Ftpd And Iptables Rules
May 18, 2008
my server have problem with login to ftp
i ask of cpanel,cpanel answer :
Howdy,
Are you using any kind of external firewalling? I have enabled the passive
ports in pure-ftpd and attempted to connect in passive mode, but it still
fails.
and
Howdy,
You should allow connections on 30000 through 50000 for passive ftp
---
this is vps
how may i solved it?
i use of csf
View 6 Replies
ADVERTISEMENT
Jul 2, 2009
One of my low knowledge area's is Iptables Rule's I just normally use APF/CSF.
However on a VPS Host node, I basically want to block all access to a certain port let's say 1234 apart from a certain IP address.
However I don't want to block this port on any of the VPS's on the Node, so what Iptable Rule(s) would I need to put into a bash script on startup.
View 7 Replies
View Related
May 15, 2007
I had csf firewall installed, and due to my own stupidity, attempted to login with the wrong password one too many times, which added my IP to iptables, locking me out. I had to SSH into a linux box at school, and then ssh into my server to stop the iptables service so I could get into my server.
I removed every trace of my IP that I could find in csf, but sometime in the middle of the night, iptables reloads some rules from somewhere that blocks me again. I also tried doing iptables -F to clear all rules, but again, sometime in the middle of the night, rules are reloaded and I get blocked. I even uninstalled csf to no avail. I just want to remove my IP once and for all.
View 11 Replies
View Related
Jul 19, 2008
I use APF and APF is working with iptables , when I define a large number of IPs in deny_hosts.rules or allow_hosts.rules and restart the APF , iptables begins to display errors after applying some number of rules , I have set SET_TRIM="0" in APF , so the number of APF rules is unlimited and the error is from iptables.
Is there any setting in iptables config files for maximum number of rules?
Is it unlimited and depends only on system available memory? O/S , ...?
View 2 Replies
View Related
Jul 1, 2009
I have a VPS (Virtuozzo) with cPanel installed. I notice that iptables running in the VPS had many DROP rules when I listed using iptables -nL command. So I flushed iptabled using "iptables -F" command and also "> /etc/sysconfig/iptables" command and restarted iptabled. When I try to list the rules it would show empty. However when I try to list after a few minutes it is showing the same old rules with many DROP rules yet again! Is there anyway to remove the rules completely?
View 2 Replies
View Related
May 6, 2009
If I buy a web server (Linux), Do I need to use iptables and create some security rules?
What types of rules?
Is it suggest use modsecurity for Apache?
If I host 2 sites (2 wordpress blog), what are better rules?
View 14 Replies
View Related
Oct 4, 2007
One of these rules is causing name server lookups to fail, but I can't seem to figure out which one, can anyone spot the problem?
Code:
[root@example ~]# iptables -L -n
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
INVDROP all -- 0.0.0.0/0 0.0.0.0/0 state INVALID
INVDROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x00
INVDROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x3F
INVDROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x03/0x03
INVDROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x06/0x06
INVDROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x05/0x05
INVDROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x11/0x01
INVDROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x18/0x08
INVDROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x30/0x20
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:20
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:21
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:25
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:53
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:80
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:110
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:143
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:443
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:465
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:953
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:993
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:995
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:10023
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:20
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:21
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:53
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:953
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state NEW icmp type 8
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spt:53 dpt:53
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp spt:53 dpt:53
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spt:53 dpts:1024:65535
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp spt:53 dpts:1024:65535
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:53
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp spts:1024:65535 dpt:53
LOGDROPIN all -- 0.0.0.0/0 0.0.0.0/0
Chain FORWARD (policy DROP)
target prot opt source destination
Chain OUTPUT (policy DROP)
target prot opt source destination
INVDROP all -- 0.0.0.0/0 0.0.0.0/0 state INVALID
INVDROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x00
INVDROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x3F
INVDROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x03/0x03
INVDROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x06/0x06
INVDROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x05/0x05
INVDROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x11/0x01
INVDROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x18/0x08
INVDROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x30/0x20
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:20
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:21
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:25
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:53
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:80
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:110
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:113
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:443
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:953
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:10023
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:9999
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:20
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:21
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:53
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:113
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:123
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:953
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state NEW icmp type 8
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spt:53 dpt:53
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp spt:53 dpt:53
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:53
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp spts:1024:65535 dpt:53
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spt:53 dpts:1024:65535
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp spt:53 dpts:1024:65535
LOGDROPOUT all -- 0.0.0.0/0 0.0.0.0/0
Chain INVDROP (18 references)
target prot opt source destination
DROP all -- 0.0.0.0/0 0.0.0.0/0
Chain LOGDROPIN (1 references)
target prot opt source destination
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:67
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:67
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:68
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:68
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:111
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:111
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:113
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:113
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpts:135:139
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpts:135:139
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:445
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:445
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:513
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:513
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:520
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:520
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 limit: avg 30/min burst 5 LOG flags 0 level 4 prefix `Firewall: *TCP_IN Blocked* '
LOG udp -- 0.0.0.0/0 0.0.0.0/0 limit: avg 30/min burst 5 LOG flags 0 level 4 prefix `Firewall: *UDP_IN Blocked* '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 limit: avg 30/min burst 5 LOG flags 0 level 4 prefix `Firewall: *ICMP_IN Blocked* '
DROP all -- 0.0.0.0/0 0.0.0.0/0
Chain LOGDROPOUT (1 references)
target prot opt source destination
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 limit: avg 30/min burst 5 LOG flags 0 level 4 prefix `Firewall: *TCP_OUT Blocked* '
LOG udp -- 0.0.0.0/0 0.0.0.0/0 limit: avg 30/min burst 5 LOG flags 0 level 4 prefix `Firewall: *UDP_OUT Blocked* '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 limit: avg 30/min burst 5 LOG flags 0 level 4 prefix `Firewall: *ICMP_OUT Blocked* '
DROP all -- 0.0.0.0/0 0.0.0.0/0
View 3 Replies
View Related
Nov 9, 2008
I have cPanel running on a server which was working until it magically stopped allowing FTP logins via Pure-FTPD. It won't even allow Pure-FTPD to be started up. It gives the following error:
Starting pure-config.pl: Running: /usr/local/sbin/pure-ftpd -O clf:/var/log/xferlog --daemonize -A -c50 -B -C8 -D -E -fftp -H -I15 -lextauth
:/var/run/ftpd.sock -L2000:8 -m4 -s -U133:022 -u100 -Oxferlog:/usr/local/apache/domlogs/ftpxferlog -k99 -Z -Y1
/usr/local/sbin/pure-ftpd: invalid option -- O
421 Unknown authentication method: extauth:/var/run/ftpd.sock
[FAILED]
I've tried upgrading cPanel, downgrading cPanel, forcing a reinstall, swapping to Pro-FTPD (doesn't allow login either) and back, but nothing seems to repair it.
Does anyone else have any ideas or experienced a similar issue?
View 1 Replies
View Related
Jan 5, 2008
I execute the following commands, in the following order:
iptables --flush
iptables --zero
iptables -A INPUT -s 218.65.12.161 -j DROP
will that last command successfully ban that IP until reboot?
If not, what needs to be done? I can't access my site if I don't flush + zero iptables first but I need to be able to ban with iptables.
View 2 Replies
View Related
Oct 24, 2009
I am not 100% sure if i am going to be able to describe the problem, but i hope someone will get an idea what i am talking about.
I have pure-ftpd installed on my server.
In one of the folders in my public_html i have more then 10 000 files.
When i ftp to my username using FlashFXP i am unable to list more then 1998 files.
Does it have to do anything with passive ports range or?
what port range should i use, and how should i enter it in /etc/sysconfig/iptables.
