Linux Archive

Linux Archive (http://www.linux-archive.org/)
-   CentOS (http://www.linux-archive.org/centos/)
-   -   VSFTPD passive mode is not working (http://www.linux-archive.org/centos/591444-vsftpd-passive-mode-not-working.html)

Fawzy Ibrhim 10-26-2011 11:37 AM
VSFTPD passive mode is not working
 
I have Centos 5.7 64bit; I have installed vsftpd as standalone service and using it for two years now with no problem. Suddenly; only it works with active mode. The passive mode stops working and gives time out. Firewall is disabled and SELinux is set to permissive.

I ran tcpdump and I noticed that only first three packets reached the FTP for passive mode and no more packets on other ports

# lsmod | grep conntrack

ip_conntrack_ftp****** 41361* 1 ip_nat_ftp
ip_conntrack_netbios_ns*** 36033* 0
ip_conntrack********** 91621* 5 ip_nat_ftp,ip_nat,ip_conntrack_ftp,ip_conntrack_ne tbios_ns,xt_state
nfnetlink************* 40457* 2 ip_nat,ip_conntrack

Any suggestion?


Eng. Fawzy Ibrahim
Linux Systems Administrator
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Tru Huynh 10-26-2011 11:48 AM
VSFTPD passive mode is not working
 
On Wed, Oct 26, 2011 at 04:37:37AM -0700, Fawzy Ibrhim wrote:
> I have Centos 5.7 64bit; I have installed vsftpd as standalone service and using it for two years now with no problem. Suddenly; only it works with active mode. The passive mode stops working and gives time out. Firewall is disabled and SELinux is set to permissive.
>
> I ran tcpdump and I noticed that only first three packets reached the FTP for passive mode and no more packets on other ports
>
> # lsmod | grep conntrack
>
> ip_conntrack_ftp****** 41361* 1 ip_nat_ftp
> ip_conntrack_netbios_ns*** 36033* 0
> ip_conntrack********** 91621* 5 ip_nat_ftp,ip_nat,ip_conntrack_ftp,ip_conntrack_ne tbios_ns,xt_state
> nfnetlink************* 40457* 2 ip_nat,ip_conntrack
>
> Any suggestion?
possibly:
https://bugzilla.redhat.com/show_bug.cgi?id=740399

Tru
--
Tru Huynh (mirrors, CentOS i386/x86_64 Package Maintenance)
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xBEFA581B
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Matt Warren 10-26-2011 02:56 PM
VSFTPD passive mode is not working
 
>> Any suggestion?
> possibly:
> https://bugzilla.redhat.com/show_bug.cgi?id=740399
>
I believe I've run into this problem/that bug as well.

As a workaround, I found that adding the following helped.

pasv_enable=YES
pasv_min_port=35000
pasv_max_port=36000
pasv_address=xxx.xxx.xxx.xxx

If you are NAT'ing, however, it will break passive connections from your private network.

Hope that helps,
Matt

_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Fawzy Ibrhim 11-06-2011 06:37 PM
VSFTPD passive mode is not working
 
Yes; it was an issue with Linux kernel*2.6.18-274.*.el5.centos.plus ; so I switched back to Linux kernel* 2.6.18-238.19.1.el5.centos.plus and it's working now.
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


All times are GMT. The time now is 05:26 AM.

VBulletin, Copyright ©2000 - 2013, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.