Dead in the Water due to FTP Issues

feldon27 · Jan 5, 2015

I had no trouble with FTP on my server until about 3 weeks ago. Now I cannot connect with either Active or Passive.

Here's what FileZilla says:

Code:

Status:	Resolving address of *********.com
Status:	Connecting to 67.23.252.182:21...
Status:	Connection established, waiting for welcome message...
Response:	220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
Response:	220-You are user number 1 of 50 allowed.
Response:	220-Local time is now 11:19. Server port: 21.
Response:	220-This is a private system - No anonymous login
Response:	220-IPv6 connections are also welcome on this server.
Response:	220 You will be disconnected after 15 minutes of inactivity.
Command:	USER ******
Response:	331 User ****** OK. Password required
Command:	PASS ******
Response:	230 OK. Current restricted directory is /
Command:	SYST
Response:	215 UNIX Type: L8
Command:	FEAT
Response:	211-Extensions supported:
Response:	 EPRT
Response:	 IDLE
Response:	 MDTM
Response:	 SIZE
Response:	 MFMT
Response:	 REST STREAM
Response:	 MLST type*;size*;sizd*;modify*;UNIX.mode*;UNIX.uid*;UNIX.gid*;unique*;
Response:	 MLSD
Response:	 AUTH TLS
Response:	 PBSZ
Response:	 PROT
Response:	 TVFS
Response:	 ESTA
Response:	 PASV
Response:	 EPSV
Response:	 SPSV
Response:	 ESTP
Response:	211 End.
Status:	Server does not support non-ASCII characters.
Status:	Connected
Status:	Retrieving directory listing...
Command:	PWD
Response:	257 "/" is your current location
Command:	TYPE I
Response:	200 TYPE is now 8-bit binary
Command:	PORT 10,130,78,128,238,184
Response:	200 PORT command successful
Command:	MLSD
Response:	150 Connecting to port 61112
Response:	226-Options: -a -l 
Response:	226 43 matches total
Error:	Connection timed out
Error:	Failed to retrieve directory listing

Here's what FTPTest.net says:

Code:

Error: Connection timed out
Timeouts are usually caused by some router and/or firewall that is interrupting the connection.
Try uninstalling all firewalls and plug your computer directly into your modem, thus bypassing the router.

in /etc/pure-ftpd.conf, I've got:

Code:

# Port range for passive connections replies. - for firewalling.
PassivePortRange 49152 65534

In /etc/csf/csf.conf, I've got:

Code:

# Allow incoming TCP ports
TCP_IN = "20,21,22,25,53,80,110,143,443,465,587,993,995,1818,2077,2078,2082,2083,2086,2087,2095,2096,1157,8139,49152:65534"

In /etc/sysconfig/iptables-config, I've got:

Code:

IPTABLES_MODULES="ip_conntrack_netbios_ns ip_conntrack_ftp"

I've run "rm -f /var/cpanel/conf/pureftpd/main.cache"
I've run "modprobe ip_conntrack_ftp".
I've restarted pureftpd, csf, and iptables many times.

My iptables are:

Code:

Chain INPUT (policy DROP 0 packets, 0 bytes)
num   pkts bytes target     prot opt in     out     source               destination         
1     315K   37M acctboth   all  --  *      *       0.0.0.0/0            0.0.0.0/0           
2        0     0 ACCEPT     tcp  --  !lo    *       66.7.207.2           0.0.0.0/0           tcp dpt:53 
3        0     0 ACCEPT     udp  --  !lo    *       66.7.207.2           0.0.0.0/0           udp dpt:53 
4        0     0 ACCEPT     tcp  --  !lo    *       66.7.207.2           0.0.0.0/0           tcp spt:53 
5       54  4318 ACCEPT     udp  --  !lo    *       66.7.207.2           0.0.0.0/0           udp spt:53 
6        0     0 ACCEPT     tcp  --  !lo    *       66.7.206.2           0.0.0.0/0           tcp dpt:53 
7        0     0 ACCEPT     udp  --  !lo    *       66.7.206.2           0.0.0.0/0           udp dpt:53 
8        0     0 ACCEPT     tcp  --  !lo    *       66.7.206.2           0.0.0.0/0           tcp spt:53 
9     1968  289K ACCEPT     udp  --  !lo    *       66.7.206.2           0.0.0.0/0           udp spt:53 
10    312K   35M LOCALINPUT  all  --  !lo    *       0.0.0.0/0            0.0.0.0/0           
11     698 1354K ACCEPT     all  --  lo     *       0.0.0.0/0            0.0.0.0/0           
12    303K   34M INVALID    tcp  --  !lo    *       0.0.0.0/0            0.0.0.0/0           
13    296K   33M ACCEPT     all  --  !lo    *       0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED 
14       0     0 ACCEPT     tcp  --  !lo    *       0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:20 
15       6   312 ACCEPT     tcp  --  !lo    *       0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:21 
16       9   360 ACCEPT     tcp  --  !lo    *       0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:22 
17     147  7620 ACCEPT     tcp  --  !lo    *       0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:25 
18       0     0 ACCEPT     tcp  --  !lo    *       0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:53 
19    7626  421K ACCEPT     tcp  --  !lo    *       0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:80 
20       2   104 ACCEPT     tcp  --  !lo    *       0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:110 
21       0     0 ACCEPT     tcp  --  !lo    *       0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:143 
22       7   400 ACCEPT     tcp  --  !lo    *       0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:443 
23       0     0 ACCEPT     tcp  --  !lo    *       0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:465 
24       0     0 ACCEPT     tcp  --  !lo    *       0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:587 
25       0     0 ACCEPT     tcp  --  !lo    *       0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:993 
26       0     0 ACCEPT     tcp  --  !lo    *       0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:995 
27       0     0 ACCEPT     tcp  --  !lo    *       0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:1818 
28       0     0 ACCEPT     tcp  --  !lo    *       0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:2077 
29       0     0 ACCEPT     tcp  --  !lo    *       0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:2078 
30       0     0 ACCEPT     tcp  --  !lo    *       0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:2082 
31       0     0 ACCEPT     tcp  --  !lo    *       0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:2083 
32       6   308 ACCEPT     tcp  --  !lo    *       0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:2086 
33       0     0 ACCEPT     tcp  --  !lo    *       0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:2087 
34       0     0 ACCEPT     tcp  --  !lo    *       0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:2095 
35       0     0 ACCEPT     tcp  --  !lo    *       0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:2096 
36       0     0 ACCEPT     tcp  --  !lo    *       0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:1157 
37       0     0 ACCEPT     tcp  --  !lo    *       0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:8139 
38       0     0 ACCEPT     udp  --  !lo    *       0.0.0.0/0            0.0.0.0/0           state NEW udp dpt:20 
39       0     0 ACCEPT     udp  --  !lo    *       0.0.0.0/0            0.0.0.0/0           state NEW udp dpt:21 
40    4974  362K ACCEPT     udp  --  !lo    *       0.0.0.0/0            0.0.0.0/0           state NEW udp dpt:53 
41      17  1326 ACCEPT     icmp --  !lo    *       0.0.0.0/0            0.0.0.0/0           icmp type 8 limit: avg 1/sec burst 5 
42       0     0 ACCEPT     icmp --  !lo    *       0.0.0.0/0            0.0.0.0/0           icmp type 0 limit: avg 1/sec burst 5 
43       0     0 ACCEPT     icmp --  !lo    *       0.0.0.0/0            0.0.0.0/0           icmp type 11 
44       5   888 ACCEPT     icmp --  !lo    *       0.0.0.0/0            0.0.0.0/0           icmp type 3 
45    1697  865K LOGDROPIN  all  --  !lo    *       0.0.0.0/0            0.0.0.0/0           

