Proftpd + ipfw + pasivni pripojeni pres web browser

Ladislav Kohout omicron.czech at gmail.com
Tue Jun 2 16:04:46 CEST 2009


Zdravim,

  budu vdecny za kazdou radu k nasledujicimu problemu:

Mam nastaveny proftpd server s db uzivatelu v mysql verze 1.3.0_1. Ve
firewallu (ipfw) povolene vyjimky pro 20 a 21 port takze v aktivnim modu vse
slape dobre. Verze BSD 6.0-RELEASE-p7.

Bohuzel jeden z klientu pozaduje pristup pres webovy prohlizec. Nastavil
jsem tedy v proftpd:

#Passive
PassivePorts 49152 65534

a do ipfw pridal vyjimky:

add 180 allow tcp from any to any dst-port 49152-65535
add 190 allow tcp from me to any dst-port 49152-65535

(zkousel jsem i allow tcp from any to any dst-port 49152-65535)

Ale presto se se zapnutym firewallem spojeni pres webovy prohlizec se
serverem nenavaze.
Vyzada si autorizaci a pak jen nacita a nacita bez zadne hlasky.

Do logu se zapise:
Jun  2 15:50:01 inferno proftpd[56254]:
server.domena.cz(IP.IP.IP.IP[IP.IP.IP.IP]) - USER useruser: Login
successful.
Jun  2 15:50:01 inferno proftpd[56254]:
server.domena.cz(IP.IP.IP.IP[IP.IP.IP.IP]) - Preparing to chroot to
directory
'/web/olympiccz'
Jun  2 15:50:47 inferno proftpd[56147]:
server.domena.cz(IP.IP.IP.IP[IP.IP.IP.IP]) - Passive data transfer
failed, possibly due to
network issues
Jun  2 15:50:47 inferno proftpd[56147]:
server.domena.cz(IP.IP.IP.IP[IP.IP.IP.IP]) - Check your PassivePorts
and MasqueradeAddress
settings,
Jun  2 15:50:47 inferno proftpd[56147]:
server.domena.cz(IP.IP.IP.IP[IP.IP.IP.IP]) - and any router, NAT, and
firewall rules in the
network path.
Jun  2 15:50:47 inferno proftpd[56147]:
server.domena.cz(IP.IP.IP.IP[IP.IP.IP.IP]) - FTP no transfer timeout,
disconnected
Jun  2 15:50:47 inferno proftpd[56147]:
server.domena.cz(IP.IP.IP.IP[IP.IP.IP.IP]) - FTP session closed.

Predem dekuji za odpovedi.

-- 
Ladislav Kohout DiS

mobil: 606 787 923
ICQ: 210-192-640



More information about the Users-l mailing list