No access to ProFTPD from internet (after service update)

  • Hi there.


    I'*ve set up the FTPD according to this thread here: http://phpbb.openmediavault.org/viewtopic.php?f=13&t=3205


    So my setup looks like this:
    - Basic FTPD configuration as stated above
    - FTP service port changed from 21 to some high port through the WebGUI and added a matching port forwarding on the router (FritzBox)
    - FTP service passive range setup in WebGUI and /etc/modprobe.d/options.conf (and edited /etc/modules accordingly)
    - FTP service passive ports forwarded in router
    - Added a <IfModule mod_facts.c> FactsAdvertise off </IfModule> in proftpd.conf to get FileZilla running correctly and use LIST/NLST instead of MLSD/MLST



    It worked flawlessly and I could access it through the internet with Firefox (on Win7 + 8.1), FileZilla 3.7.1.1 (on Win7 + 8.1) and AndFTP (on Android smartphone) or the internal internet browser of a Blackberry smartphone. Even connecting from through internet with FileZilla through a proxy used to work fine.


    After the latest update of ProFTPD (I think to version 1.3.4a-5+deb7u3) I can't access the FTP share anymore from the internet using FileZilla, Firefox or AndFTP. Only the internal Blackberry internet browser still works.


    If I connect via FileZilla I get this debug output (see here the full log with more traces:(


    When trying to connect with Firefox I get a error message like this: 500 Unexpected PASV response.


    AndFTP times out the same way as FileZilla does.


    Stopping and re-enabling the service don't seem to have an impact on the behavior.


    After reading through the FileZilla log I can see it advertises MLST - which looks a bit strange to me as I setup the proftpd.conf not to do so.
    Does an update to the ftpd include changing config files back to "initial" values? Sadly I can't check the config file right now but I will do so if I get back to the machine later today. Also I will reset the user permissions for the share


    My plans for checking later are:
    - See if /etc/modprobe.d/options.conf and /etc/modules still have the correct settings for all ports
    - See if proftpd.conf still holds the FactsAdvertise off setting
    - Reset the user permissions of the FTP share
    - Stop/re-enable the service and try connecting via https://ftptest.net/


    Does any of you have more hints to get the service running normally again?

    OMV 1.19 (OMV-Extras.org 1.34) | BanaNAS | 16GB microSD (using FlashMemory plugin) | 1TB SATA WD Blue Mobile

  • Don't know what happens in upgrade when is done via webui, in cli ask if you want to change the conf file, by the maintainer one.
    Also any change of ftp in omv webui will revert any manual changes to proftpd.conf


    So it could be the that upgrade reverted your changes.


    The upgrade did actually revert the changes I made to proftpd.conf. And it seems it does so everytime you disable / re-enable the FTP service through the GUI. After writing the changes again and issuing a service proftpd restart everything seems to be working. I will check if it works through proxies again tomorrow.


    Thanks for your assistance.

    OMV 1.19 (OMV-Extras.org 1.34) | BanaNAS | 16GB microSD (using FlashMemory plugin) | 1TB SATA WD Blue Mobile

    Einmal editiert, zuletzt von root2 ()

  • Totally normal behaviour in OMV. If you want to alter some default configurations .conf look at the environmental variables that you can change


    http://wiki.openmediavault.org…Environment_Variables/all


    That looks promising, thank you.


    If I got you right, I could possibly change the OMV_PROFTPD_CONFIG=/etc/proftpd/proftpd.conf  to point to another .conf file (let's say /etc/proftpd/my_proftpd.conf) which won't get altered wen I disable/re-enable the service.


    I guess this step might have pros and cons:
    Pro: the changes won't get altered by the settings anymore.
    Con: If a newer version of ProFTPD changes some settings (for security reasons or because of changes in the service) I'll have to look for them manually every time the ProFTPD gets updated.

    OMV 1.19 (OMV-Extras.org 1.34) | BanaNAS | 16GB microSD (using FlashMemory plugin) | 1TB SATA WD Blue Mobile

  • OK, now I think I understood.


    My particular Problem is that I can't access my FTP via e. g. FileZilla because it seems it doesn't work with MLSD/MLST but works with LIST/NLST instead.


    So I added FactsAdvertise off to the proftpd.conf to work around this issue and to force LIST/NLST. After this change I disabled/re-enabled the service via the WebGUI. This reverted the changes I made to proftpd.conf and it started advertising MLSD/MLST again, rendering FileZilla not working.


    I guess a single service proftpd restart via SSH should have been enough to apply the changes I made to the proftpd.conf, though.

    OMV 1.19 (OMV-Extras.org 1.34) | BanaNAS | 16GB microSD (using FlashMemory plugin) | 1TB SATA WD Blue Mobile

  • I just setup a ProFTP server on my rpi 2 and it worked via WAN with a ftp client built in ES File Explorer. No extra options needed.


    I'll test via Filezilla in a bit. Filezilla is working fine for me. Why do you need this module?
    <IfModule mod_facts.c> FactsAdvertise off </IfModule>
    and to use:
    LIST/NLST


    Is this due to a firewall or proxy server? type?


    Funny exchange between the developer and a forum member on Filezilla forums:
    https://forum.filezilla-project.org/viewtopic.php?t=18416

    Status: Connecting to xxxxx.no-ip.xxx:xxxxx through proxy
    Status: Connecting to 192.xxx.xxx.xxx:3128...
    Status: Connection with proxy established, performing handshake...
    Response: Proxy reply: HTTP/1.1 200 Connection Established

Jetzt mitmachen!

Sie haben noch kein Benutzerkonto auf unserer Seite? Registrieren Sie sich kostenlos und nehmen Sie an unserer Community teil!