Page 1 of 2 12 LastLast
Results 1 to 10 of 18

Thread: cant access ftp

  1. #1

    cant access ftp

    Hi guys ;D

    well I have been trying to get proftpd to work and it does, when I access it from my home network but when I try from ourside I only get as far as asking for a username/password and after that nothing happens. I have also changed the port form 21 to 8021 (ISP blocks 21) I don't know why I can get gnump3d to work and a friend (same isp) was able to get a site up and running.

    so I have used dnydns and even specified the port and as ftp:// insted of http://.

    I am also behind a linksys router and I forewarded the ports to the right ip.

    TIA

  2. #2

    Re:cant access ftp

    If you nmap your box from outside, does the port appears open?

  3. #3
    Senior Member
    Join Date
    May 2001
    Posts
    411

    Re:cant access ftp

    Check out my post at http://www.linuxjunior.org/yabbse/in...threadid=10510.

    I can access proftpd from outside the firewall with no problems. Note that you need to open up a range of ports for passive FTP (e.g., 65000 to 65535) and use passive FTP on the client side.

  4. #4

    Re:cant access ftp

    hey, I tried that and I still doenst want to work I foreward all the ports in my router...i'll post my proftpd.conf in a bit when I get home.

  5. #5
    Senior Member
    Join Date
    May 2001
    Posts
    411

    Re:cant access ftp

    A quick way to find out if it's your router or your server that's not quite right, put your FTP box in the DMZ of your router. If that works, you don't have your router set up properly. If not, then your proftpd.conf or your FTP directories are not set up properly.

    Here is my proftpd.conf file (adjust to taste):

    # This is a basic ProFTPD configuration file (rename it to
    # 'proftpd.conf' for actual use. It establishes a single server
    # and a single anonymous login. It assumes that you have a user/group
    # "nobody" and "ftp" for normal operation and anon.
    ServerTypestandalone
    DefaultServeron

    # Allow FTP resuming.
    # Remember to set to off if you have an incoming ftp for upload.
    AllowStoreRestarton

    # Umask 022 is a good standard umask to prevent new dirs and files
    # from being group and world writable.
    Umask022

    # To prevent DoS attacks, set the maximum number of child processes
    # to 30. If you need to allow more than 30 concurrent connections
    # at once, simply increase this value. Note that this ONLY works
    # in standalone mode, in inetd mode you should use an inetd server
    # that allows you to limit maximum number of processes per service
    # (such as xinetd).
    MaxInstances30

    # To cause every FTP user to be "jailed" (chrooted) into their home
    # directory, uncomment this line.
    #DefaultRoot ~

    # Normally, we want files to be overwriteable.
    AllowOverwriteon

    # Bar use of SITE CHMOD by default
    <Limit SITE_CHMOD>
    DenyAll
    </Limit>

    # Needed for NIS.

    PersistentPasswd off

    # A basic anonymous configuration, no upload directories.
    # Allow masquerading and use of port 8889 from Internet.
    MasqueradeAddressscubadoo.kicks-ass.org
    PassivePorts60000 65535
    Port8889

    <Anonymous ~ftp>
    Userftp
    Groupftp
    # We want clients to be able to login with "anonymous" as well as "ftp"
    UserAliasanonymous ftp

    # Limit the maximum number of anonymous logins
    MaxClients10

    # Don't make it require a valid password or shell.
    RequireValidShelloff
    AnonRequirePasswordoff

    # Limit WRITE everywhere in the anonymous chroot
    <Limit WRITE>
    DenyAll
    </Limit>
    </Anonymous>

  6. #6

    Re:cant access ftp

    Hi. I put it on the DMZ but I still cant get it to work.

    here is my proftpd.conf

    Code:
    #
    # /etc/proftpd.conf -- This is a basic ProFTPD configuration file.
    # To really apply changes reload proftpd after modifications.
    # 
    
    ServerName"ImpactMusic"
    ServerTypestandalone
    DeferWelcomeoff
    
    MultilineRFC2228on
    DefaultServeron
    ShowSymlinkson
    
    TimeoutNoTransfer600
    TimeoutStalled600
    TimeoutIdle1200
    
    DisplayLogin                    welcome.msg
    DisplayFirstChdir               .message
    ListOptions                "-l"
    
    DenyFilter\*.*/
    
    # Uncomment this if you are using NIS or LDAP to retrieve passwords:
    #PersistentPasswdoff
    
    # Uncomment this if you would use TLS module:
    #TLSEngine on
    
    # Uncomment this if you would use quota module:
    #Quotason
    
    # Uncomment this if you would use ratio module:
    #Ratioson
    
    # Port 21 is the standard FTP port.
    Port8889
    MasqueradeAddress               192.168.1.102
    PassivePorts 60000 65535
    
    # To prevent DoS attacks, set the maximum number of child processes
    # to 30.  If you need to allow more than 30 concurrent connections
    # at once, simply increase this value.  Note that this ONLY works
    # in standalone mode, in inetd mode you should use an inetd server
    # that allows you to limit maximum number of processes per service
    # (such as xinetd)
    MaxInstances30
    