Chain FORWARD (policy DROP 0 packets, 0 bytes)
num   pkts bytes target     prot opt in     out     source               destination         

Chain OUTPUT (policy DROP 0 packets, 0 bytes)
num   pkts bytes target     prot opt in     out     source               destination         
1     561K  759M acctboth   all  --  *      *       0.0.0.0/0            0.0.0.0/0           
2        0     0 ACCEPT     tcp  --  *      !lo     0.0.0.0/0            66.7.207.2          tcp dpt:53 
3       54  4184 ACCEPT     udp  --  *      !lo     0.0.0.0/0            66.7.207.2          udp dpt:53 
4        0     0 ACCEPT     tcp  --  *      !lo     0.0.0.0/0            66.7.207.2          tcp spt:53 
5        0     0 ACCEPT     udp  --  *      !lo     0.0.0.0/0            66.7.207.2          udp spt:53 
6        0     0 ACCEPT     tcp  --  *      !lo     0.0.0.0/0            66.7.206.2          tcp dpt:53 
7     1965  147K ACCEPT     udp  --  *      !lo     0.0.0.0/0            66.7.206.2          udp dpt:53 
8        0     0 ACCEPT     tcp  --  *      !lo     0.0.0.0/0            66.7.206.2          tcp spt:53 
9        0     0 ACCEPT     udp  --  *      !lo     0.0.0.0/0            66.7.206.2          udp spt:53 
10    558K  757M LOCALOUTPUT  all  --  *      !lo     0.0.0.0/0            0.0.0.0/0           
11       0     0 ACCEPT     tcp  --  *      !lo     0.0.0.0/0            0.0.0.0/0           tcp dpt:53 
12       0     0 ACCEPT     udp  --  *      !lo     0.0.0.0/0            0.0.0.0/0           udp dpt:53 
13       0     0 ACCEPT     tcp  --  *      !lo     0.0.0.0/0            0.0.0.0/0           tcp spt:53 
14    4981  790K ACCEPT     udp  --  *      !lo     0.0.0.0/0            0.0.0.0/0           udp spt:53 
15       0     0 ACCEPT     tcp  --  *      lo      0.0.0.0/0            0.0.0.0/0           tcp dpt:26 
16       0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:26 OWNER GID match 32002 
17       0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:26 OWNER GID match 12 
18       0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:26 OWNER UID match 32001 
19       0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:26 OWNER UID match 0 
20       0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:26 
21       0     0 ACCEPT     tcp  --  *      lo      0.0.0.0/0            0.0.0.0/0           tcp dpt:25 
22       0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:25 OWNER GID match 32002 
23     423  103K ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:25 OWNER GID match 12 
24       0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:25 OWNER UID match 32001 
25       0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:25 OWNER UID match 0 
26     175  8476 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:25 
27     698 1354K ACCEPT     all  --  *      lo      0.0.0.0/0            0.0.0.0/0           
28    552K  756M INVALID    tcp  --  *      !lo     0.0.0.0/0            0.0.0.0/0           
29    551K  756M ACCEPT     all  --  *      !lo     0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED 
30       0     0 ACCEPT     tcp  --  *      !lo     0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:20 
31       0     0 ACCEPT     tcp  --  *      !lo     0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:21 
32       0     0 ACCEPT     tcp  --  *      !lo     0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:22 
33       0     0 ACCEPT     tcp  --  *      !lo     0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:25 
34       0     0 ACCEPT     tcp  --  *      !lo     0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:37 
35       0     0 ACCEPT     tcp  --  *      !lo     0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:43 
36       0     0 ACCEPT     tcp  --  *      !lo     0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:53 
37     999 59940 ACCEPT     tcp  --  *      !lo     0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:80 
38       0     0 ACCEPT     tcp  --  *      !lo     0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:110 
39       0     0 ACCEPT     tcp  --  *      !lo     0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:113 
40       3   180 ACCEPT     tcp  --  *      !lo     0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:443 
41       0     0 ACCEPT     tcp  --  *      !lo     0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:587 
42       0     0 ACCEPT     tcp  --  *      !lo     0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:873 
43       0     0 ACCEPT     tcp  --  *      !lo     0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:1818 
44       0     0 ACCEPT     tcp  --  *      !lo     0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:2087 
45       0     0 ACCEPT     tcp  --  *      !lo     0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:2089 
46      38  2280 ACCEPT     tcp  --  *      !lo     0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:2703 
47       0     0 ACCEPT     tcp  --  *      !lo     0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:1157 
48       0     0 ACCEPT     tcp  --  *      !lo     0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:8140 
49       0     0 ACCEPT     udp  --  *      !lo     0.0.0.0/0            0.0.0.0/0           state NEW udp dpt:20 
50       0     0 ACCEPT     udp  --  *      !lo     0.0.0.0/0            0.0.0.0/0           state NEW udp dpt:21 
51       0     0 ACCEPT     udp  --  *      !lo     0.0.0.0/0            0.0.0.0/0           state NEW udp dpt:53 
52       0     0 ACCEPT     udp  --  *      !lo     0.0.0.0/0            0.0.0.0/0           state NEW udp dpt:113 
53       0     0 ACCEPT     udp  --  *      !lo     0.0.0.0/0            0.0.0.0/0           state NEW udp dpt:123 
54       0     0 ACCEPT     udp  --  *      !lo     0.0.0.0/0            0.0.0.0/0           state NEW udp dpt:873 
55       0     0 ACCEPT     udp  --  *      !lo     0.0.0.0/0            0.0.0.0/0           state NEW udp dpt:6277 
56       0     0 ACCEPT     icmp --  *      !lo     0.0.0.0/0            0.0.0.0/0           icmp type 0 
57       0     0 ACCEPT     icmp --  *      !lo     0.0.0.0/0            0.0.0.0/0           icmp type 8 
58       0     0 ACCEPT     icmp --  *      !lo     0.0.0.0/0            0.0.0.0/0           icmp type 11 
59       0     0 ACCEPT     icmp --  *      !lo     0.0.0.0/0            0.0.0.0/0           icmp type 3 
60       0     0 DROP       all  --  *      !lo     0.0.0.0/0            0.0.0.0/0           

