i just installed proftpd and every thing seems to work except that i cant access it (same with vsftpd). When i try to connect through IE i get the following:

An error occurred opening that folder on the FTP Server. Make sure you have permission to access that folder.

Details:
200 Type set to A
500 Illegal PORT command
500 LPRT not understood

When i try to connect through a dos prompt it seems to connect but everytime i type ls or dir i get:

unable to build data connection: Connection Refused

this would happen on either FTP servers (proftpd or vsftpd)


n e help...

ok just a little stupid question did you configure both ftp servers after installation ?
if yes you maybe forgot something please post your config and what kind of ftp youre trying to set up i mean an anonymous one or ...?

Sounds like a firewall NATing issue.
What happens when you try to connect locally using localhost?
What is the output of
iptalbes -L -n;
iptables -t nat -L -n;

the same thing happens locally here is my proftpd.conf file

# This is a basic ProFTPD configuration file (rename it to
# 'proftpd.conf' for actual use. It establishes a single server
# and a single anonymous login. It assumes that you have a user/group
# "nobody" and "ftp" for normal operation and anon.

ServerName "ProFTPD Default Installation"
ServerType standalone
DefaultServer on

# Port 21 is the standard FTP port.
Port 21

# Umask 022 is a good standard umask to prevent new dirs and files
# from being group and world writable.
Umask 777

# To prevent DoS attacks, set the maximum number of child processes
# to 30. If you need to allow more than 30 concurrent connections
# at once, simply increase this value. Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd).
MaxInstances 30

# Set the user and group under which the server will run.
User ftpusra
Group ftp

# To cause every FTP user to be "jailed" (chrooted) into their home
# directory, uncomment this line.
#DefaultRoot ~

# Normally, we want files to be overwriteable.
<Directory />
AllowOverwrite on
</Directory>

# A basic anonymous configuration, no upload directories. If you do not
# want anonymous users, simply delete this entire <Anonymous> section.
#<Anonymous ~ftp>
# User ftp
# Group ftp

# We want clients to be able to login with "anonymous" as well as "ftp"
# UserAlias anonymous ftp

# Limit the maximum number of anonymous logins
#MaxClients 10

# We want 'welcome.msg' displayed at login, and '.message' displayed
# in each newly chdired directory.
DisplayLogin welcome.msg
DisplayFirstChdir .message

# Limit WRITE everywhere in the anonymous chroot
<Limit WRITE>
DenyAll
</Limit>
</Anonymous>

and here it iptables -L -n:

Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

and here it iptables -t nat -L -n:
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
MASQUERADE all -- 0.0.0.0/0 0.0.0.0/0

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

thats what my config looks like and it works well so far maybe you should try this one first and if it still doesnt work have a look at your iptables configuration:

ServerType standalone
DefaultServer on
Umask 022
ServerName "KaSpErHaNs FtP sErVeR"
ServerIdent off "Show this instead ?"
ServerAdmin Admin@this.domain.topdomain
IdentLookups off
UseReverseDNS off
Port 21
TimesGMT off
MaxInstances 30
MaxLoginAttempts 3
TimeoutLogin 300
TimeoutNoTransfer 120
TimeoutIdle 120
User nobody
Group nobody
DirFakeUser off nobody
DirFakeGroup off nobody
DefaultTransferMode binary
AllowForeignAddress on
AllowRetrieveRestart on
AllowStoreRestart on
DeleteAbortedStores off
TransferRate RETR 30
TransferRate STOR 40
TransferRate STOU 40
TransferRate APPE 40
SystemLog /var/lib/log/secure
#gp_random_username_length 6
#gp_random_password_length 6
#gp_useradd_root_path /home/ftp
#gp_useradd_upload_path /home/ftp/upload
#gp_html_path /var/lib/www/ftp.html
#gp_welcome_name welcome.msg
<IfModule mod_tls.c>
TLSEngine off
TLSRequired on
TLSVerifyClient off
TLSProtocol TLSv1
TLSLog /var/lib/log/proftpd_tls.log
TLSRSACertificateFile /etc/gproftpd/gproftpd.pem
</IfModule>
<Global>
<Limit LOGIN>
AllowUser test
DenyALL
</Limit>
</Global>
#--End of the main configuration--#

<Anonymous /home/ftp>
User test
Group test
AnonRequirePassword off
MaxClients 3 "The server is full, hosting %m users"
DisplayLogin welcome.msg
DisplayFirstChdir .msg
AllowOverwrite off
<Limit LOGIN>
Allow from all
Deny from all
</Limit>
<Limit ROOT_DIR_ALLOW RETR LIST NLST MDTM SIZE STAT CWD XCWD PWD XPWD CDUP XCUP>
AllowAll
</Limit>
<Limit ROOT_DIR_DENY DELE APPE STOR STOU SITE_CHMOD SITE_CHGRP RNFR RNTO MKD XMKD RMD XRMD>
DenyAll
</Limit>
<Directory /home/ftp/upload/*>
AllowOverwrite on
<Limit UPLOAD_DIR_ALLOW LIST NLST STOR STOU APPE RETR MKD XMKD STAT MDTM PWD XPWD SIZE CWD XCWD CDUP XCUP SITE >
AllowAll
</Limit>
<Limit UPLOAD_DIR_DENY RNFR RNTO DELE RMD XRMD SITE_CHMOD SITE_CHGRP >
DenyAll
</Limit>
</Directory>
</Anonymous>

still same prob... hmm....

I am having a nearly identical problem on my setup. I have proftpd installed on a Mandrake 9.2 system. I am endeavoring to use a port other than 21 so my ISP does not notice, and am not having any luck.

I can use any port I want in the proftpd.conf and connect to the server on my machine, but when my friend tries connecting from a computer outside of my network he gets the same "unable to build data connection" error. I have a router (DLink) and have tried the following configurations...
(Pftp = ProFTPd.conf Port Configuration, RVS = Router Virtual Server Port Configuration)

Pftp = 21, RVS = 21: Outside can connect perfectly
Pftp = 21, RVS = 4085 point to inside port 21: Outside gets unable to build... error
Pftp = 4085, RVS = 4085 point to inside port 4085: Outside gets unable to build... error

Same settings as above with my computer on the dimilitarized zone on the router: Exact same results as above

My computer connected directly to the Cable modem:
Pftp = 21: Outside can connect perfectly
Pftp = 4085: Outside gets unable to build... error

I have tried running the server as "root" and as "ftp" for each of the above settings as well with the same results. I have also tried a few other unassigned ports with no luck.

This sure has me scratching my head, I thought it was the router until I removed the router from the setup. Then I was reading other sites and read about a possible issue with passive(??)

Oh ya, and Apache works just fine either on port 80, or with router virtual server forwarding port 4080 to inside port 80

*stumped*

Turns out that this problem appears to be because proftpd isnt paying any attention to port 20.

hi,

the problem with you is you have not configured any user and group for proftpd to run.

I can see your config file, both the user and group are commented out.

Do this:

a) service vsftpd stop
b) useradd <username>
passwd <passwd>
c) groupadd <groupname>

d) Now edit the "proftpd.conf" file and add the user and group that you created in the above step and uncomment both the line.

e) then: cd /usr/local/sbin/proftpd

f) then do : netstat -nlp

in the result you should be able to see the proftpd line in the output LISTENing on Port 21

Hope this helps.

Regards

Yah i fixed that a while ago but thnx for the post

The problem was i had the user's created on the 'home' partition but for some reason it never auto-mounted so after i mounted it myself it worked fine

thnx for the reply though