Re: FreeBSD FTP problem
From: Arcadius A. (ahouans_at_sh.cvut.cz)
Date: 07/07/03
- Previous message: Prestele Stefan: "installing 5.1-RELEASE - problem with swap"
- In reply to: Ryan Thompson: "Re: FreeBSD FTP problem"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: "Ryan Thompson" <ryan@sasknow.com> Date: Mon, 7 Jul 2003 11:44:58 +0200
Hello!
----- Original Message -----
From: "Ryan Thompson" <ryan@sasknow.com>
To: "Arcadius A." <ahouans@sh.cvut.cz>
Cc: "FreeBSD Questions" <freebsd-questions@freebsd.org>
Sent: Monday, July 07, 2003 6:36 AM
Subject: Re: FreeBSD FTP problem
> Arcadius A. wrote to Ryan Thompson and FreeBSD Questions:
>
> > > > but nothing more.... just the same arror as the one you've
described:
> > > > "... 425 can't build data connection: operation timed out ..." :-(((
> > > >
> > > > Do you have any idea about how to get around this?
> > >
> > > Well, in my case, it turned out to be pilot error... FTP is a tricky
> > > protocol to allow through default-deny firewalls, and I had
simultaneous
> > > bugs in my firewall config *and* FTPd config, with respect to passive
> > > transfers. It took me a while to spot.
> > >
> > > Check your firewall config carefully, and make sure you have a good
> > > understanding of how the FTP protocol works (in active and passive
> > > modes). Completely open your firewall temporarily (i.e., ipfw add 201
> > > allow ip from any to any) and verify that things work there. If things
> > > work there (or fail differently), the problem is with your firewall
(and
> > > possibly FTPd configuration, if you're using the ephemeral port range
> > > for PASV). If your tests fail in *exactly* the same manner as before,
> > > including the same timeout delays, you can ignore your firewall for
the
> > > time being (but leave it open until you get FTP working, and *then*
> > > restrict it, so you're only testing one unknown at a time). Try
running
> > > tcpdump and sockstat on the server to see what's coming and going for
> > > FTP traffic. /ports/net/trafshow might be helpful, too.
> > >
> >
> > Hello!
> > Thanks for the reply!
> > But I'm not running any firewall on my server...
>
> Ahh. So you're *not* having exactly the same problem. :-)
>
> > So, my problem shouldn't be with the firewall on my server...
> >
> > About the configuration of FTPd, I cannot find the config file
> > (ftpd.conf or ftpd.config or ftpd.cf )on my server(FreeBSD4.8 stable,
> > built yesterday).
>
> >From ftpd(8):
> FILES
> /etc/ftpusers List of unwelcome/restricted users.
> /etc/ftpchroot List of normal users who should be chroot'd.
> /etc/ftphosts Virtual hosting configuration file.
> /etc/ftpwelcome Welcome notice.
> /etc/ftpmotd Welcome notice after login.
> /var/run/nologin
> Displayed and access refused.
> /var/log/ftpd Log file for anonymous transfers.
>
> > Note that I'm trying to connect to FreeBSD from a windows
> > workstation.... both the workstation and the FreeBSD server are in
> > the same LAN.... From my Windows box, I can easilly connect via FTP to
> > other Linux sercers in my LAN or even out of the LAN.. But when I
> > connect to my FreeBSD server, it connecs well... but I cannot do
> > anything useful on the server.... I get the error "...425 can't build
> > data connection: operation timed out..."
>
> Try both active and passive modes for transfer. If you really have no
> firewall between the client and the server (remember the entire path
> from application to application is important), and there is no address
> translation going on, you should have no issues either way with the
> stock configurations of Windows and FreeBSD.
>
> If, on the other hand, you're running any sort of packet filter or
> "Personal Firewall" on the Windows machine, or using "Internet
Let me mention that when I was having this problem yesterday, when I ping to
my local Linux gateway, it takes in average time 200ms(but normally, it use
to take <1ms), and I had to go thru that gateway before getting to my
FreeBSD server.
I didn't mention it yesterday because I have to go thru that same gateway
before reaching the Linux boxes I have successfully connected to when I was
having troubles with the BSD box.
Right now, the time to reach the gateway has dropped to its normal value
(<1ms) and the FreeBSD box now works quite fine...
So, the problem with the FreeBSD server was triggered by some anomalies in
our network....
Yes, there is a firewall on that Linux gateway.... but I have no control on
it....
Thank so much for the support.
Arcadius A.
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"
- Previous message: Prestele Stefan: "installing 5.1-RELEASE - problem with swap"
- In reply to: Ryan Thompson: "Re: FreeBSD FTP problem"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