Chain ALLOWIN (1 references)
num   pkts bytes target     prot opt in     out     source               destination         
1        0     0 ACCEPT     all  --  !lo    *       67.23.232.183        0.0.0.0/0           
2        0     0 ACCEPT     all  --  !lo    *       72.29.94.41          0.0.0.0/0           
3        0     0 ACCEPT     all  --  !lo    *       64.128.130.214       0.0.0.0/0           
4        0     0 ACCEPT     all  --  !lo    *       72.29.91.47          0.0.0.0/0           
5        0     0 ACCEPT     all  --  !lo    *       72.29.65.8           0.0.0.0/0           
6        0     0 ACCEPT     all  --  !lo    *       72.29.79.52          0.0.0.0/0           
7      613 34150 ACCEPT     all  --  !lo    *       72.29.79.51          0.0.0.0/0           
8        0     0 ACCEPT     all  --  !lo    *       72.29.95.172         0.0.0.0/0           
9        0     0 ACCEPT     all  --  !lo    *       72.29.95.155         0.0.0.0/0           
10       0     0 ACCEPT     all  --  !lo    *       72.29.91.42          0.0.0.0/0           
11       0     0 ACCEPT     all  --  !lo    *       72.29.91.30          0.0.0.0/0           
12       0     0 ACCEPT     all  --  !lo    *       72.29.76.254         0.0.0.0/0           
13       0     0 ACCEPT     all  --  !lo    *       72.29.72.130         0.0.0.0/0           

Chain ALLOWOUT (1 references)
num   pkts bytes target     prot opt in     out     source               destination         
1        0     0 ACCEPT     all  --  *      !lo     0.0.0.0/0            67.23.232.183       
2        0     0 ACCEPT     all  --  *      !lo     0.0.0.0/0            72.29.94.41         
3        0     0 ACCEPT     all  --  *      !lo     0.0.0.0/0            64.128.130.214      
4        0     0 ACCEPT     all  --  *      !lo     0.0.0.0/0            72.29.91.47         
5        0     0 ACCEPT     all  --  *      !lo     0.0.0.0/0            72.29.65.8          
6        0     0 ACCEPT     all  --  *      !lo     0.0.0.0/0            72.29.79.52         
7      398 47464 ACCEPT     all  --  *      !lo     0.0.0.0/0            72.29.79.51         
8        0     0 ACCEPT     all  --  *      !lo     0.0.0.0/0            72.29.95.172        
9        0     0 ACCEPT     all  --  *      !lo     0.0.0.0/0            72.29.95.155        
10       0     0 ACCEPT     all  --  *      !lo     0.0.0.0/0            72.29.91.42         
11       0     0 ACCEPT     all  --  *      !lo     0.0.0.0/0            72.29.91.30         
12       0     0 ACCEPT     all  --  *      !lo     0.0.0.0/0            72.29.76.254        
13       0     0 ACCEPT     all  --  *      !lo     0.0.0.0/0            72.29.72.130        