View 5 Replies
View Related
Jun 13, 2009
Daily I get ftpd failed , and it didn't auto restart unless I do force ftpd threw shell
Code:
/scripts/ftpup --force
Server with 2 GB , and only one website contains.
View 14 Replies
View Related
May 16, 2009
i tried everything i know and reinstalled my vps more than 5 times for the last 24hrs but i'm out of luck. Pure-ftpd would not start what ever i do.
Also lxadmin installation gives me the following error:
Downloading Installappdata
pure-ftpd: unrecognized service
unlink: cannot unlink `/usr/bin/lxsuexec': No such file or directory
unlink: cannot unlink `/usr/bin/lxexec': No such file or directory
mv: cannot stat `/sbin/udevd': No such file or directory
rm: cannot remove `/dev/pts/0': Operation not permitted
View 5 Replies
View Related
Feb 22, 2008
I've run a pure-ftpd-server privetley and haven't bothered to chroot the enviroment since I only used it myself when I needed files remotley. Now on request of my school and work buddies I've started hosting a website which they are to manage and through my ftp-server add / remove the site's different files.
I know how to start it with chrooted enviroment but everytime I reboot it, which I usually don't need to anyway, it starts unchrooted so I manually have to kill the ftp-daemon and start it with my customised parameters.
Is there a way to change the init.d/pure-ftpd-conf or something to start with my customised options? i.e with the chroot-option turned on.
View 1 Replies
View Related
Apr 15, 2008
I am just in the process of finish off setting up my first cPanel server but I am having the follow problems when connecting to FTP:
Response:220---------- Welcome to Pure-FTPd [TLS] ----------
Response:220-You are user number 1 of 50 allowed.
Response:220-Local time is now 17:20. Server port: 21.
Response:220-IPv6 connections are also welcome on this server.
Response:220 You will be disconnected after 15 minutes of inactivity.
Command:USER xxxx
Response:331 User ehuk OK. Password required
Command:PASS ***********
Response:230-User ehuk has group access to: ehuk
Response:230 OK. Current restricted directory is /
Command:SYST
Response:215 UNIX Type: L8
Command:FEAT
Response:211-Extensions supported:
Response: EPRT
Response: IDLE
Response: MDTM
Response: SIZE
Response: REST STREAM
Response: MLST type*;size*;sizd*;modify*;UNIX.mode*;UNIX.uid*;UNIX.gid*;unique*;
Response: MLSD
Response: ESTP
Response: PASV
Response: EPSV
Response: SPSV
Response: ESTA
Response: AUTH TLS
Response: PBSZ
Response: PROT
Response:211 End.
Status:Connected
Status:Retrieving directory listing...
Command:PWD
Response:257 "/" is your current location
Command:TYPE I
Response:200 TYPE is now 8-bit binary
Command:PASV
Response:227 Entering Passive Mode (10,21,103,3,255,61)
Status:Server sent passive reply with unroutable address. Using server address instead.
Command:LIST
Error:Connection timed out
Error:Failed to retrieve directory listing
The server is behind a firewall, I can connect to the FTP via VPN but I cant connect via the remote IP, any ideas?
