CentOS - Jun 2008 - vsftpd and active mode connections causes FTP session to hang

I've encountered an odd error state that I haven't been able to resolve
yet.  I have a customer that, for what ever reason, wants to use active
mode occasionally for FTP xfers.  What they have noticed, is that after
you switch to active, and issue a command (they do 'ls', I've done
other
things like 'put' and 'get', etc.), the connection hangs.  If
you wait a
bit it returns with a "425 Failed to establish connection".  I've
tried
this on three hosts so far (all CentOS 5) and they all behave the same,
some of which there is effectively no firewall (all traffic is allowed
from my workstation to the host, and no restrictions on exiting
traffic).

All google searches about this behavour thus far have talked about old
versions of vsftpd or using filesystems such as FAT, which don't apply
in all cases.  Any ideas?


--Tim
 ____________________________________________________________ 
/ bureaucracy, n:                                            \
\         A method for transforming energy into solid waste. /
 ------------------------------------------------------------ 
  \
   \   \
        \ /\
        ( )
      .( o ).

On Thu, 2008-06-05 at 11:05 -0700, Timothy Selivanow
wrote:
> Any ideas?
Did you open both ftp and ftp-data ports?

-- 
Ignacio Vazquez-Abrams <ivazqueznet at gmail.com>

PLEASE don't CC me; I'm already subscribed
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL:
<http://lists.centos.org/pipermail/centos/attachments/20080605/24c7d069/attachment-0002.sig>

On Thu, 2008-06-05 at 14:23 -0400, Ignacio Vazquez-Abrams
wrote:
> On Thu, 2008-06-05 at 11:05 -0700, Timothy Selivanow wrote:
> > Any ideas?
> 
> Did you open both ftp and ftp-data ports?
Yes.  On some of the hosts, my workstation is just explicitly allowed
through also (I've also tried turning off iptables, just in case).


--Tim
 ______________________________________________________________ 
< I wouldn't be so paranoid if you weren't all out to get me!! >
 -------------------------------------------------------------- 
  \
   \   \
        \ /\
        ( )
      .( o ).

On Thu, Jun 5, 2008 at 2:05 PM, Timothy Selivanow
<timothy.selivanow at virtualxistenz.com> wrote:
> things like 'put' and 'get', etc.), the connection hangs. 
If you wait a
> bit it returns with a "425 Failed to establish connection". 
I've tried
Is the FTP client behind NAT? If it is then active FTP won't work,
since the client will request the server to connect to the internal
IP.

HTH,
Filipe