The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

FTP Backup and APF

Discussion in 'General Discussion' started by rbjb, Jan 6, 2005.

  1. rbjb

    rbjb Member

    Joined:
    Jan 4, 2003
    Messages:
    16
    Likes Received:
    0
    Trophy Points:
    1
    I have FTP backup enabled in WHM and it works fine. I am backing up my accounts to a MS Windows 2003 server at another location.

    I just installed APF firewall and it is working fine except the backup does not work anymore. If I turn the firewall off and try it, the backup works fine. Turn it back on and it does not work again.

    I have changed ports until I am about exhausted and still can’t get the backup to work.

    Can anybody help.

    Ray
     
  2. haze

    haze Well-Known Member

    Joined:
    Dec 21, 2001
    Messages:
    1,550
    Likes Received:
    3
    Trophy Points:
    38
    How about posting the port configuration of APF so we know what your blocking and allowing ?
     
  3. rbjb

    rbjb Member

    Joined:
    Jan 4, 2003
    Messages:
    16
    Likes Received:
    0
    Trophy Points:
    1
    Here they are.

    # Common ingress (inbound) TCP ports
    IG_TCP_CPORTS="1,20,21,22,25,53,80,110,111,143,443,465,631,783,953,993,995,2082,2083,2084,2086,2087,2095,2096,3306,6666,7786,3000_3500"

    # Common ingress (inbound) UDP ports
    IG_UDP_CPORTS="53,6277"

    # Common ICMP (inbound) types
    # 'internals/icmp.types' for type definition; 'all' is wildcard for any
    IG_ICMP_TYPES="3,5,11,0,30,8"

    # Common egress (outbound) TCP ports
    EG_TCP_CPORTS="20,21,25,37,53,80,110,113,123,443,43,873,953,2089,2703,3306"

    # Common egress (outbound) UDP ports
    EG_UDP_CPORTS="21,53,873,953,6277"

    # Common ICMP egress (outbound) types
    # 'internals/icmp.types' for type definition; 'all' is wildcard for any
    EG_ICMP_TYPES="all"

    Ray
     
  4. haze

    haze Well-Known Member

    Joined:
    Dec 21, 2001
    Messages:
    1,550
    Likes Received:
    3
    Trophy Points:
    38
    Do you have this option enabled in WHM ( backup config )?
    Use Passive mode for Ftp transfers (required if you are behind a firewall or ftp backups fail)

    I'd also research what ports would be in use with the backup which you may or may not have to leave open.
     
  5. rbjb

    rbjb Member

    Joined:
    Jan 4, 2003
    Messages:
    16
    Likes Received:
    0
    Trophy Points:
    1
    I have tried it both ways still no luck. When we set up the FTP backup to the Windows server neither server had a firewall. I couldn't get the FTP backup to work going to the windows server in the passive mode. When I switched off passive it worked fine.

    Then we added the fire wall to the cpanel centOS server and the backups stopped working. We have tried all combinations of ports open we can think of. With the APF firewall on the backup will not work. Turn off the firewall and it works fine.

    We have the same conf.apf file in two other serves and the FTP backup works backing up between these two servers, both CentOS servers.

    The APF firewall seems to be blocking the transfer to the windows server. Two of us have spent about 5 hours each working on this.

    I believe with the passive backup it uses a ramdom high port to transfer files. With passive turned off I believe it should use ports 20 and 21. Windows only use ports 20 and 21 for ftp. So that is why the passive would not work. The passive still does not work using the firewall.


    Does anyone know where the log files for this cpanel FTP backup are?

    Ray
     
  6. haze

    haze Well-Known Member

    Joined:
    Dec 21, 2001
    Messages:
    1,550
    Likes Received:
    3
    Trophy Points:
    38
    Try this shell session:

    tail -f /var/log/messages

    And in another, manually try and ftp to the server, perhaps even in verbose mode to see whats happening.
     
  7. dhecker

    dhecker Well-Known Member

    Joined:
    Dec 3, 2003
    Messages:
    50
    Likes Received:
    0
    Trophy Points:
    6
    same

    I'm having the same problem - the backups cannot connect to my ftp server using PORT or PASV mode. It works with ap turned off.

    Was there a solution for this?
     
  8. webignition

    webignition Well-Known Member

    Joined:
    Jan 22, 2005
    Messages:
    1,880
    Likes Received:
    0
    Trophy Points:
    36
Loading...

Share This Page