The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

issue w/ pureftpd & apf firewall

Discussion in 'General Discussion' started by kahoz, Apr 11, 2004.

  1. kahoz

    kahoz Well-Known Member

    Joined:
    Nov 7, 2003
    Messages:
    78
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Portugal
    hi everyone.

    i am running pureftpd on my server, but looks like he and my firewall (apf) recently are alyways fighting with each other. when apf is running, i can't access any dir via ftp. the log reports:

    CWD /public_html/flash/
    250 OK. Current directory is /public_html/flash
    PWD
    257 "/public_html/flash" is your current location
    TYPE A
    200 TYPE is now ASCII
    PASV
    227 Entering Passive Mode (66,90,73,***,60,204)
    Data Socket Error: Connection timed out
    List Error

    the same would happen if i used proftpd, i already tested it.

    maybe this can help (/etc/apf/conf.apf):

    thanks in advance.
     
  2. eth00

    eth00 Well-Known Member
    PartnerNOC

    Joined:
    Mar 30, 2003
    Messages:
    723
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    NC
    cPanel Access Level:
    Root Administrator
    Did you set the pasv_ports in the pureftp config? I am not sure the exact syntax but I imagine that is your problem.
     
  3. kahoz

    kahoz Well-Known Member

    Joined:
    Nov 7, 2003
    Messages:
    78
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Portugal
    hi.

    i already solved my problem adding the 'passiveports' value to /etc/proftpd.conf. thanks anyway :)
     
  4. damainman

    damainman Well-Known Member

    Joined:
    Nov 13, 2003
    Messages:
    515
    Likes Received:
    0
    Trophy Points:
    16
    you mind explaining what you did in bried detail :)?
     
  5. kahoz

    kahoz Well-Known Member

    Joined:
    Nov 7, 2003
    Messages:
    78
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Portugal
    add this to /etc/proftpd.conf:

    ##### added to make passive transfer work
    # use part of the IANA registered ephemeral port range
    PassivePorts 49152 49161

    then make sure your firewall is not blocking this ports :)
     
  6. eth00

    eth00 Well-Known Member
    PartnerNOC

    Joined:
    Mar 30, 2003
    Messages:
    723
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    NC
    cPanel Access Level:
    Root Administrator
    He is using pureftp not proftp.
     
  7. Solokron

    Solokron Well-Known Member

    Joined:
    Aug 8, 2003
    Messages:
    849
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    Seattle
    cPanel Access Level:
    DataCenter Provider
    Yes, I believe he meant /etc/pure-ftpd.conf

     
  8. gvard

    gvard Well-Known Member
    PartnerNOC

    Joined:
    Dec 22, 2003
    Messages:
    195
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    Athens/GREECE
    cPanel Access Level:
    DataCenter Provider
    Greetings from Greece,

    Can you please tell me in which part of conf.apf you entered this port range? I can't make PASV mode with ProFTPD to work :(
     
  9. kahoz

    kahoz Well-Known Member

    Joined:
    Nov 7, 2003
    Messages:
    78
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Portugal
    try adding the port range to IG_TCP_CPORTS in the apf configuration file.
     
  10. gvard

    gvard Well-Known Member
    PartnerNOC

    Joined:
    Dec 22, 2003
    Messages:
    195
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    Athens/GREECE
    cPanel Access Level:
    DataCenter Provider
    Greetings from Greece,

    I have found a temporary workaround. I have to add "PassivePorts" directive to each and every account listed in proftpd.conf. but I can't do that forever. Is there any way to do it permanent? I tried entering it in proftpd.conf before the accounts configuration, with no success.
     
  11. Rooter

    Rooter Well-Known Member

    Joined:
    Apr 23, 2003
    Messages:
    146
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    Houston, Texas, U.S.A.
    cPanel Access Level:
    Root Administrator
  12. Rooter

    Rooter Well-Known Member

    Joined:
    Apr 23, 2003
    Messages:
    146
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    Houston, Texas, U.S.A.
    cPanel Access Level:
    Root Administrator
    For anyone that still has an issue, specifically for Pure-FTPd, try this.

    /etc/pure-ftpd.conf
    # IANA-registered ephemeral port range 49152 65534
    PassivePortRange 49152 50000

    AND

    /etc/sysconfig/pure-ftpd (will most likely have to add these lines)
    # PassivePortRange
    # IANA-registered ephemeral port range 49152 65534
    -p 49152:50000

    Don't forget to restart pure-ftpd when you finish editing the two files. You may also need to edit your firewall to allow the passive port range.

    The port range 49152 through 50000 is what I used, you may change as needed.
     
  13. chican0

    chican0 Well-Known Member

    Joined:
    Mar 26, 2003
    Messages:
    59
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Los Angeles
    Worked for me! Thank you very much!
     
Loading...

Share This Page