FTP error, it isn't a passive server?

iltasu

FTP error, it isn't a passive server?

« on: December 12, 2006, 07:06:20 PM »

Hi all,
I'm trying to access the sme server from the internet via FTP, The sme server is behind a firewall, on the firewall I natted to the sme server ip a the ports 20 21 and the passiveports range 30000 - 30050 setted this range in the proftpd.conf template and xpanded it after that, I restarted the daemon with non errors.
When I try to connect from outside, using the ftp command line utility, I can login, I issue the passive command and it answers that passive mode is on, after that whichever command I issue (be it a ls, dir, mkdir...) the server answers:

500 The server returned invalid response for PASV command
Passive mode refused.

if I issue the ls command before issuing the passive command (is it in active?), I get:

500 Invalid PORT command.
ftp: bind: Address already in use

which I cannot really understand.

Here I paste the session:

rokepo@streamer:~$ ftp xxx.xxx.xxx.xxx
Connected to xxx.xxx.xxx.xxx.
220 yyy.yyy.yyy.yyy FTP server ready
Name (xxx.xxx.xxx.xxx:rokepo): aaaaaa
331 Password required for gtassoni.
Password:
230 User aaaaaa logged in.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> ls
500 Invalid PORT command.
ftp: bind: Address already in use
ftp> passive
Passive mode on.
ftp> ls
500 The server returned invalid response for PASV command.
Passive mode refused.
ftp> exit

Logged

iltasu

FTP error, it isn't a passive server?

« Reply #1 on: December 13, 2006, 03:53:37 PM »

Strangely enough from within the same network it works like a charm, it must be some firewall problem, but not mine firewall since I have both the rules to allow and to nat the PassiveRange ports.
I can't understand where is the dam....

Logged

cactus

4,880
+3/-0

FTP error, it isn't a passive server?

« Reply #2 on: December 13, 2006, 04:28:15 PM »

Quote from: "iltasu"

Strangely enough from within the same network it works like a charm, it must be some firewall problem, but not mine firewall since I have both the rules to allow and to nat the PassiveRange ports.
I can't understand where is the dam....

Isn't there some more detail in the log files? Perhaps /var/log/proftpd/*?

Logged

Be careful whose advice you buy, but be patient with those who supply it. Advice is a form of nostalgia, dispensing it is a way of fishing the past from the disposal, wiping it off, painting over the ugly parts and recycling it for more than its worth ~ Baz Luhrmann - Everybody's Free (To Wear Sunscreen)

iltasu

FTP error, it isn't a passive server?

« Reply #3 on: December 13, 2006, 06:10:45 PM »

Quote from: "cactus"

Isn't there some more detail in the log files? Perhaps /var/log/proftpd/*?

Thank you for the reply, here is the log in the current file this is what get written when I issue
ftp xxx.xxx.xxx.xxx
I give username and password
issue an ls
and it answers:
500 Invalid PORT command.
ftp: bind: Address already in use

@40000000458032c614f015a4 tcpsvd: info: status 1/40
@40000000458032c614f0486c tcpsvd: info: pid 12384 from 85.18.163.114
@40000000458032c614f06f7c tcpsvd: info: concurrency 12384 85.18.163.114 1/4
@40000000458032c614f09a74 tcpsvd: info: start 12384 0:192.168.131.3 ::85.18.163.114:3152 ./peers/0

And if I issue (to enter passive mode, but I don't need it, I would be happy even in active mode):
passive
ls
and it answers:
500 The server returned invalid response for PASV command.
Passive mode refused.

Nothing got written to the log file. O_O

Thanks for the answers.

Logged