Chain DENYIN (1 references)
num   pkts bytes target     prot opt in     out     source               destination         
1        0     0 DROP       all  --  !lo    *       61.160.247.182       0.0.0.0/0           
2        0     0 DROP       all  --  !lo    *       61.147.110.68        0.0.0.0/0           
3        0     0 DROP       all  --  !lo    *       61.147.110.19        0.0.0.0/0           
4        0     0 DROP       all  --  !lo    *       61.147.110.3         0.0.0.0/0           
5        0     0 DROP       all  --  !lo    *       61.147.110.21        0.0.0.0/0           
6        0     0 DROP       all  --  !lo    *       60.169.78.117        0.0.0.0/0           
7        0     0 DROP       all  --  !lo    *       173.165.90.117       0.0.0.0/0           
8        0     0 DROP       all  --  !lo    *       116.205.21.130       0.0.0.0/0           
9        0     0 DROP       all  --  !lo    *       222.186.23.31        0.0.0.0/0           
10       0     0 DROP       all  --  !lo    *       41.0.68.142          0.0.0.0/0           
11       0     0 DROP       all  --  !lo    *       200.98.148.143       0.0.0.0/0           
12       0     0 DROP       all  --  !lo    *       42.228.8.196         0.0.0.0/0           
13       0     0 DROP       all  --  !lo    *       31.163.60.19         0.0.0.0/0           
14       0     0 DROP       all  --  !lo    *       74.63.200.36         0.0.0.0/0           
15       0     0 DROP       all  --  !lo    *       176.14.13.118        0.0.0.0/0           
16       0     0 DROP       all  --  !lo    *       89.249.78.79         0.0.0.0/0           
17       0     0 DROP       all  --  !lo    *       217.171.180.38       0.0.0.0/0           
18       0     0 DROP       all  --  !lo    *       68.189.127.2         0.0.0.0/0           
19       0     0 DROP       all  --  !lo    *       81.137.183.153       0.0.0.0/0           
20       0     0 DROP       all  --  !lo    *       173.14.48.145        0.0.0.0/0           
21       0     0 DROP       all  --  !lo    *       189.109.208.114      0.0.0.0/0           
22       0     0 DROP       tcp  --  !lo    *       86.47.96.76          0.0.0.0/0           tcp dpt:25 
23       0     0 DROP       tcp  --  !lo    *       86.47.96.76          0.0.0.0/0           tcp dpt:465 
24       0     0 DROP       tcp  --  !lo    *       86.47.96.76          0.0.0.0/0           tcp dpt:587 
25       0     0 DROP       all  --  !lo    *       112.209.142.244      0.0.0.0/0           
26       0     0 DROP       all  --  !lo    *       181.196.252.226      0.0.0.0/0           
27       0     0 DROP       all  --  !lo    *       93.174.95.55         0.0.0.0/0           
28       0     0 DROP       all  --  !lo    *       50.80.195.250        0.0.0.0/0           
29       0     0 DROP       all  --  !lo    *       187.40.91.66         0.0.0.0/0           
30       0     0 DROP       all  --  !lo    *       190.233.50.57        0.0.0.0/0           
31       0     0 DROP       all  --  !lo    *       61.160.222.91        0.0.0.0/0           
32       0     0 DROP       all  --  !lo    *       60.169.74.208        0.0.0.0/0           
33       0     0 DROP       all  --  !lo    *       61.160.207.219       0.0.0.0/0           
34       0     0 DROP       all  --  !lo    *       61.160.215.72        0.0.0.0/0           
35       0     0 DROP       all  --  !lo    *       175.44.4.143         0.0.0.0/0           
36       0     0 DROP       all  --  !lo    *       68.115.215.90        0.0.0.0/0           
37       0     0 DROP       all  --  !lo    *       85.214.255.171       0.0.0.0/0           
38       0     0 DROP       all  --  !lo    *       176.61.138.103       0.0.0.0/0           
39       0     0 DROP       all  --  !lo    *       173.208.168.194      0.0.0.0/0           
40       0     0 DROP       all  --  !lo    *       175.44.5.91          0.0.0.0/0           
41       0     0 DROP       tcp  --  !lo    *       176.31.218.185       0.0.0.0/0           tcp dpt:80 
42       0     0 DROP       tcp  --  !lo    *       176.31.218.185       0.0.0.0/0           tcp dpt:443 
43     208 15356 DROP       tcp  --  !lo    *       5.196.5.116          0.0.0.0/0           tcp dpt:80 
44       0     0 DROP       tcp  --  !lo    *       5.196.5.116          0.0.0.0/0           tcp dpt:443 
45      88  5280 DROP       tcp  --  !lo    *       37.59.120.214        0.0.0.0/0           tcp dpt:80 
46       0     0 DROP       tcp  --  !lo    *       37.59.120.214        0.0.0.0/0           tcp dpt:443 
47       8   480 DROP       tcp  --  !lo    *       80.82.70.104         0.0.0.0/0           tcp dpt:80 
48       0     0 DROP       tcp  --  !lo    *       80.82.70.104         0.0.0.0/0           tcp dpt:443 
49      24  4240 DROP       tcp  --  !lo    *       93.174.93.61         0.0.0.0/0           tcp dpt:80 
50       0     0 DROP       tcp  --  !lo    *       93.174.93.61         0.0.0.0/0           tcp dpt:443 
51      20  1200 DROP       tcp  --  !lo    *       80.82.64.229         0.0.0.0/0           tcp dpt:80 
52       0     0 DROP       tcp  --  !lo    *       80.82.64.229         0.0.0.0/0           tcp dpt:443 
53       0     0 DROP       tcp  --  !lo    *       88.232.11.223        0.0.0.0/0           tcp dpt:80 
54       0     0 DROP       tcp  --  !lo    *       88.232.11.223        0.0.0.0/0           tcp dpt:443 
55       0     0 DROP       tcp  --  !lo    *       88.232.1.56          0.0.0.0/0           tcp dpt:80 
56       0     0 DROP       tcp  --  !lo    *       88.232.1.56          0.0.0.0/0           tcp dpt:443 
57       0     0 DROP       tcp  --  !lo    *       92.63.88.76          0.0.0.0/0           tcp dpt:80 
58       0     0 DROP       tcp  --  !lo    *       92.63.88.76          0.0.0.0/0           tcp dpt:443 
59       0     0 DROP       tcp  --  !lo    *       88.232.24.189        0.0.0.0/0           tcp dpt:80 
60       0     0 DROP       tcp  --  !lo    *       88.232.24.189        0.0.0.0/0           tcp dpt:443 
61       0     0 DROP       tcp  --  !lo    *       88.232.15.165        0.0.0.0/0           tcp dpt:80 
62       0     0 DROP       tcp  --  !lo    *       88.232.15.165        0.0.0.0/0           tcp dpt:443 
63       0     0 DROP       tcp  --  !lo    *       197.80.245.27        0.0.0.0/0           tcp dpt:80 
64       0     0 DROP       tcp  --  !lo    *       197.80.245.27        0.0.0.0/0           tcp dpt:443 
65       0     0 DROP       tcp  --  !lo    *       92.63.87.10          0.0.0.0/0           tcp dpt:80 
66       0     0 DROP       tcp  --  !lo    *       92.63.87.10          0.0.0.0/0           tcp dpt:443 
67       0     0 DROP       tcp  --  !lo    *       92.63.87.9           0.0.0.0/0           tcp dpt:80 
68       0     0 DROP       tcp  --  !lo    *       92.63.87.9           0.0.0.0/0           tcp dpt:443 
69       0     0 DROP       tcp  --  !lo    *       195.174.244.164      0.0.0.0/0           tcp dpt:80 
70       0     0 DROP       tcp  --  !lo    *       195.174.244.164      0.0.0.0/0           tcp dpt:443 
71       0     0 DROP       tcp  --  !lo    *       88.234.132.24        0.0.0.0/0           tcp dpt:80 
72       0     0 DROP       tcp  --  !lo    *       88.234.132.24        0.0.0.0/0           tcp dpt:443 
73       0     0 DROP       tcp  --  !lo    *       46.107.230.119       0.0.0.0/0           tcp dpt:20 
74       0     0 DROP       tcp  --  !lo    *       46.107.230.119       0.0.0.0/0           tcp dpt:21 

