ProFTP Problem

Discussion in 'Installation/Configuration' started by mrjeff, Dec 29, 2005.

  1. mrjeff

    mrjeff New Member


    I followed the Suse 10 ISP setup and am having issues with ProFTP.

    When I try to connect passive with a user web_XX_test it logs in but times out getting the list.

    I do have the allow ftp checkbox checked for the site, and the user is checked as admin.

    this is from /var/log/messages
    Dec 28 22:31:37 server1 proftpd[21587]: ([]) - FTP session opened.
    Dec 28 22:31:37 server1 proftpd[21587]: ([]) - USER webXX_test: Login successful.
    Dec 28 22:31:37 server1 proftpd[21587]: ([]) - SECURITY VIOLATION: Passive connection from rejected.
    Dec 28 22:31:44 server1 proftpd[21474]: ([]) - FTP no transfer timeout, disconnected
    Dec 28 22:31:44 server1 proftpd[21474]: ([]) - FTP session closed.
    My server is in DMZ with no firewall for testing and the ISPConfig Firewall is also off.

    Thanks for any suggestions or help

  2. till

    till Super Moderator Staff Member ISPConfig Developer

    Please have a look at your proftpd.conf, if passive transfer is disabled.
  3. mrjeff

    mrjeff New Member

    Hi till,

    Thank you for responding, I do not see a line with passive transfer in my proftpd.conf file, here is the contents of it.

    # This is a basic ProFTPD configuration file (rename it to 
    # 'proftpd.conf' for actual use.  It establishes a single server
    # and a single anonymous login.  It assumes that you have a user/group
    # "nobody" and "ftp" for normal operation and anon.
    ServerName			"ProFTPD Default Installation"
    ServerType			standalone
    DefaultServer			on
    # Port 21 is the standard FTP port.
    Port				21
    # Umask 022 is a good standard umask to prevent new dirs and files
    # from being group and world writable.
    Umask				022
    # To prevent DoS attacks, set the maximum number of child processes
    # to 30.  If you need to allow more than 30 concurrent connections
    # at once, simply increase this value.  Note that this ONLY works
    # in standalone mode, in inetd mode you should use an inetd server
    # that allows you to limit maximum number of processes per service
    # (such as xinetd).
    MaxInstances			30
    # Set the user and group under which the server will run.
    User				nobody
    Group				nogroup
    # To cause every FTP user to be "jailed" (chrooted) into their home
    # directory, uncomment this line.
    DefaultRoot ~
    IdentLookups off
    ServerIdent on "FTP Server ready."
    # Normally, we want files to be overwriteable.
    AllowOverwrite		on
    # Bar use of SITE CHMOD by default
    # <Limit SITE_CHMOD>
    #  DenyAll
    # </Limit>
    # A basic anonymous configuration, no upload directories.  If you do not
    # want anonymous users, simply delete this entire <Anonymous> section.
    <Anonymous ~ftp>
      User				ftp
      Group				ftp
      # We want clients to be able to login with "anonymous" as well as "ftp"
      UserAlias			anonymous ftp
      # Limit the maximum number of anonymous logins
      MaxClients			10
      # We want 'welcome.msg' displayed at login, and '.message' displayed
      # in each newly chdired directory.
      DisplayLogin			welcome.msg
      DisplayFirstChdir		.message
      # Limit WRITE everywhere in the anonymous chroot
      <Limit WRITE>
    Include /etc/proftpd_ispconfig.conf
  4. falko

    falko Super Moderator Howtoforge Staff

    Have you tried active mode instead of passive mode?
  5. mrjeff

    mrjeff New Member

    Hi falko,

    Yes I have tried active also, and no luck.

    I am able to login and use the Web-FTP interface from ISPConfig.

  6. falko

    falko Super Moderator Howtoforge Staff

    And there's really no firewall? What's the output of
    iptables -L
    Do you maybe have a firewall on your workstation that causes problems?
  7. mrjeff

    mrjeff New Member


    Hi falko,

    My workstation is Mac OSX Tiger and yes its firewall was on.

    I disabled the firewall on the workstation and I can connect with active and passive now.

    Thank you till and falko for your help and a great system!


Share This Page