymous /var/www/web12/ftp> User web12_anonftp Group web12_anonftp UserAlias anonymous web12_anonftp UserAlias guest web12_anonftp MaxClients 10 <Directory *> <Limit WRITE> DenyAll </Limit> "proftpd_ispconfig.conf" [noeol] 61L, 1909C
You need Code: DefaultAddress 127.0.0.1 only once in your configuration. What address do you use in your FTP client? IP addresses or domain names?
You need Code: DefaultAddress 127.0.0.1 ok ill do that. What address do you use in your FTP client? IP addresses or domain names? I'm using any posible combination ftp://10.10.64.164 , ftp://wrl.homelinux.com ftp://my.public.ip. same problem all the time tnx
Don't use ftp:// in your FTP client! Just use 10.10.64.164 or wrl.homelinux.com or my.public.ip without the ftp://.