Chain DENYOUT (1 references)
num   pkts bytes target     prot opt in     out     source               destination         
1        0     0 DROP       all  --  *      !lo     0.0.0.0/0            61.160.247.182      
2        0     0 DROP       all  --  *      !lo     0.0.0.0/0            61.147.110.68       
3        0     0 DROP       all  --  *      !lo     0.0.0.0/0            61.147.110.19       
4        0     0 DROP       all  --  *      !lo     0.0.0.0/0            61.147.110.3        
5        0     0 DROP       all  --  *      !lo     0.0.0.0/0            61.147.110.21       
6        0     0 DROP       all  --  *      !lo     0.0.0.0/0            60.169.78.117       
7        0     0 DROP       all  --  *      !lo     0.0.0.0/0            173.165.90.117      
8        0     0 DROP       all  --  *      !lo     0.0.0.0/0            116.205.21.130      
9        0     0 DROP       all  --  *      !lo     0.0.0.0/0            222.186.23.31       
10       0     0 DROP       all  --  *      !lo     0.0.0.0/0            41.0.68.142         
11       0     0 DROP       all  --  *      !lo     0.0.0.0/0            200.98.148.143      
12       0     0 DROP       all  --  *      !lo     0.0.0.0/0            42.228.8.196        
13       0     0 DROP       all  --  *      !lo     0.0.0.0/0            31.163.60.19        
14       0     0 DROP       all  --  *      !lo     0.0.0.0/0            74.63.200.36        
15       0     0 DROP       all  --  *      !lo     0.0.0.0/0            176.14.13.118       
16       0     0 DROP       all  --  *      !lo     0.0.0.0/0            89.249.78.79        
17       0     0 DROP       all  --  *      !lo     0.0.0.0/0            217.171.180.38      
18       0     0 DROP       all  --  *      !lo     0.0.0.0/0            68.189.127.2        
19       0     0 DROP       all  --  *      !lo     0.0.0.0/0            81.137.183.153      
20       0     0 DROP       all  --  *      !lo     0.0.0.0/0            173.14.48.145       
21       0     0 DROP       all  --  *      !lo     0.0.0.0/0            189.109.208.114     
22       0     0 DROP       all  --  *      !lo     0.0.0.0/0            112.209.142.244     
23       0     0 DROP       all  --  *      !lo     0.0.0.0/0            181.196.252.226     
24       0     0 DROP       all  --  *      !lo     0.0.0.0/0            93.174.95.55        
25       0     0 DROP       all  --  *      !lo     0.0.0.0/0            50.80.195.250       
26       0     0 DROP       all  --  *      !lo     0.0.0.0/0            187.40.91.66        
27       0     0 DROP       all  --  *      !lo     0.0.0.0/0            190.233.50.57       
28       0     0 DROP       all  --  *      !lo     0.0.0.0/0            61.160.222.91       
29       0     0 DROP       all  --  *      !lo     0.0.0.0/0            60.169.74.208       
30       0     0 DROP       all  --  *      !lo     0.0.0.0/0            61.160.207.219      
31       0     0 DROP       all  --  *      !lo     0.0.0.0/0            61.160.215.72       
32       0     0 DROP       all  --  *      !lo     0.0.0.0/0            175.44.4.143        
33       0     0 DROP       all  --  *      !lo     0.0.0.0/0            68.115.215.90       
34       0     0 DROP       all  --  *      !lo     0.0.0.0/0            85.214.255.171      
35       0     0 DROP       all  --  *      !lo     0.0.0.0/0            176.61.138.103      
36       0     0 DROP       all  --  *      !lo     0.0.0.0/0            173.208.168.194     
37       0     0 DROP       all  --  *      !lo     0.0.0.0/0            175.44.5.91         

