Results 1 to 6 of 6
Hi guys. I installed vsftpd server and it works ok until I turn firewall on. I havse suse 10.2. I gues there must be some magic port, that needs to ...
- 10-24-2007 #1Linux Newbie
- Join Date
- Feb 2006
- Location
- Slovenia
- Posts
- 162
FTP doesn't work through firewall?!
Hi guys. I installed vsftpd server and it works ok until I turn firewall on. I havse suse 10.2. I gues there must be some magic port, that needs to be open besides 20 and 21. Does anyone know which one, or is there any setting in vsftd.conf that needs to be changed. Here is my vsftpd.conf
anonymous_enable=NO
anon_mkdir_write_enable=YES
anon_other_write_enable=YES
anon_umask=022
anon_upload_enable=YES
#anon_world_readable_only=YES
chroot_local_user=YES
dirmessage_enable=YES
download_enable=YES
ftpd_banner=Welcome to S_ FTP server.
guest_enable=YES
guest_username=virtual
listen=YES
local_enable=YES
one_process_model=NO
pam_service_name=vsftpd
xferlog_enable=YES
xferlog_file=/var/log/vsftpd.log
xferlog_std_format=YES
write_enable=YES
#local_umask=022
connect_from_port_20=YES
#listen_port=2121
pasv_enable=YES
pam_service_name=vsftpd
and this are the opened ports in my firewall:
tcp:137 138 20:22 4 42826 43118 43119 4662 5
udp:139 20:21 4 42826 43118 43119 445 4662 5
under allowed services I added:
DNS Server
IPsec
NFS Client
NFS Server
SSH
TFT Server
Thanx for your help guys.
- 10-25-2007 #2Linux Guru
- Join Date
- Jun 2004
- Location
- The Keystone State
- Posts
- 2,281
Best thing to do is turn on the firewall and set it to log everything. Then make a few tests with the ftp server and see what gets posted into the log file. This will help you find what might be causing the issue on the firewall and what port(s) your ftp server is trying to use.
- 10-26-2007 #3Linux Newbie
- Join Date
- Feb 2006
- Location
- Slovenia
- Posts
- 162
Thanx Lazydog, can please tell me how to turn firewall logging on and where is the firewall log file located on disk. Thanx again
- 10-27-2007 #4Linux Guru
- Join Date
- Jun 2004
- Location
- The Keystone State
- Posts
- 2,281
for iptables do something like this;
In the INPUT chain add the following;
In the OUTPUT chain add the following;Code:iptables -A INPUT -j LOG --log-prefix "[FIREWALL-INPUT] : " --log-tcp-options --log-ip-options
This will log everything. you shoudl see the logging in /bar/log/maeeasgesCode:iptables -A OUTPUT -j LOG --log-prefix "[FIREWALL-OUTPUT] : " --log-tcp-options --log-ip-options
- 10-29-2007 #5Linux Newbie
- Join Date
- Feb 2006
- Location
- Slovenia
- Posts
- 162
Thanx Lazydog, I'll give it a try
- 10-29-2007 #6Linux Guru
- Join Date
- Jun 2004
- Location
- The Keystone State
- Posts
- 2,281
That should be /var/log/messages. Sorry.
Originally Posted by Lazydog 
Reply With Quote 
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts