I am not at home right now. I will do it. Could you tell me what is the exact command with dots. Sorry for asking lots of noob question
Ftp configuration
-
-
The command that i posted before, just run that. Forget about the dots.
Problem is sometimes people don't like to publish the results of the folder because of the contents so they chop the output cutting important information..
-
Code
Alles anzeigen[code]root@omv:/# omv-showkey sharedfolder <sharedfolder> <uuid>xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx</uuid> <name>xxx</name> <comment>xxx</comment> <mntentref>xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx</mntentref> <reldirpath>xxx</reldirpath> <privileges> <privilege> <type>user|group</type> <name>xxx</name> <perms>0 = no permission|5 = read and execute|7 = read, write and execute</perms> </privilege> </privileges> </sharedfolder> <sharedfolder> <uuid>ffeb3ce0-bfcd-40f3-851f-7c2ca87ff900</uuid> <name>MainBackup</name> <comment>Genel depolama alanı</comment> <mntentref>2f4aa896-3ec3-432f-acff-2154158e5145</mntentref> <reldirpath>MainBackup/</reldirpath> <privileges> <privilege> <type>user</type> <name>elifbilal</name> <perms>7</perms> </privilege> <privilege> <type>user</type> <name>hakanatmaca</name> <perms>7</perms> </privilege> <privilege> <type>group</type> <name>uskudarresidence</name> <perms>7</perms> </privilege> </privileges> </sharedfolder> <sharedfolder> <uuid>69724d30-c95b-4441-a6bc-7188f9820006</uuid> <name>Time-Machine</name> <comment>time machine backup</comment> <mntentref>c24068a3-205d-4239-ab33-7901c77fd6c4</mntentref> <reldirpath>Time-Machine/</reldirpath> <privileges> <privilege> <type>user</type> <name>hakanatmaca</name> <perms>7</perms> </privilege> </privileges> </sharedfolder> root@omv:/#
[/code]
-
I cannot paste (omv-showkey .mntent) all output here it is too long. is there anything to specify about it. It contains all of module's informations. where to look?
-
I said this command
ls -la 2f4aa896-3ec3-432f-acff-2154158e5145/MainBackup
-
root@omv:/# ls -la 2f4aa896-3ec3-432f-acff-2154158e5145/MainBackup
ls: cannot access 2f4aa896-3ec3-432f-acff-2154158e5145/MainBackup: No such file or directory
root@omv:/#
-
I checked something that uuid codes differ picture added, am i wrong?
-
I made a mistake with the uuid is
ls -la /media/84871d57-4370-4b69-9e99-ad0d2ddbcc45/MainBackup
-
Code
Alles anzeigenroot@omv:/# ls -la /media/84871d57-4370-4b69-9e99-ad0d2ddbcc45/MainBackup total 72 drwxrwsr-x+ 11 root users 4096 Oct 13 16:39 . drwxr-xr-x 5 root root 4096 Oct 13 16:42 .. drwxrwsr-x+ 2 root users 4096 Oct 13 16:43 .AppleDB drwxrwsr-x+ 2 root users 4096 Oct 12 21:08 .AppleDesktop drwxrwsr-x+ 2 root users 4096 Oct 13 00:21 .AppleDouble -rwxrwxr-x 1 root users 21508 Oct 13 16:43 .DS_Store drwxrwsr-x+ 5 root users 4096 Oct 12 23:11 Elif drwxrwsr-x+ 9 root users 4096 Oct 13 16:37 Hakan drwxrwsr-x+ 3 root users 4096 Oct 12 21:10 Levent -rwxrwxr-x 1 root users 1219 Oct 12 21:54 mount.json drwxrwsr-x+ 3 root users 4096 Oct 12 21:08 Network Trash Folder drwxrwsr-x+ 3 root users 4096 Oct 12 21:08 Temporary Items drwxrwsr-x+ 3 root users 4096 Oct 12 21:19 tmp root@omv:/#
-
Don't know what's wrong here. can you see the shared folder when you log in FTP but you cannot upload files ?
you can post here cat /etc/proftpd/proftpd.conf
-
I can see files but cant write you true and addition to that i cant reach via wan.
