Why does ProFTPd stop at Entering Passive Mode on Debian on a Windows Virtualbox? [closed]

debian ftp virtual-machines proftpd

I have installed Debian Squeeze on a Windows computer with Oracle Virtualbox. Then I've port forwarded port 21 on the NAT adapter.

In Debian I've run:

apt-get install proftpd

Then I uncommented the PassivePorts so I have the ports 49152 to 49155 available as passive ports. Then I uncommented MasqueradeAddress and set it to 127.0.0.1

Then after trying to Quick Connect in FileZilla I get:

Status: Connecting to 127.0.0.1:21...
Status: Connection established, waiting for welcome message...
Response:   220 FTP Server ready.
Command:    USER webserver
Response:   331 Password required for webserver
Command:    PASS *
Response:   230 User webserver logged in
Command:    OPTS UTF8 ON
Response:   200 UTF8 set to on
Status: Connected
Status: Retrieving directory listing...
Command:    PWD
Response:   257 "/" is the current directory
Command:    TYPE I
Response:   200 Type set to I
Command:    PASV
Response:   227 Entering Passive Mode (127,0,0,1,192,3).
Command:    MLSD
Error:  Connection timed out
Error:  Failed to retrieve directory listing

How can this be fixed? It seems that it's something related to the VM, (running on the same machine right now), because all tutorials out there suppose it should work after just running the apt-get.


Solution 1:

You will need to enable PassivePorst in your proftd.conf -

   PassivePorts      35000 40000

Enable the ip_conntrack_ftp module 

   modprobe ip_conntrack_ftp

In your firewall, all the ports related to ftp/passive ftp have to be opened - 

 iptables -A INPUT  -p tcp --sport 21 -m state --state ESTABLISHED -j ACCEPT

 iptables -A OUTPUT -p tcp --dport 21 -m state --state NEW,ESTABLISHED -j ACCEPT

 iptables -A INPUT -p tcp --sport 20 -m state --state ESTABLISHED,RELATED -j ACCEPT

 iptables -A OUTPUT -p tcp --dport 20 -m state --state ESTABLISHED -j ACCEPT


 iptables -A INPUT -p tcp --sport 1024: --dport 35000:40000  -m state --state ESTABLISHED -j ACCEPT

 iptables -A OUTPUT -p tcp --sport 1024: --dport 35000:40000  -m state --state ESTABLISHED,RELATED -j ACCEPT

Related

List existing file server permission groups/users
Remove local area code on outbound calls, and remove "dial 1" for long distance in Trixbox/Asterisk
Can APC recognise duplicate source files?
Virtual host for subdomain overriding default virtual host
Routing Strategy for Multiple VPCs on AWS
how to move/configure Mysql Database to another partition?
How to block users from seeing others processes?
keep certain number of backups with windows server backup
Log in to a single LUN of a target with iscsiadm (open-iscsi)?
How can i create AMI from instance-store based EC2 instance?
CSF firewal - how does csf.allow work?
Setting up NTP on 2 Linux boxes and one OpenBSD box