[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[suse-security] vsftpd & epsv4 mode

hi list

yesterday I set up a vsftpd server - sucessfully ;-)
all common connections (from the beloved redmond tools) make no problems.

curiously the lukeftp command line tool has problems connecting the server. in 
standard mode all command which active the passive mode fails:

229 Entering Extended Passive Mode (|||46597|)

...here is dead end. after googeling I discover the epsv4 toggle mode. after 
disabling the extended passive commands, following server message appear:

227 Entering Passive Mode (XXX,XXX,XX,XX,23,72)

that works quite good. curiously I can establish a connection to this 
ftp-server via VPN (and the private IP-Number). within my enterprise network 
the 229 - Extended Passive Mode works!
therefore it is definitely not the fault of vsftpd. here comes my questions.

1) I assume the number "46579" is the port number given from the FTP server in 
the case of epsv. the ",23-72" is the range of data port given by FTP in case 
of pasv mode. is that correct?
therefore one firewall seems blocking the high-port 46579 in the case of 
internet-connection (at VPN connection all traffice goes through..)??
2) if I establish with lukeftp a connection to "ftp.suse.com" I am immediately 
in the pasv mode (instead epsv). 
I assume SuSE also running vsftpd - therefore a setting must exist which 
forces ftp-clients to use classical pasv mode.
unfortunately I could not find this option.


Mit freundlichen Grüßen / With kind regards

Dipl.-Ing. Harald Nikolisin
SOFiSTiK AG (Entwicklung)

Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here