Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Protftpd - problem z MLSD
View unanswered posts
View posts from last 24 hours
View posts from last 7 days

 
Reply to topic    Gentoo Forums Forum Index Polskie forum (Polish)
View previous topic :: View next topic  
Author Message
najkon
n00b
n00b


Joined: 14 Aug 2016
Posts: 13

PostPosted: Sat Jul 08, 2017 6:41 pm    Post subject: Protftpd - problem z MLSD Reply with quote

Witam,

Wydaje się niby to takie proste, zainstalować serwer ftp wybierając Proftpd z podstawową konfiguracją.
Niestety wszystkie połączenia stają mi na próbie dogadania po MLSD a później po PASV

może ktoś pomóc go ugryźć, aby zaczął działać jak należy? :(

mój konfig

Quote:

### /etc/proftpd/proftpd.conf

ServerName "ProFTPD Server"
ServerType standalone
DefaultServer on
MultilineRFC2228 on
RequireValidShell off
AuthPAM off
AuthPAMConfig ftp
UseIPv6 on
UseReverseDNS off

PassivePorts 57000 58000

# Listen on the standard FTP port 21.
Port 21

# New directories and files should not be group or world writable.
Umask 022

# To prevent DoS attacks set the maximum number of child processes
# to 30. If you need to allow more than 30 concurrent connections
# at once simply increase this value.
MaxInstances 30

# The server will run under ftp/ftp.
User ftp
Group ftp

# Every FTP sessions is "jailed" into the user's home directory.
DefaultRoot ~ !ftp-special

# Generally files are overwritable.
AllowOverwrite on

# Disallow the use of the SITE CHMOD command.
<Limit SITE_CHMOD>
DenyAll
</Limit>

TransferLog /var/log/proftpd/xferlog
SystemLog /var/log/proftpd/proftpd.log

<IfModule mod_delay.c>
DelayEngine on
</IfModule>

<IfModule mod_ctrls.c>
ControlsEngine off
ControlsMaxClients 2
ControlsLog /var/log/proftpd/controls.log
ControlsInterval 5
ControlsSocket /var/run/proftpd/proftpd.sock
</IfModule>

<IfModule mod_ctrls_admin.c>
AdminControlsEngine off
</IfModule>

<IfModule mod_facts.c>
FactsAdvertise off
</IfModule>



wersja : ProFTPD Version 1.3.5e

załadowane moduły
Quote:

/usr/sbin/proftpd -l
Compiled-in modules:
mod_core.c
mod_xfer.c
mod_rlimit.c
mod_auth_unix.c
mod_auth.c
mod_ls.c
mod_log.c
mod_site.c
mod_delay.c
mod_facts.c
mod_dso.c
mod_auth_pam.c
mod_facl.c
mod_case.c
mod_sql.c
mod_sql_passwd.c
mod_sql_mysql.c
mod_sftp.c
mod_sftp_pam.c
mod_sftp_sql.c
mod_tls.c
mod_tls_shmcache.c
mod_wrap2.c
mod_wrap2_file.c
mod_wrap2_sql.c
mod_cap.c
mod_lang.c


emerge proftpd -pv
Quote:

[ebuild R ] net-ftp/proftpd-1.3.5e::gentoo USE="acl caps case dso ipv6 mysql ncurses nls pam pcre sftp ssl tcpd -authfile -ban -clamav -copy -ctrls -deflate -diskuse -doc -dynmasq -exec -ident -ifsession -ifversion -kerberos -ldap (-libressl) -log_forensic -memcache -msg -postgres -qos -radius -ratio -readme -rewrite (-selinux) -shaper -sitemisc -snmp -softquota -sqlite {-test} -trace -unique_id -vroot -xinetd" LINGUAS="-bg_BG -en_US -fr_FR -it_IT -ja_JP -ko_KR -ru_RU -zh_CN -zh_TW" 0 KiB


reguły iptables
Quote:

-A INPUT -p tcp -m multiport --dports 57000:58000 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 20 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 21 -j ACCEPT
Back to top
View user's profile Send private message
Jacekalex
Guru
Guru


Joined: 17 Sep 2009
Posts: 532

PostPosted: Mon Jul 10, 2017 10:50 pm    Post subject: Reply with quote

Próbowałeś zamiast tej reguły:
Code:
-A INPUT -p tcp -m multiport --dports 57000:58000 -j ACCEPT


użyć .nf_conntrack_helper

https://unix.stackexchange.com/questions/93554/iptables-to-allow-incoming-ftp
Back to top
View user's profile Send private message
najkon
n00b
n00b


Joined: 14 Aug 2016
Posts: 13

PostPosted: Tue Jul 11, 2017 4:29 pm    Post subject: Reply with quote

Jacekalex wrote:
Próbowałeś zamiast tej reguły:
Code:
-A INPUT -p tcp -m multiport --dports 57000:58000 -j ACCEPT


użyć .nf_conntrack_helper

https://unix.stackexchange.com/questions/93554/iptables-to-allow-incoming-ftp


Cenna uwaga, nie mniej to nie rozwiązuje problemu.
Dlaczego w domyślnej konfiguracji ten ciołek (proftpd) nie rozmawia po MLSD, PASV
Back to top
View user's profile Send private message
najkon
n00b
n00b


Joined: 14 Aug 2016
Posts: 13

PostPosted: Mon Jul 17, 2017 9:41 am    Post subject: Reply with quote

Rozwiązanie problemu na anglojęzycznej części forum -> https://forums.gentoo.org/viewtopic-p-8089132.html#8089132 :)
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Polskie forum (Polish) All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum