vsftpd

Issues related to applications and software problems
Duerdum9
Posts: 18
Joined: 2012/02/17 00:14:12
Contact:

Re: vsftpd

Post by Duerdum9 » 2012/02/21 15:22:00

The installation is about 600mb, or so. A company is hosting the server, Called Virpus (Xen). All I got is root access, SSH & remote access (eg, reboot etc).

When I do 'yum update' it says "no packages are flagged for update' something like that. Though, after I got the server I did do yum update - it took a while for it to update all the packages.

pschaff
Retired Moderator
Posts: 18276
Joined: 2006/12/13 20:15:34
Location: Tidewater, Virginia, North America
Contact:

Re: vsftpd

Post by pschaff » 2012/02/21 15:28:17

The name seems to indicate a VM but not a Xen kernel. Still seems you could run the latest if it is installed. Might need to check /boot/grub/grub.conf and make sure the default is set properly, and /etc/sysconfig/kernel if it is not.

Duerdum9
Posts: 18
Joined: 2012/02/17 00:14:12
Contact:

Re: vsftpd

Post by Duerdum9 » 2012/02/21 15:41:45

[quote]
pschaff wrote:
The name seems to indicate a VM but not a Xen kernel. Still seems you could run the latest if it is installed. Might need to check /boot/grub/grub.conf and make sure the default is set properly, and /etc/sysconfig/kernel if it is not.[/quote]
http://pastebin.com/DU2BQnt4 - That's the /boot/grub/grub.conf
& /etc/sysonfig/kernel - no folder nor file called that.

pschaff
Retired Moderator
Posts: 18276
Joined: 2006/12/13 20:15:34
Location: Tidewater, Virginia, North America
Contact:

Re: vsftpd

Post by pschaff » 2012/02/21 16:07:47

No need to use a pastebin for short output. Here it is for reference:
[code]default=1
timeout=10
title CentOS (2.6.32-220.4.2.el6.x86_64)
root (hd0,0)
kernel /boot/vmlinuz-2.6.32-220.4.2.el6.x86_64 console=hvc0 xencons=tty0 root=/dev/xvda1 ro crashkernel=auto
initrd /boot/initramfs-2.6.32-220.4.2.el6.x86_64.img
title vmlinuz-2.6.32-71.29.1.el6.x86_64
root (hd0,0)
kernel /boot/vmlinuz-2.6.32-71.29.1.el6.x86_64 console=hvc0 xencons=tty0 root=/dev/xvda1 ro
initrd /boot/initramfs-2.6.32-71.29.1.el6.x86_64.img[/code]

The default counts from zero so change "default=1" to "default=0" to boot the latest kernel. Check /etc/sysconfig/kernel to see that UPDATEDEFAULT is set properly:
[code]# UPDATEDEFAULT specifies if new-kernel-pkg should make
# new kernels the default
UPDATEDEFAULT=yes

# DEFAULTKERNEL specifies the default kernel package type
DEFAULTKERNEL=kernel
[/code]

Duerdum9
Posts: 18
Joined: 2012/02/17 00:14:12
Contact:

Re: vsftpd

Post by Duerdum9 » 2012/02/21 16:19:24

[quote]
pschaff wrote:
The default counts from zero so change "default=1" to "default=0" to boot the latest kernel. Check /etc/sysconfig/kernel to see that UPDATEDEFAULT is set properly:
[code]# UPDATEDEFAULT specifies if new-kernel-pkg should make
# new kernels the default
UPDATEDEFAULT=yes

# DEFAULTKERNEL specifies the default kernel package type
DEFAULTKERNEL=kernel
[/code][/quote]
I did the first thing you said. Since there wasn't the other file you explained, I tried to reboot it. Now I can connect via SSH, but not FTP anymore. I did 'cd /etc/sysconfig' then 'ls' - It didn't display any file, called "kernel".

pschaff
Retired Moderator
Posts: 18276
Joined: 2006/12/13 20:15:34
Location: Tidewater, Virginia, North America
Contact:

Re: vsftpd

Post by pschaff » 2012/02/21 18:58:37

I don't recall ever not having /etc/sysconfig/kernel but perhaps the minimal install does not create it.

As far as connectivity - what is the current state of the firewall rules? Is the vsftpd service running? It is not started by default unless you set it [b]on[/b] with [b]chkconfig[/b].

Ziftpay-adm
Posts: 1
Joined: 2016/05/23 16:25:17

Re: vsftpd

Post by Ziftpay-adm » 2016/05/23 16:33:24

I know this is an old post, but I just wanted to update and confirm in the solution that TrevorH provided of opening iptables on port 20/21 for the connecting host and then using the ip_conntrack_ftp kernel module.

Code: Select all

iptables -I INPUT -s xxx.xxx.xxx.xxx -p tcp -m tcp --dport 21 -j ACCEPT
iptables -I INPUT -s xxx.xxx.xxx.xxx -p tcp -m tcp --dport 20 -j ACCEPT
note: xxx.xxx.xxx.xxx should represent the source ip address of connecting client

after this enable the ip_conntrack_ftp kernel module by:

Code: Select all

modprobe ip_conntrack_ftp
After making these alterations on my centos 6.6 release I was able to get my filezilla connections to work appropriately.

Below is another website that confirms these steps:

https://major.io/2007/07/01/active-ftp- ... -iptables/

Post Reply