Chain INVALID (2 references)
num   pkts bytes target     prot opt in     out     source               destination         
1      265 15591 INVDROP    all  --  *      *       0.0.0.0/0            0.0.0.0/0           state INVALID 
2        0     0 INVDROP    tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp flags:0x3F/0x00 
3        0     0 INVDROP    tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp flags:0x3F/0x3F 
4        0     0 INVDROP    tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp flags:0x03/0x03 
5        0     0 INVDROP    tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp flags:0x06/0x06 
6        0     0 INVDROP    tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp flags:0x05/0x05 
7        0     0 INVDROP    tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp flags:0x11/0x01 
8        0     0 INVDROP    tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp flags:0x18/0x08 
9        0     0 INVDROP    tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp flags:0x30/0x20 
10      27 12216 INVDROP    tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp flags:!0x17/0x02 state NEW 

Chain INVDROP (10 references)
num   pkts bytes target     prot opt in     out     source               destination         
1      292 27807 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain LOCALINPUT (1 references)
num   pkts bytes target     prot opt in     out     source               destination         
1     312K   35M ALLOWIN    all  --  !lo    *       0.0.0.0/0            0.0.0.0/0           
2     311K   35M DENYIN     all  --  !lo    *       0.0.0.0/0            0.0.0.0/0           

Chain LOCALOUTPUT (1 references)
num   pkts bytes target     prot opt in     out     source               destination         
1     558K  757M ALLOWOUT   all  --  *      !lo     0.0.0.0/0            0.0.0.0/0           
2     558K  757M DENYOUT    all  --  *      !lo     0.0.0.0/0            0.0.0.0/0           

