ftp connection to the server failed and it will throw an error like
[ajeesh@tech24 ~]$ ftp ftp.yourdomain.com
Connected to ftp.yourdomai.com (IP).
220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
220-You are user number 1 of 50 allowed.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> ls
227 Entering Passive Mode ()
ftp: connect: Connection timed out
Solution:-
pure-ftpd you could add the port range 30000:35000 to TCP_IN and add the following line to /etc/pure-ftpd.conf and then restart pure-ftpd:
PassivePortRange 30000 35000
after that we need to enter the port range 30000:35000 on /etc/csf/csf.conf on the line ' TCP_IN = ' [Allow incoming TCP ports]
This will fix my issue
Related issue also fixed
*WARNING* Since the Virtuozzo VPS iptables ip_conntrack_ftp kernel module is currently broken you have to open a PASV port hole in iptables for incoming FTP connections to work correctly. See the csf readme.txt under 'A note about FTP Connection Issues' on how to do this if you have not already done so.
csftest.pl
Testing ipt_recent...FAILED [Error: iptables: Unknown error 18446744073709551615] - Required for PORTFLOOD feature
=====================
To activate passive mode in Firewall Pf and FTP server PureFtp.
1. First we need to check the conf of pureftp PassivePortRange
Suppose it is 30001 32000
2. open your pf configuration file /etc/pf.conf and enter the following rule
pass in on $ext_if proto tcp from any to any port 30000 >< 32001 keep state
3. ipf -Fa -f /etc/ipf.rules;sleep 40;ipf -Fa :- for testing the firewall for 40 sec
4. if step 3 is ok then reload your pf firewall : ipf -Fa -f /etc/ipf.rules
=======================
No comments:
Post a Comment