[SOLVED] VSFTPD usr info mising? Getting connection refused.
Posted: 2011/09/03 02:44:29
I have a mall home network that I run Win XP, Win7, Vista and CentOS 6 on.They are connected to a router for internet access.
Previously, on CentOS 5.5, I set up VSFTPD quite successfully to permit access from outside to the VSFTPD server. I tried to duplicate this on CentOS 6, but its not working. On XP, WS_FTP-LE (the ftp client) gives me a "connection refused" message.
The CentOS machine has been assigned a static IP address, and VSFTPD has been set up to disallow local and anonymous logins. SELinux has been disabled as has the firewall. The router has been set up with a DMZ (to the CentOS IP address). There is only one other user - a normal user - defined in the system. I'm trying to log in with that name.
I can ping the CentOS machine via the LAN address (192.168...) and via the router IP address (99.xxx.xxx.xxx), and get packets back successfully. But I cannot verify that the router forwards to the Centos machine.
I cannot understand the difference between inetd started vsftpd and the non-inetd started variety, ie how the are different in operation.
My goal is to vector the one user's FTP to a specific folder on the machine, say' /mnt/bigdisk/FTPShare/'
Here is the vsftpd.conf file:
[code]
#The following lists directives which affect vsftpd's logging behavior.
dual_log_enable=NO
log_ftp_protocol=NO
syslog_enable=NO
#vsftpd_log_file
xferlog_enable=YES
#xferlog_file
#xferlog_std_format
ls_recurse_enable=NO
ascii_download_enable=NO
async_abor_enable=YES
#Network Options
#The following lists directives which affect how vsftpd interacts with the network.
#1-Disable port style connection = Yes by default.
port_enable=NO
#2-connect_from_port_20 is NO by default.
connect_from_port_20=NO
#3-Enable passive connection: Yes by default.
pasv_enable=YES
accept_timeout=60
anon_max_rate=0
connect_timeout=60
data_connection_timeout=300
ftp_data_port=20
idle_session_timeout=300
#listen_address
#listen_address6
one_process_model=YES
listen_port=21
local_max_rate=0
max_clients=1
max_per_ip=1
#pasv_address Specifies the IP address for the public facing IP address of the server for servers behind Network Address
# Translation (NAT) firewalls.
# This enables vsftpd to hand out the correct return address for passive mode connections.
pasv_enable=YES
pasv_max_port=0
pasv_min_port=0
#pasv_promiscuous
[/code]
And here is the vsftpd.xinetd file
[code]
# default: off
# description: The vsftpd FTP server serves FTP connections. It uses \
# normal, unencrypted usernames and passwords for authentication.
service ftp
{
socket_type = stream
wait = no
user = root
server = /usr/sbin/vsftpd
server_args = /etc/vsftpd/vsftpd.conf
nice = 10
disable = yes
flags = IPv4
banner_fail = /etc/vsftpd.busy_banner
per_source = 1
instances = 1
log_on_success += PID HOST DURATION
log_on_failure += HOST
}
[/code]
Previously, on CentOS 5.5, I set up VSFTPD quite successfully to permit access from outside to the VSFTPD server. I tried to duplicate this on CentOS 6, but its not working. On XP, WS_FTP-LE (the ftp client) gives me a "connection refused" message.
The CentOS machine has been assigned a static IP address, and VSFTPD has been set up to disallow local and anonymous logins. SELinux has been disabled as has the firewall. The router has been set up with a DMZ (to the CentOS IP address). There is only one other user - a normal user - defined in the system. I'm trying to log in with that name.
I can ping the CentOS machine via the LAN address (192.168...) and via the router IP address (99.xxx.xxx.xxx), and get packets back successfully. But I cannot verify that the router forwards to the Centos machine.
I cannot understand the difference between inetd started vsftpd and the non-inetd started variety, ie how the are different in operation.
My goal is to vector the one user's FTP to a specific folder on the machine, say' /mnt/bigdisk/FTPShare/'
Here is the vsftpd.conf file:
[code]
#The following lists directives which affect vsftpd's logging behavior.
dual_log_enable=NO
log_ftp_protocol=NO
syslog_enable=NO
#vsftpd_log_file
xferlog_enable=YES
#xferlog_file
#xferlog_std_format
ls_recurse_enable=NO
ascii_download_enable=NO
async_abor_enable=YES
#Network Options
#The following lists directives which affect how vsftpd interacts with the network.
#1-Disable port style connection = Yes by default.
port_enable=NO
#2-connect_from_port_20 is NO by default.
connect_from_port_20=NO
#3-Enable passive connection: Yes by default.
pasv_enable=YES
accept_timeout=60
anon_max_rate=0
connect_timeout=60
data_connection_timeout=300
ftp_data_port=20
idle_session_timeout=300
#listen_address
#listen_address6
one_process_model=YES
listen_port=21
local_max_rate=0
max_clients=1
max_per_ip=1
#pasv_address Specifies the IP address for the public facing IP address of the server for servers behind Network Address
# Translation (NAT) firewalls.
# This enables vsftpd to hand out the correct return address for passive mode connections.
pasv_enable=YES
pasv_max_port=0
pasv_min_port=0
#pasv_promiscuous
[/code]
And here is the vsftpd.xinetd file
[code]
# default: off
# description: The vsftpd FTP server serves FTP connections. It uses \
# normal, unencrypted usernames and passwords for authentication.
service ftp
{
socket_type = stream
wait = no
user = root
server = /usr/sbin/vsftpd
server_args = /etc/vsftpd/vsftpd.conf
nice = 10
disable = yes
flags = IPv4
banner_fail = /etc/vsftpd.busy_banner
per_source = 1
instances = 1
log_on_success += PID HOST DURATION
log_on_failure += HOST
}
[/code]