Proftpd + ipfw + pasivni pripojeni pres web browser
Ladislav Kohout
omicron.czech at gmail.com
Tue Jun 2 16:04:46 CEST 2009
Zdravim,
budu vdecny za kazdou radu k nasledujicimu problemu:
Mam nastaveny proftpd server s db uzivatelu v mysql verze 1.3.0_1. Ve
firewallu (ipfw) povolene vyjimky pro 20 a 21 port takze v aktivnim modu vse
slape dobre. Verze BSD 6.0-RELEASE-p7.
Bohuzel jeden z klientu pozaduje pristup pres webovy prohlizec. Nastavil
jsem tedy v proftpd:
#Passive
PassivePorts 49152 65534
a do ipfw pridal vyjimky:
add 180 allow tcp from any to any dst-port 49152-65535
add 190 allow tcp from me to any dst-port 49152-65535
(zkousel jsem i allow tcp from any to any dst-port 49152-65535)
Ale presto se se zapnutym firewallem spojeni pres webovy prohlizec se
serverem nenavaze.
Vyzada si autorizaci a pak jen nacita a nacita bez zadne hlasky.
Do logu se zapise:
Jun 2 15:50:01 inferno proftpd[56254]:
server.domena.cz(IP.IP.IP.IP[IP.IP.IP.IP]) - USER useruser: Login
successful.
Jun 2 15:50:01 inferno proftpd[56254]:
server.domena.cz(IP.IP.IP.IP[IP.IP.IP.IP]) - Preparing to chroot to
directory
'/web/olympiccz'
Jun 2 15:50:47 inferno proftpd[56147]:
server.domena.cz(IP.IP.IP.IP[IP.IP.IP.IP]) - Passive data transfer
failed, possibly due to
network issues
Jun 2 15:50:47 inferno proftpd[56147]:
server.domena.cz(IP.IP.IP.IP[IP.IP.IP.IP]) - Check your PassivePorts
and MasqueradeAddress
settings,
Jun 2 15:50:47 inferno proftpd[56147]:
server.domena.cz(IP.IP.IP.IP[IP.IP.IP.IP]) - and any router, NAT, and
firewall rules in the
network path.
Jun 2 15:50:47 inferno proftpd[56147]:
server.domena.cz(IP.IP.IP.IP[IP.IP.IP.IP]) - FTP no transfer timeout,
disconnected
Jun 2 15:50:47 inferno proftpd[56147]:
server.domena.cz(IP.IP.IP.IP[IP.IP.IP.IP]) - FTP session closed.
Predem dekuji za odpovedi.
--
Ladislav Kohout DiS
mobil: 606 787 923
ICQ: 210-192-640
More information about the Users-l
mailing list