FTP uses wrong passive port range when using masquerading

  • Hi,
    I've problems using Masquerading and the passive FTP port range.
    System is the newest Version OMV, ProFTPD 1.3.4a

    Masquerading is set to on with an update intervall of 300s. Portrange is set to 192,0 till 192,50 (49152-49202) but FTP doesn't use this port range for passive connections.
    Using it in implicit TLS connections it works well and uses that range for file transfer.

    If I'm turning of masquerading it uses the right ports without encryption and everything works well except TLS connections because of using the internal IP-Address.
    Is there any fix for this issue?



    #with TLS

    220 ProFTPD 1.3.4a Server () [x,x,x,x]
    234 AUTH TLS successful
    PBSZ 0
    200 PBSZ 0 successful
    227 Entering Passive Mode (x,x,x,x,192,39).
    250 CWD command successful
    227 Entering Passive Mode (x,x,x,x,192,30).
    221 Goodbye.

    #without TLS

    220 ProFTPD 1.3.4a Server () [x,x,x,x]
    227 Entering Passive Mode (x,x,x,x,239,20).

  • I do not have that issue nor am I able to reproduce it.

    Can you give the output of the following command:

    cat /etc/proftpd/proftpd.conf | grep PassivePorts

    If it does not output anything, you can try to force the regeneration of proftpd.conf file with the following command:

    omv-mkconf proftpd

    If you have checked the Passive FTP 'Use the following port range' flag, it should add the following line in the proftpd.conf file:

    PassivePorts 49152 49202
  • Thanks for your answer. I've already checked the config file. Everything seems to be set correct. Passive port range is set to the specified range.
    Indeed, if masquerading is turned on, only encrypted connections use the specified range not passive connections without encryption. Perhaps a bug in proftpd.

Participate now!

Don’t have an account yet? Register yourself now and be a part of our community!