vsftpd on fedora - firewall problems (?)

From: Socks (Socks_at_Socks.Invalid)
Date: 02/22/04 

Date: Sun, 22 Feb 2004 13:53:25 -0800

i've got three boxes on a kvm. two are fedora linux, and one is windows
xp. i thought i'd set up vsftpd as an easy way to transfer files behind
my linksys router. i thought i set up my hosts.allow and hosts.deny to
allow ftp (and telnet) back in the 192.168.1.xx range, but no where else.

i'm the most stuck i've been with linux in a long time.

the problem i've got, is that i can telnet win->linux and linux->linux,
but i can only ftp win->linux. something goes wrong when i try to ftp
from one linux box to another. the log below shows the plight of two
boxes "jerry" and "fred".

basically i get "no route to host" until i put in "passive" and then it
hangs:

[fred@fred fred]$ ftp jerry
Connected to jerry (192.168.1.151).
220 (vsFTPd 1.2.0)
Name (jerry:fred): jerry
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> ls
227 Entering Passive Mode (192,168,1,151,172,93)
ftp: connect: No route to host
ftp> passive
Passive mode off.
ftp> ls
200 PORT command successful. Consider using PASV.
150 Here comes the directory listing.
[hangs until control-c]
receive aborted
waiting for remote to finish abort
426 Failure writing network stream.
500 Unknown command.
ftp> quit
221 Goodbye.
[fred@fred fred]$ cat /etc/hosts
# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1 localhost.localdomain localhost
192.168.1.151 jerry.invalid jerry
192.168.1.152 fred.invalid fred
                                                                                
[fred@fred fred]$ cat /etc/hosts.allow
#
# hosts.allow This file describes the names of the hosts which are
# allowed to use the local INET services, as decided
# by the '/usr/sbin/tcpd' server.
#
vsftpd: 192.168.1.
in.telnetd: 192.168.1.
[fred@fred fred]$ cat /etc/hosts.deny
#
# hosts.deny This file describes the names of the hosts which are
# *not* allowed to use the local INET services, as decided
# by the '/usr/sbin/tcpd' server.
#
# The portmap line is redundant, but it is left to remind you that
# the new secure portmap uses hosts.deny and hosts.allow. In particular
# you should know that NFS uses portmap!
ALL: ALL

Relevant Pages

  • Re: File transfer between Linux/Windows WITHOUT Samba, preserved date AND time a must!
    ... >> Hello Linux friends, ... I discovered the hard way that Samba will only ... >> operating as a headless file server. ... A good FTP client will preserve the date and time ...
    (alt.linux)
  • Re: Penis-Waving Goats (Planned Weekend Gaming 30/06/06)
    ... CD to ghost my linux disk across the network. ... I then had to set up a FTP server on my XP box to allow g4l to store the ... Then I had to write zeros into the empty space on my linux hard disk to ... between drives and partitions, and these days ext3 copes quite happily ...
    (uk.games.video.misc)
  • vsftpd on fedora - firewall problems (?)
    ... allow ftp back in the 192.168.1.xx range, ... i'm the most stuck i've been with linux in a long time. ... boxes "jerry" and "fred". ... Using binary mode to transfer files. ...
    (comp.os.linux.security)
  • Using FTP functionality in a program
    ... to transfer files from any one of a number of workstations to a Linux ... available on the server, FTP being the obvious example. ... BTW if this is wildly off-topic do please say so; the list of Linux ...
    (comp.os.linux.networking)
  • Re: Conversion of text files DOS <---> Linux
    ... Put the CD into dos box; ran ftp. ... Transferred a few CD directories to Linux. ... Transferred *back* from Linux (ASCII again) to target dos directory. ...
    (alt.os.linux.suse)