-
Post the file that i indicated proftpd.conf and also try another ftp client like filezilla or winscp
-
Code
Alles anzeigenroot@omv:/# cat /etc/proftpd/proftpd.conf Include /etc/proftpd/modules.conf LoadModule mod_vroot.c UseIPv6 on ServerName "omv" ServerType standalone DeferWelcome on MultilineRFC2228 on DefaultServer on ShowSymlinks on DisplayChdir .message true ListOptions "-l" MaxInstances 30 DenyFilter \*.*/ AuthPAMConfig proftpd User proftpd Group nogroup Umask 000 000 PersistentPasswd off TimesGMT off AllowOverwrite on AuthOrder mod_auth_pam.c* mod_auth_unix.c DefaultTransferMode ascii #SystemLog /var/log/proftpd/proftpd.log <IfModule mod_facl.c> FACLEngine on </IfModule> <IfModule mod_quotatab.c> QuotaEngine off </IfModule> <IfModule mod_ratio.c> Ratios off </IfModule> <IfModule mod_delay.c> DelayEngine on </IfModule> <IfModule mod_ctrls.c> ControlsEngine on ControlsMaxClients 2 ControlsLog /var/log/proftpd/controls.log ControlsInterval 5 ControlsSocket /var/run/proftpd/proftpd.sock </IfModule> <IfModule mod_ctrls_admin.c> AdminControlsEngine off </IfModule> <IfModule mod_vroot.c> VRootEngine on VRootLog /var/log/proftpd/vroot.log </IfModule> Port 21 TransferLog /var/log/proftpd/xferlog IdentLookups off UseReverseDNS off TimeoutIdle 120 TimeoutNoTransfer 600 TimeoutStalled 600 PassivePorts 21150 21160 AllowRetrieveRestart on AllowStoreRestart on DeleteAbortedStores off <Directory /> HideFiles (welcome.msg) </Directory> <IfModule mod_vroot.c> VRootAlias "/media/84871d57-4370-4b69-9e99-ad0d2ddbcc45/MainBackup" "MainBackup" </IfModule> <Directory /MainBackup> <Limit ALL> AllowUser OR elifbilal,hakanatmaca AllowGroup OR uskudarresidence DenyAll </Limit> <Limit READ DIRS> AllowUser OR elifbilal,hakanatmaca AllowGroup OR uskudarresidence DenyAll </Limit> </Directory> <IfModule mod_auth.c> DefaultRoot /srv/ftp MaxClients 10 MaxLoginAttempts 1 RequireValidShell off # This option is useless because this is handled via the PAM # pam_listfile.so module, so set it to 'off' by default. UseFtpUsers off </ifModule> <IfModule mod_ban.c> BanEngine off BanControlsACLs all allow user root BanLog /var/log/proftpd/ban.log BanMessage Host %a has been banned BanTable /var/run/proftpd/ban.tab </ifModule> DisplayLogin /srv/ftp/welcome.msg <IfModule mod_wrap.c> TCPAccessFiles /etc/hosts.allow /etc/hosts.deny TCPAccessSyslogLevels info warn TCPServiceName ftpd </ifModule> root@omv:/#
-
with filezilla i can write to directory locally but still there is a problem with wan connection.
-
with filezilla i can write to directory locally.
So all this time was a client problem....just curious which was the client?
but still there is a problem with wan connection.
You mention you fix that buying a static ip from your ISP, so you can technically access from outside your network right? you can test this with smartphone using the carrier data.
Now what your asking apparently is connecting in LAN using the WAN ip, that's a function on the router is called nat reflection, nat loopback, etc. Some routers don't even have that have that option.
-
Now let me clear up.
I can log in locally with ftp and read files , with filezilla i can read and write, thanks to you.
But when i try to access with my carrier connection to my wan ip , i can log in my router's web ui; but no connection at all about ftp. It errors about connectiob time failure.
I hope i could explain my situation -
The passive port on your configuration in ftp omv doesn't match your router port forward.
Try that.Also what's the name of the original FTP client you were using?
-
Basically, you cannot use the same instance of FTP server and access it via two different IP addresses. You should have 2 instances of the FTP server, one configured to be used on the LAN and one on the WAN. I'm going to deconstruct the FTP protocol, so that you understand how things work.
Objective: connect to the FTP server from the Internet (WAN IP)
Steps:- get a more or less fixed IP address for the internet connection (either a static IP or a hostname that is updated whenever the IP changes - noip, dyndns etc.)
- configure the router with port forwarding rules for the FTP command port (21) and the FTP transfer ports (a range of ports >1024 and <65535)
- configure the FTP server to use that WAN IP and port range when communicating to clients.
Now for a bit of theory: the FTP command protocol is the one which exchanges messages about source and destination IPs and ports, in order to prepare and establish the TCP connections to transfer the binary data of files. One of the peers is the "active" one, meaning it can open a TCP port in listening state and expect an incoming connection request, while the other peer is the "passive" one and will initiate the connection towards the "active" peer. The connection needs at least one of the peers to be "active", thus reachable through any routers and firewalls, and that's why you do the router configuration to ensure that anyone else, active or passive, can connect to your FTP.
Here's how the communication between the Server (active) and Client (passive) occurs:
Client tells the Server: I want to send/receive a file.
Server responds: Ok, I have opened a socket on IP:port, please connect.
Client connects to specified IP:port and transfers the data.So, as part of the protocol, the FTP server communicates not only the (random) port on which it is listening for connections, but also the IP address to which the client must connect to. For a FTP server configured to be accessed from the Internet through a router, the FTP server will annouce the WAN IP in this message, and never the LAN IP (which would be not routable and the remote client would not be able to connect to it), although the server's machine is operating on a LAN IP itself. It is the configuration of the FTP instance which instructs the FTP server to advertise the WAN IP.
This will work for a client on the Internet: it gets a routable IP address and a port, it will connect to it and end up on a router, the router will forward the connection to the LAN IP where the server is, and the transfer will proceed.
However, a client on the LAN side will also receive a message to connect to the WAN IP and port, instead of being told to use directly the LAN IP. The FTP server can't differentiate between LAN and WAN clients to send different messages, so it always sends the same IP address, as instructed in its configuration.
So what happens then with the LAN client? It attempts to initiate a TCP connection to the routable IP address on the WAN side. The operating system identifies that the desired target is outside the local subnet, so it forwards the connection request to the default gateway - the router. The router performs Network Address Translation on the connection and forwards it to the Internet interface, but the target is actually its own WAN port. The router then identifies that this connection needs to be forwarded back through the Port Forwarding rule to a LAN IP address, and this is where things usually stop. In routers there's commonly a built-in security mechanism to prevent spoofing of source IP addresses in packets received on the WAN port, so that malicious people don't attack internal servers by making the packets appear as being originated from another LAN client.
And this is why the connection from LAN will not work to the same FTP server instance which is otherwise accessible from the Internet.
The solution for this is to have 2 instances of the FTP server running, with 2 separate network configurations: one for LAN clients, configured to work on one port and advertise its LAN IP and its own range of active ports (which don't need to be forwarded in the router), and another instance for WAN clients, configured with another port, advertising the WAN IP and another range of active ports which match the Port Forwarding rules in the router.
Jetzt mitmachen!
Sie haben noch kein Benutzerkonto auf unserer Seite? Registrieren Sie sich kostenlos und nehmen Sie an unserer Community teil!