Portal Home > Knowledgebase > Articles Database > problem with ftp and apf
problem with ftp and apf
Posted by j0sh78, 11-19-2008, 09:28 AM |
problem with ftp and apf
hi all
i installed apf months ago... all was right until some days ago
after a dist-upgrade (debian) i can't transfer backups via ftp from my server to others
if i connect via shell in ftp and try to transfer files on a remote server all i receive this error
421 Service not available, remote server has closed connection
but if i stop apf all is right...
someone had a similar problem?
|
Posted by hstsupport, 11-19-2008, 10:54 AM |
Check that ports 20,21 are added to IG_TCP_CPORTS and IG_UDP_CPORTS in conf.apf
You can also check if passive/active FTP modes switching changes anything.
__________________
Ivan V, technical support
Landis Holdings, Inc - Power, Speed, Reliability
Reseller, shared, VPS, Dedicated hostinghttp://hostingzoom.com/
|
Posted by j0sh78, 11-19-2008, 11:24 AM |
Quote:
Originally Posted by hstsupport
Check that ports 20,21 are added to IG_TCP_CPORTS and IG_UDP_CPORTS in conf.apf
You can also check if passive/active FTP modes switching changes anything.
yes these ports are just in conf
switching between passive/active mode doesn't fix the problem :-(
|
Posted by david510, 11-19-2008, 11:53 AM |
What does this show from the server shell
telnet localhost 21
__________________
Davidhttp://cliffsupport.com
"Where support matters"
|
Posted by cascoing, 11-19-2008, 12:11 PM |
Can you make sure that FTP is running on the server ? If so, just have a try by restarting it.
ps aux | grep -i ftp
|
Posted by j0sh78, 11-19-2008, 12:30 PM |
Quote:
Originally Posted by david510
What does this show from the server shell
telnet localhost 21
Trying 127.0.0.1...
Connected to localhost.localdomain.
Escape character is '^]'.
220 ProFTPD 1.3.1 Server (ProFTPD Default Installation) [127.0.0.1]
|
Posted by j0sh78, 11-19-2008, 12:33 PM |
Quote:
Originally Posted by cascoing
Can you make sure that FTP is running on the server ? If so, just have a try by restarting it.
ps aux | grep -i ftp
nobody 403 0.0 0.0 5020 1236 ? Ss 16:30 0:00 proftpd: (accepting connections)
|
Posted by eth00, 11-19-2008, 01:29 PM |
Have you tried just restarting ftp?
What about ftp localhost, does that work?
You can also check /var/log/messages and maybe /var/log/proftpd.log to see if anything useful is listed in the logs.
Sounds like it is probably a configuration problem somewhere.
__________________
John Security and general linux how-to'sTotalServerSolutions - for all your linux server and colocation needs!
|
Posted by amalji, 11-19-2008, 03:37 PM |
Quote:
Originally Posted by j0sh78
hi all
i installed apf months ago... all was right until some days ago
after a dist-upgrade (debian) i can't transfer backups via ftp from my server to others
if i connect via shell in ftp and try to transfer files on a remote server all i receive this error
421 Service not available, remote server has closed connection
but if i stop apf all is right...
someone had a similar problem?
1) Are you intiating the ftp connection from the server where apf is installed to remote servers and then upload the data, or is it the other way round where remote servers connect to ftp installed on your server ( where apf is installed ) and fetch the data ?
2) Do you have the module - ip_conntrack_ftp enabled on the kernel where ftp server is installed?
|
Posted by j0sh78, 11-20-2008, 07:02 AM |
Quote:
Originally Posted by eth00
Have you tried just restarting ftp?
What about ftp localhost, does that work?
You can also check /var/log/messages and maybe /var/log/proftpd.log to see if anything useful is listed in the logs.
Sounds like it is probably a configuration problem somewhere.
i restarted ftp, ftp works on localhost, in the logs i didn't found nothing useful
when i disable apf all works right so i think i've to open some additional port
|
Posted by j0sh78, 11-20-2008, 07:07 AM |
Quote:
Originally Posted by amalji
1) Are you intiating the ftp connection from the server where apf is installed to remote servers and then upload the data, or is it the other way round where remote servers connect to ftp installed on your server ( where apf is installed ) and fetch the data ?
2) Do you have the module - ip_conntrack_ftp enabled on the kernel where ftp server is installed?
1) yes i'm uploading from my server with apf installed to a remote server
2) my server loaded the ip_conntrack module but not the ip_conntrack_ftp
|
Posted by 040Hosting, 11-20-2008, 08:09 AM |
Dont know if you did check this already but make sure you have your ftp daemon setup to accept passive transfers; and make sure that the port-range is setup correctly in APF.
i.e. if you have set up the proftpd to use: PassivePorts 60000 65535
you will need to add these to APF as well to be allowed.
When using firewalls you should use passive ports to avoid clients from having issues; In passive mode FTP the client initiates both connections to the server, solving the problem of firewalls filtering the incoming data port connection to the client from the server.
|
Add to Favourites Print this Article
Also Read
WorldPay? (Views: 561)