Hi, is there any more new on release dates/timeframes for: ispconfig 3.1 billing module 1.4 domain registration module ? shop? also, any ideas on a timeframe for when full support for proftpd will be included in ispconfig? I've got it working using the instructions here: https://www.howtoforge.com/community/threads/proftpd-for-ispconfig-3-tutorial-debian.52760/ on a standalone test server. had to make some changes to this part in ftp_user_edit.php $uid = $userinfo['uid']; $gid = $userinfo['gid']; to $uid = $app->db->quote($userinfo['uid']); $gid = $app->db->quote($userinfo['gid']); to get it to work, but you mention in there that: $userinfo = posix_getpwnam($web["system_user"]); won't work on a multi-server system, which is what I'm trying to set up. I'm more than happy to use pure-ftpd, but I can't get it working behind an haproxy load-balancer, I keep getting : Command: PORT 192,168,0,28,24,0 Response: 500 I won't open a connection to 84.45.154.103 (only to 192.168.51.2) Error: Failed to retrieve directory listing where 192.168.51.2 is the load-balancers internal ip. I'm unable to get past this problem with pure-ftpd, but proftpd works fine behind the same load balancer.
Thats most likely a passive port problem or a problem with the passive IP. See pure-ftpd config option PassivePortRange and ForcePassiveIP.
I've already created the files for those settings, file: ForcePassiveIP contents: 149.5.110.135 file: PassivePortRange contents: 6100 6200 haproxy listener: listenFTP bind149.5.110.135:21 mode tcp bind-process 1 option tcplog balance leastconn serverftp-01192.168.51.21:21send-proxy check iptables rules on the load balancer: -A PREROUTING -d149.5.110.135/32-p tcp -m tcp --dport 6100:6200 -j DNAT --to-destination 192.168.51.21 -A POSTROUTING -s192.168.51.21/32-j SNAT --to-source 149.5.110.135 proftpd.conf file relevant settings: DefaultAddress 192.168.51.21 PassivePorts 6100 6200 MasqueradeAddress 149.5.110.135 AllowForeignAddress on as I said, works with proftpd, doesn't with pure-ftpd, I can't find anything wrong in any of the configuration settings. this problem is the only thing stopping me taking the ispconfig setup live. the only other thing is the domain registration module, which would be nice to have already, but I can cope without that.
If you are sure all your ports are open and you are using Filezilla, try to use WinSCP. Sometimes this software does work.
ok, it's getting weird now. i'm not getting the same error as before, even though nothing's been changed. some context: i have 8 webservers, with apache, without pure-ftpd i have 2 ftp severs, with pure-ftpd, without apache. all are configured in ispconfig as webservers and fileservers (ftp) the ftp servers, and webservers 2-8 are configured as mirrors of webserver1. the webservers have the ip's 192.168.51.61-68 (eth1) the ftp servers have the ip's 192.168.51.21-22 (eth1) eth0 on all servers are 192.168.60.* mounting an ocfs2 partition from the iscsitarget 192.168.60.4 now when the ftp servers boot up, i keep seeing in /var/log/syslog Jun 22 14:36:01 ftp-02 pure-ftpd: (?@?) [ERROR] Unable to identify the local socket: Transport endpoint is not connected this repeats every 2 seconds. no idea how or why this is happening, there's nothing else using the ip/port. if i change the ip's of the ftp servers to 192.168.51.23-24 these messages stop. i've also tried removing the listener and iptables rules from the load balancer, which are the only things referencing these ip's, but that made no difference Jun 22 13:29:23 ftp-02 pure-ftpd: ([email protected]) [INFO] New connection from 192.168.40.151 Jun 22 13:29:26 ftp-02 pure-ftpd: ([email protected]) [DEBUG] Command [user] [scl ] Jun 22 13:29:31 ftp-02 pure-ftpd: ([email protected]) [DEBUG] Command [pass] [<*> ] Jun 22 13:29:35 ftp-02 pure-ftpd: ([email protected]) [WARNING] Authentication failed for user [scl] now i just can't authenticate any users. i've tried logging in from in front of the load balancer, from the load balancer, from behind the load balancer, from