I know cPanel is designed for NAT but I have worked around this, the FTP is the only issue,
View 13 Replies
View Related
Sep 2, 2007
I have too many connection from 202.96.5.29 through pure-ftpd:
PHP Code:
Sep 3 00:27:24 server pure-ftpd: (?@202.96.5.29) [INFO] New connection from 202.96.5.29Sep 3 00:27:25 server pure-ftpd: (?@202.96.5.29) [WARNING] Authentication failed for user [oracle]Sep 3 00:27:29 server pure-ftpd: (?@202.96.5.29) [WARNING] Authentication failed for user [oracle]Sep 3 00:27:31 server pure-ftpd: (?@202.96.5.29) [WARNING] Authentication failed for user [Administrator]Sep 3 00:27:39 server pure-ftpd: (?@202.96.5.29) [WARNING] Authentication failed for user [oracle]Sep 3 00:27:49 server pure-ftpd: (?@202.96.5.29) [WARNING] Authentication failed for user [oracle]Sep 3 00:27:49 server pure-ftpd: (?@202.96.5.29) [ERROR] Too many authentication failuresSep 3 00:27:49 server pure-ftpd: (?@202.96.5.29) [INFO] New connection from 202.96.5.29
I block this ip (202.96.5.29 ) with:
PHP Code:
/sbin/iptables -I INPUT -s 202.96.5.29 -j DROProute add 202.96.5.29 reject
but is not blocked always I have same too many connection?
how can I force block this Ip?
View 7 Replies
View Related
Sep 14, 2007
/var/log/messages is full of messages like this every 5 minutes:
[INFO] New connection from 209.85.4.32
pure-ftpd: (?@209.85.4.32) [INFO] Logout
is there any way to stop it?
View 3 Replies
View Related
Feb 6, 2007
Is there a way to disable the temporary filename, for instance when I upload a file via ftp, the filename becomes .pureftp-24213421423. It returns back to the original filename when you abord the transfer or when it's completed.
View 2 Replies
View Related
Mar 3, 2007
I have a slight problem with one user trying to upload with FTP to the server. The problem is, if he is uploading a file that will take awhile... his FTP connection will be dropped if he visits his site during the transfer.
Me and a few others have tried duplicating the problem with no success. Our uploads do not get stopped. Anyhow, I took a guess that maybe it was a problem with APF our software based firewall. I turned it off for a few minutes, and then the users problems dissappeared.
I turned on full logging in APF, and had the user try yet again. Here is the output:
PHP Code:
Mar 3 17:23:22 boundless kernel: ** OUT_TCP DROP ** IN= OUT=eth0 SRC=69.65.12.230 DST=69.149.62.111 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=21 DPT=61682 WINDOW=0 RES=0x00 RST URGP=0
Mar 3 17:23:32 boundless kernel: ** IN_TCP DROP ** IN=eth0 OUT= MAC=00:e0:81:44:f0:a2:00:d0:03:c2:a8:00:08:00 SRC=69.149.62.111 DST=69.65.12.230 LEN=1492 TOS=0x00 PREC=0x00 TTL=116 ID=64493 DF PROTO=TCP SPT=61684 DPT=23301 WINDOW=65535 RES=0x00 ACK URGP=0
Mar 3 17:23:32 boundless kernel: ** OUT_TCP DROP ** IN= OUT=eth0 SRC=69.65.12.230 DST=69.149.62.111 LEN=40 TOS=0x08 PREC=0x00 TTL=64 ID=65164 DF PROTO=TCP SPT=23301 DPT=61684 WINDOW=32767 RES=0x00 ACK URGP=0
Mar 3 17:23:32 boundless kernel: ** IN_TCP DROP ** IN=eth0 OUT= MAC=00:e0:81:44:f0:a2:00:d0:03:c2:a8:00:08:00 SRC=69.149.62.111 DST=69.65.12.230 LEN=1492 TOS=0x00 PREC=0x00 TTL=116 ID=64496 DF PROTO=TCP SPT=61684 DPT=23301 WINDOW=65535 RES=0x00 ACK PSH URGP=0
