Running ProFTPd behind firewall

[hinge]

Hi,

Please see if you can help me on some of the mysteries below - thanks.

I am setting up an ftp server using :
.linux mandrake 10.1
.Proftp

I have a Belkin wireless dsl router.
I have a couple of windows based computers on the inside of the firewall along with the linux server.
My internal network is running on 192.168.2.X
The linux server has a static IP outside the DHCP pool (192.168.2.101)
My firewall has port forwarding on:
port 20-21 to 192.168.2.101 port 20-21

first, what does work ;
I have a samba server that works fine - all windows computers can connect to the samba shares. (great!!)
From a explorer on the inside of the firewall I can connect to the ftp server by writing:
ftp://192.168.2.101

What does not work :shock: ;
If I try to connect to the ftp server from the outside by typing the static IP supplied by my ISP (say ftp://83.56.2.412 - not my actual address) - I get an error message saying:

"A connection with the server could not be established"

What I don't get :?: ;
After searching and reading the web I don't really understand how to set up my firewall for passive or active ftp. That's why I opened both 20 and 21.
Is passive or active mode something that I set on my server or the client - I think it is the client right ?
If it is the client then how do I change that for windows and linux ?
If it is the server that how do I change that for proftpd ?
I want to use active ftp when running behind a firewall - right ?

[LinuxFreak]

Dear hinge,
Hello,

Double check that you allowed Outside traffic to your Server.

<Internet Cloud> ---------- <Firewall> ----------- <Linux Machine> ---------- <Local LAN>

Best Regards.

[hinge]

My firewall is set up like this:
inbound port: 20-21; private IP address: 192.168.2.101; private port: 20-21.

Isn't that the way it should be ?

[LinuxFreak]

Dear hinge,
Hello,

Your Firewall Rules Look Like:

# iptables -I INPUT -p tcp --dport 20:21 -j ACCEPT

Best Regards.

[hinge]

YES!!

I worked it out myself....great feeling.
If anybody has got the same problem - here is the solution:

I thought my problem was with the firewall - it wasn't.

I checked my log and found the message:

Code:

Apr 19 08:08:16 192 proftpd[3813]: 192.168.2.1 - Failed binding to 0.0.0.0, port 21: Address already in use 
Apr 19 08:08:16 192 proftpd[3813]: 192.168.2.1 - Check the ServerType directive to ensure you are configured correctly.

After googling a bit I found my problem was that I had an other service already listening to port 21.

This command

Code:

sudo netstat -pant

told me that that other command was xinetd version of proftpd (is it correct to phrase it like that ??).
After disabling that my FTP server is running perfectly.


I love Linux - go home Bill

[LinuxFreak]

Dear hinge,
Hello,

Then how come you said that FTP is working fine ?

BTW Congrats

Best Regards.

[hinge]

What do you mean ??

Then how come you said that FTP is working fine ?

[LinuxFreak]

Dear hinge,
Hello,

Just Restart your FTP Server

# /etc/rc.d/init.d/vsftpd restart

Best Regards.