one ftpserver to the other, from a vpn assigned ip. all the same: authentication failed. the server does have the user info though, from the dbispconfig database on ftp-02 (server_id: 21) ftp-01 contains the same data with server_id: 10 mysql> select * from dbispconfig.ftp_user\G *************************** 1. row *************************** ftp_user_id: 2 sys_userid: 1 sys_groupid: 2 sys_perm_user: riud sys_perm_group: riud sys_perm_other: server_id: 21 parent_domain_id: 3 username: scl username_prefix: password: $1$D7fEIGbo$qAJnWTmCRW1s2dbauXpe91 quota_size: -1 active: y uid: web3 gid: client1 dir: /var/www/clients/client1/web3 quota_files: -1 ul_ratio: -1 dl_ratio: -1 ul_bandwidth: -1 dl_bandwidth: -1 expires: 0000-00-00 00:00:00
ok. got somewhere now. it seems that not having apache installed on the ftp servers, even though ispconfig was told it was a webserver, it didn't create the settings in group and passwd. and the socket error was due to a rogue instance of haproxy still running on the load-balancer keeping a connection open. i can login now, i've tested over a vpn connection to the firewall, so i've connected directly to the ftp server on the 1st attempt, so i know the ftp server is working ok. the problem is connecting through the load balancer, 2nd set of logs below, the ftp server doesn't like the change in ip. so i can't get a data connection. the same load-balancer listener configuration works fine when using pro-ftpd as the ftp-server. D:\>ftp 192.168.51.22 Connected to 192.168.51.22. 220---------- Welcome to Pure-FTPd [privsep] [TLS] ---------- 220-You are user number 3 of 50 allowed. 220-Local time is now 15:25. Server port: 21. 220-This is a private system - No anonymous login 220-IPv6 connections are also welcome on this server. 220 You will be disconnected after 15 minutes of inactivity. User (192.168.51.22none)): scl_ftp 331 User scl_ftp OK. Password required Password: 230 OK. Current restricted directory is / ftp> ls 200 PORT command successful 150 Connecting to port 48667 . .. cgi-bin log private ssl tmp web webdav 226-Options: -a 226 9 matches total ftp: 53 bytes received in 0.03Seconds 1.77Kbytes/sec. Jun 23 15:25:17 ftp-02 pure-ftpd: ([email protected]) [INFO] New connection from 192.168.40.151 Jun 23 15:25:21 ftp-02 pure-ftpd: ([email protected]) [DEBUG] Command [user] [scl_ftp] Jun 23 15:25:23 ftp-02 pure-ftpd: ([email protected]) [DEBUG] Command [pass] [<*>] Jun 23 15:25:23 ftp-02 pure-ftpd: ([email protected]) [INFO] scl_ftp is now logged in Jun 23 15:25:26 ftp-02 pure-ftpd: ([email protected]) [DEBUG] Command [port] [192,168,40,151,190,27] Jun 23 15:25:26 ftp-02 pure-ftpd: ([email protected]) [DEBUG] Command [nlst] [] Jun 23 15:25:31 ftp-02 pure-ftpd: ([email protected]) [DEBUG] Command [quit] [] Jun 23 15:25:31 ftp-02 pure-ftpd: ([email protected]) [INFO] Logout. D:\>ftp 149.5.110.135 Connected to 149.5.110.135. 220---------- Welcome to Pure-FTPd [privsep] [TLS] ---------- 220-You are user number 3 of 50 allowed. 220-Local time is now 15:26. Server port: 21. 220-This is a private system - No anonymous login 220-IPv6 connections are also welcome on this server. 220 You will be disconnected after 15 minutes of inactivity. User (149.5.110.135none)): scl_ftp 331 User scl_ftp OK. Password required Password: 230 OK. Current restricted directory is / ftp> ls 500 I won't open a connection to 192.168.40.151 (only to 192.168.51.2) 425 No data connection ftp> ftp> bye 221-Goodbye. You uploaded 0 and downloaded 0 kbytes. 221 Logout. Jun 23 15:26:26 ftp-02 pure-ftpd: ([email protected]) [INFO] New connection from 192.168.51.2 Jun 23 15:26:29 ftp-02 pure-ftpd: ([email protected]) [DEBUG] Command [user] [scl_ftp] Jun 23 15:26:32 ftp-02 pure-ftpd: ([email protected]) [DEBUG] Command [pass] [<*>] Jun 23 15:26:32 ftp-02 pure-ftpd: ([email protected]) [INFO] scl_ftp is now logged in Jun 23 15:26:36 ftp-02 pure-ftpd: ([email protected]) [DEBUG] Command [port] [192,168,40,151,190,41] Jun 23 15:26:36 ftp-02 pure-ftpd: ([email protected]) [DEBUG] Command [nlst] []