pure-ftpd stopped working after seafile install

Discussion in 'Installation/Configuration' started by nikolaosp, Jan 30, 2015.

  1. nikolaosp

    nikolaosp Member

    Hi all,
    I have a very cuirous problem. For the past year my server has been running perfectly (web/ftp etc). For the past week I do not seem to be able to connect through ftp. The only change I remember doing is inputting in /etc/hosts the line debian.cubecom.gr to enable output for the "hostname -f" that gave me
    "hostname: Name or service not known". The reason i did this was because i wanted to run a seafile server on this server. However, since then whenever i try to connect via ftp the connection just times-out and when i tried https://ftptest.net with an account the answer is : "
    Command: PASV

    Reply: 227 Entering Passive Mode (192,168,1,10,178,234)

    Error: Server returned unroutable private IP address in PASV reply"

    The seafile server worked perfectly btw but my ftp is far more important to me than this.

    Any idea how I can fix this.

    System configuration: Debian wheesy, apache2, pure-ftpd, postfix, ispconfig 3 all configured using the "Perfect server debian wheezy, apache2 etc guide" tutorial.
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    Create a new file


    in this file add your external IP address. Then restart pure-ftpd.
    nikolaosp likes this.
  3. nikolaosp

    nikolaosp Member

    Thanks for your instant reply Till!

    However, I tried what you suggested and still it does not connect. Now it gives me a different error:
    "Error: Carriage return without line feed received"
    This is ton the online FTP check site. Filezilla still refuses to connect.
    i created the file that you suggested and entered on the first line my external ip address without any carriage returns or spaces. Is that correct?


    Edit: i remembered just now that 4-5 days ago, there was an update on mysql and that did not work and i had to change the script that i created to start the seafile server to give it priority as it had none. It is probably irrelevant but i thougth i'd mention it
  4. till

    till Super Moderator Staff Member ISPConfig Developer

    you can see if its correct when you restart pure-ftpd. If your external IP is e.g. then you should see:


    in the start line of pure-ftpd.
  5. nikolaosp

    nikolaosp Member

    i erased the forcepassiveip file and restarted and now i can connect through my internal network but not from outside. I mean that if i use it works but with (my ext ip that is) it doesn't .
  6. till

    till Super Moderator Staff Member ISPConfig Developer

    When you want to use FTP from outside, then you have to set the ForcePassiveIP as pure-ftpd will show your internal IP to the client without it and the connect then fails.
  7. nikolaosp

    nikolaosp Member

    Why does it work when the forcepassiveip is off and it doesn't with it on? My router has nat loopback and apache works with no problem. What i mean is that if i enter my ext ip to a browser it gives me my websites. When i try to connect my ftp with the ext ip it does not work. Is there anything to look for in this case?
    Needless to say that this worked up to 3-4 days ago.

    What it looks like is that my ftp server does not listen to outside requests. My port forwarding is correct btw as i can see that the port is open and accepting connections.
  8. nikolaosp

    nikolaosp Member

    Hi again,
    i created a file in /etc/pure-ftpd/conf/PassivePortRange with port numbers 60000:61000 and i restarted the service. It worked both from the LAN and from outside, and from my pc inside the LAN it worked by using the ext IP.

    I proceeded to reboot and after the server rebooted it stopped responding to the external ip and has not worked since. I rebooted my router,switches and everything else and still no joy.
    I double checked my firewall, port forwarding and it is all correct. When i try to connect, with the ext ip, it looks like it is not receiving the request at all and the connection times-out.

    What in the name of God is going on eludes me. Any ideas?
  9. nikolaosp

    nikolaosp Member

    It appears that the culprit behind this is fail2ban. For no apparent reason it stops allowing connections from the outside world. As soon as I restart fail2ban, it works for some time and the same happens all over again... What is going on here? I haven't changed anything in fail2ban, it is version 0.8.13 and the funny thinf is that in jail.conf pure-ftpd is on enable = false.

  10. till

    till Super Moderator Staff Member ISPConfig Developer

    Check the fail2ban.log which service is causing the ban. Fail2ban ca not work on servers that are behind a NAT router as all request originate from this router, so fail2ban will ban the address of the router.
  11. nikolaosp

    nikolaosp Member

    So is there any way that we can use such a service behind a nat router?
  12. till

    till Super Moderator Staff Member ISPConfig Developer

    Fail2ban oe similar software that detecs attacks based on the source IP wont work behind NAT.

Share This Page