Find the answer to your Linux question:
Results 1 to 5 of 5
Hi there! I'm a PhD candidate from Rome, and I'm trying to install an FTP service for my research group. I've some troubles with VSFTPD on SUSE 10.1 x86-64: it ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Sep 2006
    Posts
    3

    vsftp firewall problem


    Hi there!
    I'm a PhD candidate from Rome, and I'm trying to install an FTP service for my research group.
    I've some troubles with VSFTPD on SUSE 10.1 x86-64: it is possible to read the directories from a remote client only if the firewall is shut down.
    This is the vsftpd.conf file:

    write_enable=YES
    dirmessage_enable=YES
    local_enable=YES
    chroot_local_user=YES
    anonymous_enable=no
    anon_world_readable_only=YES
    syslog_enable=YES
    pam_service_name=vsftpd
    ssl_enable=NO

    and this is the firewall configuration:

    Firewall starting
    Start firewall at boot
    Internal zone
    Interfaces
    ASUSTeK CK8S Ethernet Controller / eth-id-00:11:2f:ba:43:2c
    Services, ports and protocols admitted
    SSH
    Ports TCP: 20, 21
    Ports UDP: 20, 21
    Demilitarized zone
    Interfaces
    'any' Currently supported only in external zones.
    Services, ports and protocols admitted
    SSH
    Ports TCP: 20, 21
    Ports UDP: 20, 21
    External zone
    Interfaces
    'any' The not assigned interfaces will be assigned to this zone.
    Services, ports and protocols admitted
    SSH
    Ports TCP: 20, 21
    Ports UDP: 20, 21

    Tanks a lot for your aid, I really need it!

  2. #2
    Just Joined!
    Join Date
    Aug 2006
    Posts
    46
    By no means an expert but it looks like the protocols in your firewall config are insufficient.

    I know this from setting up an ADSL modem router on a windows machine.
    TCP and UDP are needed for a web sever ( http) you need additional ones ( and ports) for ftp.
    I'm not at home at the moment so i can;t check my router config files but thought i'd try and point you in the right direction.

    Good luck.

  3. #3
    Just Joined!
    Join Date
    Sep 2006
    Posts
    3
    Tanks a lot bigfilsing,
    but I had no luck.
    I've tried to use the word "ftp" instead of setting on my own each single port, this should made automatic the ports opening for ftp services. moreover I enabled "ftp" also for the field "protocols ip", I think this is all I can do with the yast2 interface for the firewall.
    This is the new vsftpd.conf:

    Firewall starting
    Start firewall at boot
    Internal zone
    Interfaces
    ASUSTeK CK8S Ethernet Controller / eth-id-00:11:2f:ba:43:2c
    Services, ports and protocols admitted
    SSH
    Ports TCP: ftp
    Ports UDP: ftp
    Protocols IP: ftp
    Demilitarized zone
    Interfaces
    'any' Currently supported only in external zones.
    Services, ports and protocols admitted
    SSH
    Ports TCP: ftp
    Ports UDP: ftp
    Protocols IP: ftp
    External zone
    Interfaces
    'any' The not assigned interfaces will be assigned to this zone.
    Services, ports and protocols admitted
    SSH
    Ports TCP: ftp
    Ports UDP: ftp
    Protocols IP: ftp


  4. #4
    Just Joined!
    Join Date
    Aug 2006
    Posts
    46
    That definately won't work. You have to put port numbers nect to the protocol UDP & TCP
    I'd put port 80 ( as well as 20,21 (where did you get that info from BTW))as most FTP programs i've used default to port 80.

    If i had to guess i'd add ftp like this.
    Services, ports and protocols admitted
    SSH
    Ports TCP: 20, 21
    Ports UDP: 20, 21
    Ports FTP: 80
    Demilitarized zone
    Interfaces
    'any' Currently supported only in external zones.
    Services, ports and protocols admitted
    SSH
    Ports TCP: 20, 21
    Ports UDP: 20, 21
    Ports FTP: 80
    External zone
    Interfaces
    'any' The not assigned interfaces will be assigned to this zone.
    Services, ports and protocols admitted
    SSH
    Ports TCP: 20, 21
    Ports UDP: 20, 21
    Ports FTP: 80

    There's gotta be some info on this somewhere or somebody using the same setup.

    Sorry i can't be more help

    Good luck

  5. #5
    Just Joined!
    Join Date
    Sep 2006
    Posts
    3

    solution

    I installed one more time the system, I avoided to configure the network during the installation. Now everything works with the firewall configuration I tryed when I installed the system for the first time.

    thank you bigfilsing,

    good luck

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •