Jump to content
  • Advertisement

Archived

This topic is now archived and is closed to further replies.

VSFTPD - tweaking things just right

This topic is 5387 days old which is more than the 365 day threshold we allow for new replies. Please post a new topic.

If you intended to correct an error in the post then please contact us.

Recommended Posts

Though this may belong more on a networking forum I''ll post it here like I usually do. VSFTPD or any other FTP client either Linux or not can establish an active or passive connection that after using port 21 for the initial connection, a port 1024-65535 is used for the second data connection for file transfer. My router though only has port 20 and 21 open and I feel a bit reluctant to just open up all ports in that wide range. Are my concerns justified? Is there any other way or will I really need to open it all up in that range? I think after I fix this I shouldn''t have any more freagin problems with.

Share this post


Link to post
Share on other sites
Advertisement
I would be slightly concerned, I had a firewall, so that only FTP, WWW and, SSH were able to go through, and that was fine. Try here for a list of programs that work within that range,as well as many others.

Share this post


Link to post
Share on other sites
Some firewalls are able to detect that the outbound connect is related to the first FTP connection and permit the connection.

I believe IPTABLES support this if you load the ftp module, but its been a while since I ran an non Pix firewall on a daily basis.

Int.

Share this post


Link to post
Share on other sites
quote:
Original post by Interim
Some firewalls are able to detect that the outbound connect is related to the first FTP connection and permit the connection.

I believe IPTABLES support this if you load the ftp module, but its been a while since I ran an non Pix firewall on a daily basis.

Int.


I'll take a look into IPTABLES. I remember someone recommending using that to solve the issue. Of course if all else fails I'll just write php script with http.

EDIT: Though I did open up all high ports to test the system and people still had problems getting through. I made the conf file as open as possible too. I'll just scrap ftp except for my own purposes and just implement a script.

[edited by - nervo on August 20, 2003 1:54:40 AM]

Share this post


Link to post
Share on other sites
Or if you have some other type of firewall between your computer, and the internet, make sure that port forwarding is enabled, and that ports 20 and 21 are forwarded to your computer. I noticed that you said you had a router, and want to make sure that works.

Share this post


Link to post
Share on other sites
quote:
Original post by bastard2k5
Or if you have some other type of firewall between your computer, and the internet, make sure that port forwarding is enabled, and that ports 20 and 21 are forwarded to your computer. I noticed that you said you had a router, and want to make sure that works.


The router I have has not only ports 20 and 21 forwarded right now, but all high ports 1024 and above. Perhaps I need to read up more on detailed networking in order to make it work for everyone sometime in the future. I find it strange that some people get through while many others still don''t.

Share this post


Link to post
Share on other sites
Do you have any sort of maximum connections, or any sort of limits of number of users in your ftp conf file? that could be a reason. Perhaps giving some people above anonymous accounts could ease it.

Share this post


Link to post
Share on other sites
iirc,

one of them (Passive?) fails when your firewall is too restricive. the other (Active?) fails when the user''s firewall is too restrictive.

The real trick is finding out why those people are failing. Ask them to use a real ftp client (not IE) and to send you logs of their session if its still fails.

Share this post


Link to post
Share on other sites

  • Advertisement
×

Important Information

By using GameDev.net, you agree to our community Guidelines, Terms of Use, and Privacy Policy.

Participate in the game development conversation and more when you create an account on GameDev.net!

Sign me up!