August 5th, 2012, 09:26 AM
Cannot access my FTP server
I'm having a strange problem with accessing my FTP server. I have a computer on my home network running bftpd on Arch Linux. If I use a command line client to access the site, it works perfectly. However, when I try to use the browser on my Windows box it can't connect. This is really strange because it worked when I first set it up and I haven't changed anything since then.
I know the browser tries to use passive mode, so I have configured it to use any port from 1400-1440. I have forwarded these ports, allowed the connections from the iptables firewall AND my router's firewall and still no luck.
I'd be grateful for any help.
August 5th, 2012, 12:49 PM
So a remote FTP tester says that the connection times out, whether I use my hostname or my IP address. I know for a fact that there are no routing issues because I can access my web server with no problems.
Netstat says that my server is listening on port 21, as it should be.
I can access my site from a command-line client but only using active mode. The server is configured to use ports 40000 to 40040 for passive data connections - I have allowed these ports using iptables and allowed them through my router's firewall.
This is so strange, I had no problems before. Might my ISP be blocking the connections? Or maybe I accidently enabled a firewall that I didn't know about.
August 6th, 2012, 08:35 AM
So I loaded the iptables module ip_conntrack_ftp, still no luck
although I admit I don't know what that actually does
When I connect from my Windows box using the command-line, the connection times out when I issue the DIR command.
When I connect from the same machine, it doesn't matter whether I use the local IP address, the external IP address, localhost or my external hostname, it all works as it should.
So I am thinking this is something to do with the 227 code, because it returns the IP address (but only the internal one which is wrong).
Enabling pasv_promiscuous does nothing, which is just as well as it's a massive security hole.
August 6th, 2012, 08:46 AM
Last edited by pyr0commie; August 6th, 2012 at 08:46 AM.
Reason: double post
August 28th, 2012, 02:08 PM
This has been solved now and I have no idea what I did...