ftp trouble (3) - routing?

Robert Slade robert at bathnetworks.com
Sun Nov 21 14:52:37 UTC 2004


I'm still having problems with vsftpd and FC2. The machine running
vsftpd has 2 NIC's:

etho 192.168.0.55	netmask 255.255.255.0
eth1 xxx.xxx.xxx.253 	netmask 255.255.255.248

Where the 192 address is on my internal network and the xxx address is
an external IP.

The routing table is:

Kernel IP routing table
Destination     Gateway      Genmask        Flags Metric Ref   Use Iface
xxx.xxx.xxx.248  0.0.0.0    255.255.255.248 U     0      0     0 eth1
192.168.0.0      0.0.0.0    255.255.255.0   U     0      0     0 eth0
169.254.0.0      0.0.0.0    255.255.0.0     U     0      0     0 eth1
0.0.0.0     xxx.xxx.xxx.250    0.0.0.0      UG    0      0     0 eth1

The xxx.xxx.xxx.248 address is my ISPs gateway and xxx.xxx.xxx.250 is my
router/gateway. The NAT and Firewall are both off on the router/gateway.
The routing table is identical to that of my mail server which works.

The problem is that when I connect to the ftp server via the 192 address
from another machine on the internal network, both passive and active
modes work and I can upload and download files.

Connecting to the external IP address of ftp server from a machine on
the internal network, passive mode works, but active mode hangs:

230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> ls
227 Entering Passive Mode (xxx,xxx,xxx,253,58,83)
150 Here comes the directory listing.
drwx------    3 500      500          4096 Oct 31 17:23 Desktop
drwxr-xr-x    2 500      500          4096 Nov 05 18:29 test
226 Directory send OK.
ftp> passive
Passive mode off.
ftp> ls
200 PORT command successful. Consider using PASV.
150 Here comes the directory listing.

receive aborted
waiting for remote to finish abort
426 Failure writing network stream.
225 No transfer to ABOR.

I get similar results when connecting from an external machine, in this
case it is a Windows XP machine, using FTP then ls at a command window
gives

200 PORT command successful. Consider using PASV.
150 Here comes the directory listing.

and then it hangs which implies that neither passive or active mode
works.

I have eliminated the firwall on the FTP server as the problem by
turning off iptables.

As an aside, my local network is behind a firewall (smoothwall) which is
using the external address of xxx.xxx.xxx.251.

I need to be able to use active mode as some of the users can only use
this method. 

Sorry about the length of this post, but I am totally stuck. 

Rob
 

















 






More information about the fedora-list mailing list