Mar 3 17:23:32 boundless kernel: ** IN_TCP DROP ** IN=eth0 OUT= MAC=00:e0:81:44:f0:a2:00:d0:03:c2:a8:00:08:00 SRC=69.149.62.111 DST=69.65.12.230 LEN=1492 TOS=0x00 PREC=0x00 TTL=116 ID=64497 DF PROTO=TCP SPT=61684 DPT=23301 WINDOW=65535 RES=0x00 ACK URGP=0
Mar 3 17:23:32 boundless kernel: ** IN_TCP DROP ** IN=eth0 OUT= MAC=00:e0:81:44:f0:a2:00:d0:03:c2:a8:00:08:00 SRC=69.149.62.111 DST=69.65.12.230 LEN=1492 TOS=0x00 PREC=0x00 TTL=116 ID=64499 DF PROTO=TCP SPT=61684 DPT=23301 WINDOW=65535 RES=0x00 ACK URGP=0
Mar 3 17:23:32 boundless kernel: ** IN_TCP DROP ** IN=eth0 OUT= MAC=00:e0:81:44:f0:a2:00:d0:03:c2:a8:00:08:00 SRC=69.149.62.111 DST=69.65.12.230 LEN=1492 TOS=0x00 PREC=0x00 TTL=116 ID=64500 DF PROTO=TCP SPT=61684 DPT=23301 WINDOW=65535 RES=0x00 ACK PSH URGP=0
Mar 3 17:23:33 boundless kernel: ** OUT_TCP DROP ** IN= OUT=eth0 SRC=69.65.12.230 DST=69.149.62.111 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=21 DPT=61682 WINDOW=0 RES=0x00 RST URGP=0
Mar 3 17:23:34 boundless kernel: ** OUT_TCP DROP ** IN= OUT=eth0 SRC=69.65.12.230 DST=69.149.62.111 LEN=40 TOS=0x08 PREC=0x00 TTL=64 ID=65166 DF PROTO=TCP SPT=23301 DPT=61684 WINDOW=32767 RES=0x00 ACK URGP=0
Mar 3 17:23:39 boundless kernel: ** OUT_TCP DROP ** IN= OUT=eth0 SRC=69.65.12.230 DST=69.149.62.111 LEN=40 TOS=0x08 PREC=0x00 TTL=64 ID=65168 DF PROTO=TCP SPT=23301 DPT=61684 WINDOW=32767 RES=0x00 ACK URGP=0
Mar 3 17:23:44 boundless kernel: ** OUT_TCP DROP ** IN= OUT=eth0 SRC=69.65.12.230 DST=69.149.62.111 LEN=40 TOS=0x08 PREC=0x00 TTL=64 ID=65170 DF PROTO=TCP SPT=23301 DPT=61684 WINDOW=32767 RES=0x00 ACK FIN URGP=0
Mar 3 17:23:44 boundless pure-ftpd: (lf4worl@69.149.62.111) [INFO] Timeout (no new data for 900 seconds)
The 17:23:44listings is the exact time he visited his site during the upload. The weird part is the Timeout message at that same exact time. No new data for 900 seconds...
Anyhow, I don't really want to post the full apf.conf if I don't have to... So can anyone take a guess at what APF rule might be causing the problem?
Also, why would it only be affecting 1 client when all the rest can visit their site while uploading?
View 2 Replies
View Related
Jan 12, 2008
I've been running pure-ftpd for around 4 months now without any problems, until around 24-48 hours ago file upload has been going a bit loopy.
When you upload a file the speed bounces considerably, and at times pauses on 0kbps until it then dies and fails the upload. 9/10 uploads I have tried have failed.
[R] Opening data connection IP: 74.86.20.181 PORT: 35283
[R] LIST -al
[R] 150 Accepted data connection
[R] 226-Options: -a -l
[R] 226 6 matches total
[R] List Complete: 374 bytes in 0.64 seconds (0.6 KB/s)
Transfer queue completed
1 File failed to transfer
[R] Connection lost: chacha
We have restarted pure-ftpd a number of times, but have had no luck.
Please could you try and upload a file (at least 10mb and please nothing dodgey) to this FTP account:
address: chacha.99k.org
user: chacha@99k.org
pass: password
And output the result.
Does anyone here have experience with pure-ftpd and would possibly consider giving my system a "once over"?
