[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[suse-security] vsftpd & epsv4 mode
yesterday I set up a vsftpd server - sucessfully ;-)
all common connections (from the beloved redmond tools) make no problems.
curiously the lukeftp command line tool has problems connecting the server. in
standard mode all command which active the passive mode fails:
229 Entering Extended Passive Mode (|||46597|)
...here is dead end. after googeling I discover the epsv4 toggle mode. after
disabling the extended passive commands, following server message appear:
227 Entering Passive Mode (XXX,XXX,XX,XX,23,72)
that works quite good. curiously I can establish a connection to this
ftp-server via VPN (and the private IP-Number). within my enterprise network
the 229 - Extended Passive Mode works!
therefore it is definitely not the fault of vsftpd. here comes my questions.
1) I assume the number "46579" is the port number given from the FTP server in
the case of epsv. the ",23-72" is the range of data port given by FTP in case
of pasv mode. is that correct?
therefore one firewall seems blocking the high-port 46579 in the case of
internet-connection (at VPN connection all traffice goes through..)??
2) if I establish with lukeftp a connection to "ftp.suse.com" I am immediately
in the pasv mode (instead epsv).
I assume SuSE also running vsftpd - therefore a setting must exist which
forces ftp-clients to use classical pasv mode.
unfortunately I could not find this option.
Mit freundlichen Grüßen / With kind regards
Dipl.-Ing. Harald Nikolisin
SOFiSTiK AG (Entwicklung)
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here