Chain LOGDROPIN (1 references)
num   pkts bytes target     prot opt in     out     source               destination         
1        0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:67 
2     1329  766K DROP       udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp dpt:67 
3        0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:68 
4        0     0 DROP       udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp dpt:68 
5        1    40 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:111 
6        0     0 DROP       udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp dpt:111 
7        0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:113 
8        0     0 DROP       udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp dpt:113 
9        0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpts:135:139 
10      51  5193 DROP       udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp dpts:135:139 
11       0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:445 
12       0     0 DROP       udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp dpt:445 
13       0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:513 
14       0     0 DROP       udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp dpt:513 
15       0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:520 
16       0     0 DROP       udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp dpt:520 
17      13   680 LOG        tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           limit: avg 30/min burst 5 LOG flags 0 level 4 prefix `Firewall: *TCP_IN Blocked* ' 
18     251 78945 LOG        udp  --  *      *       0.0.0.0/0            0.0.0.0/0           limit: avg 30/min burst 5 LOG flags 0 level 4 prefix `Firewall: *UDP_IN Blocked* ' 
19       0     0 LOG        icmp --  *      *       0.0.0.0/0            0.0.0.0/0           limit: avg 30/min burst 5 LOG flags 0 level 4 prefix `Firewall: *ICMP_IN Blocked* ' 
20     316 93877 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain LOGDROPOUT (0 references)
num   pkts bytes target     prot opt in     out     source               destination         
1        0     0 LOG        tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp flags:0x17/0x02 limit: avg 30/min burst 5 LOG flags 8 level 4 prefix `Firewall: *TCP_OUT Blocked* ' 
2        0     0 LOG        udp  --  *      *       0.0.0.0/0            0.0.0.0/0           limit: avg 30/min burst 5 LOG flags 8 level 4 prefix `Firewall: *UDP_OUT Blocked* ' 
3        0     0 LOG        icmp --  *      *       0.0.0.0/0            0.0.0.0/0           limit: avg 30/min burst 5 LOG flags 8 level 4 prefix `Firewall: *ICMP_OUT Blocked* ' 
4        0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain acctboth (2 references)
num   pkts bytes target     prot opt in     out     source               destination         
1     8775  721K            tcp  --  !lo    *       67.23.252.182        0.0.0.0/0           tcp dpt:80 
2     8992 6125K            tcp  --  !lo    *       0.0.0.0/0            67.23.252.182       tcp spt:80 
3      598  112K            tcp  --  !lo    *       67.23.252.182        0.0.0.0/0           tcp dpt:25 
4      605  144K            tcp  --  !lo    *       0.0.0.0/0            67.23.252.182       tcp spt:25 
5        0     0            tcp  --  !lo    *       67.23.252.182        0.0.0.0/0           tcp dpt:110 
6        0     0            tcp  --  !lo    *       0.0.0.0/0            67.23.252.182       tcp spt:110 
7       40  3857            icmp --  !lo    *       67.23.252.182        0.0.0.0/0           
8       30  2418            icmp --  !lo    *       0.0.0.0/0            67.23.252.182       
9     554K  758M            tcp  --  !lo    *       67.23.252.182        0.0.0.0/0           
10    304K   35M            tcp  --  !lo    *       0.0.0.0/0            67.23.252.182       
11    2019  151K            udp  --  !lo    *       67.23.252.182        0.0.0.0/0           
12    2024  295K            udp  --  !lo    *       0.0.0.0/0            67.23.252.182       
13    556K  758M            all  --  !lo    *       67.23.252.182        0.0.0.0/0           
14    306K   35M            all  --  !lo    *       0.0.0.0/0            67.23.252.182       
15       0     0            tcp  --  !lo    *       67.23.252.183        0.0.0.0/0           tcp dpt:80 
16       0     0            tcp  --  !lo    *       0.0.0.0/0            67.23.252.183       tcp spt:80 
17       0     0            tcp  --  !lo    *       67.23.252.183        0.0.0.0/0           tcp dpt:25 
18       0     0            tcp  --  !lo    *       0.0.0.0/0            67.23.252.183       tcp spt:25 
19       0     0            tcp  --  !lo    *       67.23.252.183        0.0.0.0/0           tcp dpt:110 
20       0     0            tcp  --  !lo    *       0.0.0.0/0            67.23.252.183       tcp spt:110 
21       0     0            icmp --  !lo    *       67.23.252.183        0.0.0.0/0           
22     889  144K            icmp --  !lo    *       0.0.0.0/0            67.23.252.183       
23      22  2146            tcp  --  !lo    *       67.23.252.183        0.0.0.0/0           
24      32  2187            tcp  --  !lo    *       0.0.0.0/0            67.23.252.183       
25    2526  401K            udp  --  !lo    *       67.23.252.183        0.0.0.0/0           
26    2526  184K            udp  --  !lo    *       0.0.0.0/0            67.23.252.183       
27    2548  403K            all  --  !lo    *       67.23.252.183        0.0.0.0/0           
28    3447  330K            all  --  !lo    *       0.0.0.0/0            67.23.252.183       
29       0     0            tcp  --  !lo    *       64.37.54.211         0.0.0.0/0           tcp dpt:80 
30       0     0            tcp  --  !lo    *       0.0.0.0/0            64.37.54.211        tcp spt:80 
31       0     0            tcp  --  !lo    *       64.37.54.211         0.0.0.0/0           tcp dpt:25 
32       0     0            tcp  --  !lo    *       0.0.0.0/0            64.37.54.211        tcp spt:25 
33       0     0            tcp  --  !lo    *       64.37.54.211         0.0.0.0/0           tcp dpt:110 
34       0     0            tcp  --  !lo    *       0.0.0.0/0            64.37.54.211        tcp spt:110 
35       0     0            icmp --  !lo    *       64.37.54.211         0.0.0.0/0           
36     879  141K            icmp --  !lo    *       0.0.0.0/0            64.37.54.211        
37       2    80            tcp  --  !lo    *       64.37.54.211         0.0.0.0/0           
38       3   140            tcp  --  !lo    *       0.0.0.0/0            64.37.54.211        
39    2455  390K            udp  --  !lo    *       64.37.54.211         0.0.0.0/0           
40    2455  178K            udp  --  !lo    *       0.0.0.0/0            64.37.54.211        
41    2457  390K            all  --  !lo    *       64.37.54.211         0.0.0.0/0           
42    3337  320K            all  --  !lo    *       0.0.0.0/0            64.37.54.211        
43       0     0            tcp  --  !lo    *       64.37.54.212         0.0.0.0/0           tcp dpt:80 
44       0     0            tcp  --  !lo    *       0.0.0.0/0            64.37.54.212        tcp spt:80 
45       0     0            tcp  --  !lo    *       64.37.54.212         0.0.0.0/0           tcp dpt:25 
46       0     0            tcp  --  !lo    *       0.0.0.0/0            64.37.54.212        tcp spt:25 
47       0     0            tcp  --  !lo    *       64.37.54.212         0.0.0.0/0           tcp dpt:110 
48       0     0            tcp  --  !lo    *       0.0.0.0/0            64.37.54.212        tcp spt:110 
49       0     0            icmp --  !lo    *       64.37.54.212         0.0.0.0/0           
50       0     0            icmp --  !lo    *       0.0.0.0/0            64.37.54.212        
51      14 13736            tcp  --  !lo    *       64.37.54.212         0.0.0.0/0           
52      20   982            tcp  --  !lo    *       0.0.0.0/0            64.37.54.212        
53       0     0            udp  --  !lo    *       64.37.54.212         0.0.0.0/0           
54       1    74            udp  --  !lo    *       0.0.0.0/0            64.37.54.212        
55      14 13736            all  --  !lo    *       64.37.54.212         0.0.0.0/0           
56      21  1056            all  --  !lo    *       0.0.0.0/0            64.37.54.212        
57    875K  794M            all  --  !lo    *       0.0.0.0/0            0.0.0.0/0           

Chain PREROUTING (policy ACCEPT 15553 packets, 1100K bytes)
num   pkts bytes target     prot opt in     out     source               destination         

Chain POSTROUTING (policy ACCEPT 2446 packets, 160K bytes)
num   pkts bytes target     prot opt in     out     source               destination         

Chain OUTPUT (policy ACCEPT 2453 packets, 171K bytes)
num   pkts bytes target     prot opt in     out     source               destination

I've added my IP address at the top of Host Access Control with a setting of allow "ALL".