View 2 Replies
View Related
Jul 3, 2007
Everytime i rebooted my server, my FTPd is always down and it won't start unless i restart my FTPd via WHM (CPanel server)
Sometimes, named failed too.
View 7 Replies
View Related
Apr 7, 2008
Timezone on server is set to GMT -5 EDT
My timezone is GMT -5 EDT
Yet filezilla 3.x ftp client connected to my server's pure-ftpd server offsets time on transferred files by an hour, saying now at 8:52 that the file was uploaded to the server at 9:52.
WHM and uptime, etc. at the SSH prompt show server time correct, matching my own time.
But connecting via filezilla 3 I get:
Status: Calculating timezone offset of server...
Command:MDTM .htaccess
Response:213 20080208013750
Status:Timezone offsets: Server: -18000 seconds. Local: -14400 seconds. Difference: 3600 seconds.
Status: Directory listing successful
If I connect locally to pure-ftp via the server shell ftp, I get
Connected to localhost.
220---------- Welcome to Pure-FTPd [TLS] ----------
220-You are user number 1 of 50 allowed.
220-Local time is now 20:52. Server port: 21.
which matches
$ uptime
20:52:28
The filezilla forums however indicate the problem is due to some "non-standards compliant setup" of my ftp server.
[url]
Quote:
As required in RFC 3659 [url]FileZilla assumed MDTM returns timestamps in UTC. Based on the timestamp return in the LIST reply and the corresponding MDTM reply, it calculates the timezone offset of the server.
Obviously this fails on broken or misconfigured servers.
I can assure you that it works fine on all standards-compliant servers.
Is there something I can tweak with pure-ftpd, or is this a Filezilla 3 bug?
View 9 Replies
View Related
May 29, 2008
Today I tried to setup pure-ftpd server on slackware linux and managed to do that I also enabled virtual users feature, but when I log in to ftp as virtual user I cannot create any dirs or change dirs.
My question is - how do I enable for virtual user: deleting, changing, renaming, creating files, dirs in his home ftp directory?
View 3 Replies
View Related
Aug 9, 2006
I signed up with Lunarpages a while back for a dedicated server for my business. Good price, managed hosting rocks, decent disk space... little problem once with a huge power outage, but **** happens, cool.
All is well until I wake up this morning to an email a minute about a failed cron job. It smells fishy, so I contact LUnar pages support to see whats up.
They inform me that some asswad had managed to brute force into my server using a temporary account I set up a while back for some tech support. (I prefaced this with 'im an idiot', so no you know why)
Either way, my server now has a rootkit, plus other **** im sure im not aware of... so they propose to move me to a brand new fresh box. im thinking they are gonna charge me a fee for this, a fee for that... no way. All is free of charge.
Im ****ting kittens now.
so im resetting everything up, and i manage to look myself out of my database...(i told you I was an idiot.. and this was a looooong day already)
they fix it. again. no problem...
If you are looking for a dedicated server, go to lunarpages. otherwise you are a freaking idiot as far as I am concerned...
Lunarpages, I love you, I want your babies...
PS: I am in no way affiliated with lunarpages... however, if they want to give me a free year on their servers, i wouldnt complain... *hint hint*
View 0 Replies
View Related
May 25, 2009
Is it possible to disable a particular mod_security rule for particular directory or the rules are global?
View 4 Replies
View Related
May 26, 2009
I want to block the icmp6 and traceroute on my ipv6 server,how can i do it?
View 1 Replies
View Related
Aug 15, 2008
I just installed mod_security via WHM, and want to know what rule should I enter to prevent some URLs from being opened.
For example, if URL contains word "abc" (like domain.com/some_folder/abc/file.php), it should not be opened.
View 4 Replies
View Related
Jun 4, 2008
how to set the rules of MOD_Security.
Another question for professionals:
Q: What are the best rules to secure my server? I'd appreciate if you managed to attach these rules to your replies. // FYI, I host VBulletin portals.
View 3 Replies
View Related