PureFTPD / ls, dir > 500 Unknown command.

• Previous message: dipti.borawake_at_gmail.com: "Re: Capturing Network traffic"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Date: 21 Sep 2005 23:51:58 -0700

I've recently installed PureFTPD on my server again. I've used it
before in the past and it's been pretty nice in the configuration it
can take. Unfortunately, though, I'm having problems this time around--
and I can't find out why. I've done a lot of troubleshooting, and I
just can't track it down. I've never seen this problem before, and I've
spent a good three or four hours researching it to see if anyone else
has had similiar problems. The closest I've gotten to finding a
solution was that a few people forgot to open high-range ports on their
firewall. That's not the problem here, though.

Here is the configuration I've got going:

[root@nether etc]# cat /etc/pure-ftpd/pure-ftpd.conf | grep -Pv
'^(#(.*)|$)'
ChrootEveryone yes
BrokenClientsCompatibility no
MaxClientsNumber 50
Daemonize yes
MaxClientsPerIP 8
VerboseLog no
DisplayDotFiles yes
AnonymousOnly no
NoAnonymous yes
SyslogFacility ftp
DontResolve yes
MaxIdleTime 60
 PureDB /etc/pure-ftpd/pureftpd.pdb
LimitRecursion 7500 8
AnonymousCanCreateDirs no
MaxLoad 4
PassivePortRange 30000 60000
AntiWarez yes
Bind ,121
UserBandwidth 20
Umask 133:022
MinUID 500
AllowUserFXP no
AllowAnonymousFXP no
ProhibitDotFilesWrite no
ProhibitDotFilesRead no
AutoRename no
AnonymousCantUpload yes
AltLog clf:/var/log/pureftpd.log
MaxDiskUsage 99
CustomerProof yes
TLS 0
UseFtpUsers no

I run it on port 121 (It has issued on 21 as well). I run it on 121 and
close off 21-- it stops/slows down brute force attempts. The firewall
is something I threw together, it utilizes iptables.

ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
dpts:30000:60000
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp
dpts:30000:60000
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
dpt:121
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp
dpt:121
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:20
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:20

While troubleshooting, I've opened it for UDP as well just so I can
rule out any little possibility then narrow it down later.

[root@nether etc]# uname -a
Linux nether 2.6.12-1.1398_FC4 #1 Fri Jul 15 00:52:32 EDT 2005 i686
athlon i386 GNU/Linux

[root@nether etc]# pure-ftpd -h | grep "pure-ftpd v"
pure-ftpd v1.0.20 [privsep]

I was using 1.0.18 before and having the issue, I've just upgraded to
1.0.2 via yum upgrade.

This is the user in the virtual database I am using (The problem,
though, is with all users).
[root@nether etc]# pure-pw show akede

Login : akede
Password : :)
UID : 500 (akede)
GID : 500 (akede)
Directory : /home/akede
Full name :
Download bandwidth : 0 Kb (unlimited)
Upload bandwidth : 0 Kb (unlimited)
Max files : 0 (unlimited)
Max size : 0 Mb (unlimited)
Ratio : 0:0 (unlimited:unlimited)
Allowed local IPs :
Denied local IPs :
Allowed client IPs : 192.168.1.0/16
Denied client IPs :
Time restrictions : 0000-0000 (unlimited)
Max sim sessions : 0 (unlimited)

[root@nether etc]#

As for the configuration, I have been able to rule out that it is not
the Virtual User configuration. The problem is still there when using
PAM and /etc/passwd authentication. Obviously, this is a configuration
problem as it is isolated and there doesn't seem to be any/many others
having this problem. I am not using selinux, and there is no indication
of any problem at all in the /var/log/pure-ftpd.log or messages.

If anyone has any suggestions or anything, by all means, I'm open to
anything at this point, and will definitely appreciate any input. I've
tried everything I can think of to fix this including using a default
configuration file, or toggling most of the options.
BrokenCompatibility and other settings don't have any affect in the
problem.

Here is some output from an FTP Session:

220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
220-You are user number 1 of 50 allowed.
220-Local time is now 23:35. Server port: 121.
220-This is a private system - No anonymous login
220-IPv6 connections are also welcome on this server.
220 You will be disconnected after 60 minutes of inactivity.
user akede
331 User akede OK. Password required
pass [hidden]
230-Your bandwidth usage is restricted
230-User akede has group access to: akede
230 OK. Current restricted directory is /
ls
500 Unknown command
dir
500 Unknown command
help
214-The following SITE commands are recognized
 ALIAS
 CHMOD
 IDLE
214 Pure-FTPd - http://pureftpd.org/
get
500 Unknown command
put
500 Unknown command
idle
500 Unknown command
alias
500 Unknown command
chmod
501 SITE CHMOD: Missing argument
pasv
227 Entering Passive Mode (192,168,1,1,143,74)
ls
500 Unknown command

I will continue to investigate. If I find a resolution, I'll be sure to
post it here should anyone encounter this same problem in the future.

Regards,
Michael Martinek

• Previous message: dipti.borawake_at_gmail.com: "Re: Capturing Network traffic"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]