Despite all this, I still cannot connect via FTP with either Active or Passive setting. I am dead in the water until I can get this fixed!

feldon27 · Jan 5, 2015

Under CSF I did a "Quick Allow" with my IP address.

I just restarted pureftpd and here's what it says:

Code:

Waiting for “ftpserver” to restart ………………………………………………………………waiting for “ftpserver” to initialize ………finished.

Service Status:
     pure-ftpd (pure-ftpd (SERVER)) running as root with PID 8945 (process table check method)
     pure-authd (/usr/sbin/pure-authd -s /var/run/ftpd.sock -r /usr/local/cpanel/bin/pureauth) running as root with PID 8947 (pidfile check method)

Connection Test:
     Successfully connected to 127.0.0.1:21 and received response: “220”.

Startup Log:
     Starting pure-config.pl: Running: /usr/sbin/pure-ftpd -O clf:/var/log/xferlog --daemonize -A -c50 -B -C8 -D -E -fftp -H -I15 -lextauth:/var/run/ftpd.sock -L2000:8 -m4 -p49152:65534 -s -S21 -U133:022 -u100 -i -Oxferlog:/usr/local/apache/domlogs/ftpxferlog -k99 -Z -Y1 -JHIGH:MEDIUM:+TLSv1:!SSLv2:+SSLv3
     [  OK  ]
     Starting pure-authd: 

Log Messages:
     Jan  5 11:46:50 firefly pure-ftpd: ([email protected]) [INFO] Logout.
     Jan  5 11:46:50 firefly pure-ftpd: ([email protected]) [INFO] New connection from 127.0.0.1

ftpserver started successfully.

- - - Updated - - -

WTH? Just did Disable Firewall (Completely disables csf and lfd) and still can't connect. Problem with PureFTPD settings I think.

- - - Updated - - -

I switched from PureFTPD to ProFTP:

FileZilla active:

Code:

Status:	Resolving address of dev.domain.com
Status:	Connecting to 67.23.252.182:21...
Status:	Connection established, waiting for welcome message...
Response:	220 ProFTPD 1.3.5 Server (ProFTPD) [::ffff:67.23.252.182]
Command:	USER deveq2
Response:	331 Password required for domain
Command:	PASS ******
Response:	230 User deveq2 logged in
Status:	Server does not support non-ASCII characters.
Status:	Connected
Status:	Retrieving directory listing...
Command:	PWD
Response:	257 "/" is the current directory
Command:	TYPE I
Response:	200 Type set to I
Command:	PORT 10,130,78,128,242,105
Response:	200 PORT command successful
Command:	MLSD
Error:	Connection timed out
Error:	Failed to retrieve directory listing

FileZilla passive:

Code:

Status:	Resolving address of dev.domain.com
Status:	Connecting to 67.23.252.182:21...
Status:	Connection established, waiting for welcome message...
Response:	220 ProFTPD 1.3.5 Server (ProFTPD) [::ffff:67.23.252.182]
Command:	USER deveq2
Response:	331 Password required for deveq2
Command:	PASS ******
Response:	230 User deveq2 logged in
Status:	Server does not support non-ASCII characters.
Status:	Connected
Status:	Retrieving directory listing...
Command:	PWD
Response:	257 "/" is the current directory
Command:	TYPE I
Response:	200 Type set to I
Command:	PASV
Response:	227 Entering Passive Mode (67,23,252,182,212,14).
Command:	MLSD
Response:	150 Opening BINARY mode data connection for MLSD
Error:	Connection closed by server
Error:	Failed to retrieve directory listing

Uninstalled ProFTP and went back to PureFTP.

Note that in both cases TLS Encryption Support was set to Optional. I tried Disabled with no improvement.

feldon27 · Jan 5, 2015

Well, I had my host look into this and he changed the passive ports to 30000-32000 and restarted both pureFTP and CSF and it magically started working again, whether I connect with Active or Passive. Talk about gremlins!

This thread can be marked RESOLVED I guess.

feldon27 · Jan 5, 2015

This problem is not resolved and keeps reoccurring on an intermittent basis.

Command: MLSD
Response: 150 Connecting to port 5347
Response: 226-Options: -a -l
Response: 226 43 matches total
Error: Connection timed out
Error: Failed to retrieve directory listing

I don't know why it's connecting on a different port when in Active mode.

Directory listings are only part of the problem as individual file transfers will hang as well.

cPanelMichael · Jan 6, 2015

Hello

Are you still able to reproduce the issue when CSF is disabled?

Thank you.

Thread starter	Similar threads	Forum	Replies	Date
V	cPanel filemanager uploads dead slow	File Management	6	Nov 5, 2020
	Frontpage dead server wide	File Management	16	Jun 7, 2004
	proftpd dead but subsys locked	File Management	5	Sep 17, 2003
J	FTP Session Mananger dead?	File Management	8	Jul 22, 2003

Search

Search

Dead in the Water due to FTP Issues

feldon27

Well-Known Member

feldon27

Well-Known Member

feldon27

Well-Known Member

feldon27

Well-Known Member

cPanelMichael

Administrator