Installed using the perfect setup here. Web FTP works fine, but normal FTP doesn't With PASV mode on it hangs at the LIST command. Without PASV mode it hangs at the PORT command: COMMAND:> PORT 192,168,1,100,9,238 500 Illegal PORT command STATUS:> Transfer Interrupted the 192.168.1.100 is the address of the pc I'm trying to connect to the server, it's not the server itself. Ports are forwarded and open. Did I forget something? Please help me out.
firewall is off iptables -L gives: Code: Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination
Thats strange as WebFTP uses a normal FTP connection which means that your ftp daemon is generally working. Have you tried to connect from inside your local network with another FTP daemon like smartftp or WS-FTP light?
yes I connected from another pc in the network with FTP Voyager. Do I need to open up more ports on the router for PASV (passive) mode? Now ofcourse 21 is open.
thanks. I run Debian, so SELinux is no option and could not cause an error. Opening port 60000-60005 doesn't help unfortunately.
Opened up 20 as well: with pasv: Code: FTP Voyager - Version 11.0.0.0 STATUS:> Connecting to "ftp.********" on port 21. 220 ProFTPD 1.2.10 Server (Debian) [192.168.1.75] STATUS:> Connected. Logging into the server COMMAND:> USER ******** 331 Password required for ********. COMMAND:> PASS ***** 230 User ********** logged in. STATUS:> Login successful COMMAND:> FEAT 211-Features: 211-MDTM 211-REST STREAM 211-SIZE 211 End STATUS:> Server supports resume COMMAND:> PWD 257 "/" is current directory. COMMAND:> CWD / 250 CWD command successful COMMAND:> TYPE A 200 Type set to A COMMAND:> PASV 227 Entering Passive Mode (192,168,1,75,136,125). STATUS:> Private IP address returned by the server in response to PASV command. STATUS:> Converting private IP address 192.168.1.75 to public IP address ********** COMMAND:> LIST ERROR:> Socket error: Unknown socket error (0) ERROR:> Socket error: Unknown socket error (0) STATUS:> Error sending command "LIST". Reconnecting (send attempt 2)... after LIST nothing happens... without PASV: Code: FTP Voyager - Version 11.0.0.0 STATUS:> Connecting to "ftp.*********" on port 21. 220 ProFTPD 1.2.10 Server (Debian) [192.168.1.75] STATUS:> Connected. Logging into the server COMMAND:> USER ******** 331 Password required for ************. COMMAND:> PASS ********** 230 User ******** logged in. STATUS:> Login successful COMMAND:> FEAT 211-Features: 211-MDTM 211-REST STREAM 211-SIZE 211 End STATUS:> Server supports resume COMMAND:> PWD 257 "/" is current directory. COMMAND:> CWD / 250 CWD command successful COMMAND:> TYPE A 200 Type set to A COMMAND:> PORT 192,168,1,100,14,94 500 Illegal PORT command
So you're trying to connect to your FTP server from within the same local network? Then it's not a router problem... What's in /etc/proftpd.conf?
Inside or outside gives the same result. Protfpd.conf: Code: # # /etc/proftpd.conf -- This is a basic ProFTPD configuration file. # To really apply changes reload proftpd after modifications. # ServerName "Debian" ServerType standalone DeferWelcome off MultilineRFC2228 on DefaultServer on ShowSymlinks on TimeoutNoTransfer 600 TimeoutStalled 600 TimeoutIdle 1200 DisplayLogin welcome.msg DisplayFirstChdir .message ListOptions "-l" DenyFilter \*.*/ DefaultRoot ~ IdentLookups off ServerIdent on "FTP Server ready." # Uncomment this if you are using NIS or LDAP to retrieve passwords: #PersistentPasswd off # Uncomment this if you would use TLS module: #TLSEngine on # Uncomment this if you would use quota module: #Quotas on # Uncomment this if you would use ratio module: #Ratios on # Port 21 is the standard FTP port. Port 21 # To prevent DoS attacks, set the maximum number of child processes # to 30. If you need to allow more than 30 concurrent connections # at once, simply increase this value. Note that this ONLY works # in standalone mode, in inetd mode you should use an inetd server # that allows you to limit maximum number of processes per service # (such as xinetd) MaxInstances 30 # Set the user and group that the server normally runs at. User nobody Group nogroup # Umask 022 is a good standard umask to prevent new files and dirs # (second parm) from being group and world writable. Umask 022 022 # Normally, we want files to be overwriteable. AllowOverwrite on # Delay engine reduces impact of the so-called Timing Attack described in # http://security.lss.hr/index.php?page=details&ID=LSS-2004-10-02 # It is on by default. #DelayEngine off # A basic anonymous configuration, no upload directories. # <Anonymous ~ftp> # User ftp # Group nogroup # # We want clients to be able to login with "anonymous" as well as "ftp" # UserAlias anonymous ftp # # Cosmetic changes, all files belongs to ftp user # DirFakeUser on ftp # DirFakeGroup on ftp # # RequireValidShell off # # # Limit the maximum number of anonymous logins # MaxClients 10 # # # We want 'welcome.msg' displayed at login, and '.message' displayed # # in each newly chdired directory. # DisplayLogin welcome.msg # DisplayFirstChdir .message # # # Limit WRITE everywhere in the anonymous chroot # <Directory *> # <Limit WRITE> # DenyAll # </Limit> # </Directory> # # # Uncomment this if you're brave. # # <Directory incoming> # # # Umask 022 is a good standard umask to prevent new files and dirs # # # (second parm) from being group and world writable. # # Umask 022 022 # # <Limit READ WRITE> # # DenyAll # # </Limit> # # <Limit STOR> # # AllowAll # # </Limit> # # </Directory> # # </Anonymous> Include /etc/proftpd_ispconfig.conf I now notice servername is Debian, but my servername is not Debian but just: server (and hostname is .mydomain.com, but then with my real domain, so my server is: server.mydomain.com)
Code: Restarting ProFTPD ftp daemon.proftpd. .. - Fatal: unknown configuration directive 'ReverseDNS' on line 21 of '/etc/proftpd.conf'. . done. When I start without that line: Code: Restarting ProFTPD ftp daemon.. .. - setting default address to 127.0.0.1 proftpd. done. Does this give any clue?
I have the Same Problem "500 Illegal PORT command" I have openSuse 11 with ISPConfig. (http://www.howtoforge.com/perfect-server-opensuse11) I already tried all of the suggestions you post and the problem is the same. I try to connect with Total Commander. I have another 2 servers with ISPConfig but with Suse 9.3 and everything works fine on it. But... in openSuse 11 don't. Can you help me? PS: With WebFTP from ISPConfig everything works fine; with Joomla works fine too. Please, help me! Thank You!
Sorry for my delay I was in vacantion. Yes, The AppArmor is down. Now, i can connect from my home LAN but from office LAN still can't connect. Thank You for your advice and for all you do for as. Thank You again.
Please check your router settings and make sure that you forwarded theports from your router to your server.