For some reason my ftp no longer works. (Ubuntu Raring, kernel
3.14-1-amd64, Sw 4.6.1.2-1)
I can clearly see that Shorewall is blocking passive ftp attempts, but I
don't know what to do about it. Connexion tracking doesn't seem to be
working.
I've gone through http://www.shorewall.net/FTP.html but I see nothing
I'm doing wrong. I do have nf_conntrack_ftp and nf_nat_ftp loaded. In
rules:
ACCEPT $FW net tcp ...,ftp,ftps,... -
$ ftp 192.154.143.???
Connected to
192.154.143.???.
220---------- Welcome to Pure-FTPd [privsep] [TLS]
----------
220-You are user number 8 of 50
allowed.
220-Local time is now 12:05. Server port:
21.
220-This is a private system - No anonymous
login
220-IPv6 connections are also welcome on this
server.
220 You will be disconnected after 15 minutes of
inactivity.
Name (192.154.143.???:geo): delb
331 User delb OK. Password
required
Password:
230 OK. Current restricted directory is /
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> debug
Debugging on (debug=1).
ftp> passive
Passive mode on.
ftp> ls
ftp: setsockopt (ignored): Permission denied
---> PASV
227 Entering Passive Mode (192,154,143,???,41,87)
ftp: connect: Connection refused
ftp> ls
ftp: setsockopt (ignored): Permission denied
---> PASV
227 Entering Passive Mode (192,154,143,???,227,234)
ftp: connect: Connection refused
ftp> passive
Passive mode off.
ftp> ls
ftp: setsockopt (ignored): Permission denied
---> PORT 192,168,1,9,218,2
421 Timeout - try typing a little faster next time
ftp>
huh? That was instant.
------------------------------------------------------------------------------