[Lias] vsftpd
Simon Bryan
simon.bryan at olmc.nsw.edu.au
Mon Jul 19 08:36:01 UTC 2004
It was a firewall issue, outbound connections were not allowed from the
network.
On Mon, July 19, 2004 9:08 am, Paul Gear said:
> Ken Yap wrote:
>>>Hi all,
>>>I am trying to setup vsftpd on my RH9 system. I can login OK with a
>>> local
>>>user, anonymous access and all other users are denied OK. However every
>>>attempt to do a ls or dir is met with
>>>
>>>200 PORT command successful.Consider using PASV
>>>425 Failed to establish connection
>>>...
>>
>> http://forums.devshed.com/archive/t-109746
>>
>> Does this page, found using Google, shed any light on your problem? Do
>> you need to enable port 20 and also let port 20 through any firewalls
>> you have? Alternatively use PASV mode, like the server suggests.
>
> You shouldn't have to do that if you run iptables with the FTP
> connection tracking module. I've never needed to add anything more
> than the base port with FTP - the connection tracking takes care of
> the rest.
>
> Here's my vsftpd.conf:
>
> anonymous_enable=YES
> dirmessage_enable=YES
> xferlog_enable=YES
> connect_from_port_20=YES
> xferlog_std_format=YES
> nopriv_user=ftp
> ftpd_banner=Redlands College FTP service. Unauthorised use prohibited.
> pam_service_name=vsftpd
> userlist_enable=YES
> listen=YES
> tcp_wrappers=YES
>
> I think your problem is connect_from_port_20=NO. If you change that,
> it should be allowed through.
>
> Paul
>
> P.S. From a legal perspective, i've heard that the word welcome
> really is not desirable and you probably should just say the name of
> the service and "Unauthorised use prohibited" as shown above.
>
--
Simon Bryan
IT Manager
OLMC Parramatta
More information about the lias
mailing list