Portal Home > Knowledgebase > Articles Database > problem with ftp and apf


problem with ftp and apf




Posted by j0sh78, 11-19-2008, 09:28 AM
problem with ftp and apf hi all i installed apf months ago... all was right until some days ago after a dist-upgrade (debian) i can't transfer backups via ftp from my server to others if i connect via shell in ftp and try to transfer files on a remote server all i receive this error 421 Service not available, remote server has closed connection but if i stop apf all is right... someone had a similar problem?

Posted by hstsupport, 11-19-2008, 10:54 AM
Check that ports 20,21 are added to IG_TCP_CPORTS and IG_UDP_CPORTS in conf.apf You can also check if passive/active FTP modes switching changes anything. __________________ Ivan V, technical support Landis Holdings, Inc - Power, Speed, Reliability Reseller, shared, VPS, Dedicated hostinghttp://hostingzoom.com/

Posted by j0sh78, 11-19-2008, 11:24 AM
Quote: Originally Posted by hstsupport Check that ports 20,21 are added to IG_TCP_CPORTS and IG_UDP_CPORTS in conf.apf You can also check if passive/active FTP modes switching changes anything. yes these ports are just in conf switching between passive/active mode doesn't fix the problem :-(

Posted by david510, 11-19-2008, 11:53 AM
What does this show from the server shell telnet localhost 21 __________________ Davidhttp://cliffsupport.com "Where support matters"

Posted by cascoing, 11-19-2008, 12:11 PM
Can you make sure that FTP is running on the server ? If so, just have a try by restarting it. ps aux | grep -i ftp

Posted by j0sh78, 11-19-2008, 12:30 PM
Quote: Originally Posted by david510 What does this show from the server shell telnet localhost 21 Trying 127.0.0.1... Connected to localhost.localdomain. Escape character is '^]'. 220 ProFTPD 1.3.1 Server (ProFTPD Default Installation) [127.0.0.1]

Posted by j0sh78, 11-19-2008, 12:33 PM
Quote: Originally Posted by cascoing Can you make sure that FTP is running on the server ? If so, just have a try by restarting it. ps aux | grep -i ftp nobody 403 0.0 0.0 5020 1236 ? Ss 16:30 0:00 proftpd: (accepting connections)

Posted by eth00, 11-19-2008, 01:29 PM
Have you tried just restarting ftp? What about ftp localhost, does that work? You can also check /var/log/messages and maybe /var/log/proftpd.log to see if anything useful is listed in the logs. Sounds like it is probably a configuration problem somewhere. __________________ John Security and general linux how-to'sTotalServerSolutions - for all your linux server and colocation needs!

Posted by amalji, 11-19-2008, 03:37 PM
Quote: Originally Posted by j0sh78 hi all i installed apf months ago... all was right until some days ago after a dist-upgrade (debian) i can't transfer backups via ftp from my server to others if i connect via shell in ftp and try to transfer files on a remote server all i receive this error 421 Service not available, remote server has closed connection but if i stop apf all is right... someone had a similar problem? 1) Are you intiating the ftp connection from the server where apf is installed to remote servers and then upload the data, or is it the other way round where remote servers connect to ftp installed on your server ( where apf is installed ) and fetch the data ? 2) Do you have the module - ip_conntrack_ftp enabled on the kernel where ftp server is installed?

Posted by j0sh78, 11-20-2008, 07:02 AM
Quote: Originally Posted by eth00 Have you tried just restarting ftp? What about ftp localhost, does that work? You can also check /var/log/messages and maybe /var/log/proftpd.log to see if anything useful is listed in the logs. Sounds like it is probably a configuration problem somewhere. i restarted ftp, ftp works on localhost, in the logs i didn't found nothing useful when i disable apf all works right so i think i've to open some additional port

Posted by j0sh78, 11-20-2008, 07:07 AM
Quote: Originally Posted by amalji 1) Are you intiating the ftp connection from the server where apf is installed to remote servers and then upload the data, or is it the other way round where remote servers connect to ftp installed on your server ( where apf is installed ) and fetch the data ? 2) Do you have the module - ip_conntrack_ftp enabled on the kernel where ftp server is installed? 1) yes i'm uploading from my server with apf installed to a remote server 2) my server loaded the ip_conntrack module but not the ip_conntrack_ftp

Posted by 040Hosting, 11-20-2008, 08:09 AM
Dont know if you did check this already but make sure you have your ftp daemon setup to accept passive transfers; and make sure that the port-range is setup correctly in APF. i.e. if you have set up the proftpd to use: PassivePorts 60000 65535 you will need to add these to APF as well to be allowed. When using firewalls you should use passive ports to avoid clients from having issues; In passive mode FTP the client initiates both connections to the server, solving the problem of firewalls filtering the incoming data port connection to the client from the server.



Was this answer helpful?

Add to Favourites Add to Favourites    Print this Article Print this Article

Also Read
WorldPay? (Views: 561)