    # Set the user and group that the server normally runs at.
    Usernobody
    Groupnogroup
    
    # Umask 022 is a good standard umask to prevent new files and dirs
    # (second parm) from being group and world writable.
    Umask022  022
    # Normally, we want files to be overwriteable.
    AllowOverwriteon
    
    # Delay engine reduces impact of the so-called Timing Attack described in
    # http://security.lss.hr/index.php?pag...LSS-2004-10-02
    # It is on by default. 
    #DelayEngine off
    
    # A basic anonymous configuration, no upload directories.
    
     <Anonymous ~ftp>
       Userftp
       Group        ftp
       # We want clients to be able to login with "anonymous" as well as "ftp"
       UserAliasanonymous ftp
       # Cosmetic changes, all files belongs to ftp user
       DirFakeUseron ftp
       DirFakeGroup on ftp
     
       RequireValidShelloff
     
       # Limit the maximum number of anonymous logins
       MaxClients10
     
       # We want 'welcome.msg' displayed at login, and '.message' displayed
       # in each newly chdired directory.
       DisplayLoginwelcome.msg
       DisplayFirstChdir.message
     
       # Limit WRITE everywhere in the anonymous chroot
       <Directory *>
         <Limit WRITE>
           DenyAll
         </Limit>
       </Directory>
     
    #   # Uncomment this if you're brave.
    #   # <Directory incoming>
    #   #   # Umask 022 is a good standard umask to prevent new files and dirs
    #   #   # (second parm) from being group and world writable.
    #   #   Umask022  022
    #   #            <Limit READ WRITE>
    #   #            DenyAll
    #   #            </Limit>
    #   #            <Limit STOR>
    #   #            AllowAll
    #   #            </Limit>
    #   # </Directory>
    # 
    # </Anonymous>
    #<Global>
    #DefaultChdir /home/ftp
    #DefaultRoot /home/ftp
    #ShowSymlinks off
    #LoginPasswordPrompt off
    #</Global>
    #<Anonymous /home/ftp>
    #User ftp
    #UserAlias anonymous ftp
    #Group ftp
    #DefaultChdir /home/michael/music
    #DeleteAbortedStores on
    #</Anonymous>

  7. #7
    Senior Member
    Join Date
    May 2001
    Posts
    411

    Re:cant access ftp

    Your masquerade address is wrong. You want the public IP address, not the private one. Use dnsdyn.org to create a public URL that maps to your public IP address so you don't have to memorize the IP address string.

    Also, double check the virtual server settings in your router to make sure you've mapped the ports to your 192.168.0.102 machine. Are you using 8889 or 8021 for FTP? It's also important to make sure you've opened up the range for passive FTP (e.g., 65000 to 65535). Can you post a screen shot of your virtual server settings?

    Try using my proftpd.conf file instead of yours and make sure the virtual server settings line up.

  8. #8

    Re:cant access ftp

    oh ok...well I changed it to so my dnydns one now

    here is a screenshot
    http://www3.telus.net/ra11le/Screenshot.png

    also after changing to your .conf file I can't access it from inside my network now :-\

  9. #9
    Senior Member
    Join Date
    May 2001
    Posts
    411

    Re:cant access ftp

    I'm not familiar with Linksys routers, but don't you need to check the box in the far right column to open up the ports from 60000 to 65535?

    Also, if you follow the instructions at http://www.linuxjunior.org/yabbse/in...threadid=10510, you will not be able to access your FTP server from inside the firewall. But, that shouldn't be a problem because you can access your FTP directories directly from any LAN box using Samba or NFS. Or, you can always access the FTP server via the Internet like the public does.

    When you tried my proftpd.conf file, did you put your FTP box in the DMZ of your router?

  10. #10

    Re:cant access ftp

    well it does work outside of the network. but in IE I get an error...I guess its an error.

    "An error occurred opening that folder on the FTP server. Make sure you have permission to access that folder.

    Details:
    200 Type ser to A
    500 Illegal PORT command
    500 LPRT not understood"

    I don't know about firefox since it doesnt want to work on this current linux and XP box. but it works GREAT in konqueror.

Similar Threads

  1. Can't Access LAN Web Server
    By omnivore in forum Linux - General Topics
    Replies: 3
    Last Post: 01-21-2005, 06:08 AM
  2. problems with irc access
    By Bogler in forum Linux - Hardware, Networking & Security
    Replies: 4
    Last Post: 12-18-2002, 05:15 PM
  3. Cant access internet
    By chipset35 in forum Linux - Hardware, Networking & Security
    Replies: 8
    Last Post: 07-15-2002, 03:22 PM
  4. Cd access after RH 6 install
    By PatC in forum Redhat / Fedora
    Replies: 0
    Last Post: 06-26-2002, 11:39 PM
  5. Access Denied
    By NewGuy in forum Linux - General Topics
    Replies: 3
    Last Post: 06-09-2002, 07:32 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •