Link to home
Start Free TrialLog in
Avatar of Mark
Mark

asked on

linxux proftp connection refused

I swear, I go through this same problem every time I set up Linux, but I keep losing track of the solution.

I have a new Linux box, kernel version 2.6.21. It is on an office lan whose others hosts are all Windows boxes. I can 'run -> ftp hostname' from any windows worstation out into the real world, but I can't ftp to this linux box. I get 'connection refused'. On the linux machine I try "ftp localhost", same thing. I have enabled proftpd in inet.conf, put "windowshost: ALL" into my hosts.allow file and done 'kill -HUP 1' to restart inetd. No go. What more do I need to do?
Avatar of Duncan Roe
Duncan Roe
Flag of Australia image

As root, do an "lsof -i" and verify that inetd really is listening on port 21. "Connection refused" would indicate that it doesn't.
Try this:
~# chmod +x /etc/rc.d/rc.proftpd
~# /etc/rc.d/rc.proftpd start
~# ftp localhost

if it works, it should now start automatically on boot

Hi,
first check firewall settings, allow 21 port if firewall is eanbled
second, check the logs (/var/log/messages) for any information
AB
Avatar of Mark
Mark

ASKER

duncan_roe: when I run "lsof -i" there is nothing for ftp

wod: I am ftp'ing to another linux host fine that does not use rc.proftpd. I assume that one is just using services/inetd.conf. These appear to be configured propery on the 'bad' machine. the proftpd.conf files are identical on both.

When I run proftpd -t (test config file) I get:
 - IPv6 getaddrinfo 'webserver.ohprs.org' error: Name or service not known

When I run 'proftpd -n -d 1' I get the above message and:

webserver.ohprs.org - fatal: Socket operation on non-socket

Any idea what this is? My host name is webserver and the local domain is ohprs.org. These are configured in my /etc/hosts file.

Wassup? I'm needing this real soon!
ASKER CERTIFIED SOLUTION
Avatar of Duncan Roe
Duncan Roe
Flag of Australia image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Mark

ASKER

duncan roe: Yes, I've got exactly that. I'm thinking if I can fix the getaddrinfo error it might be OK. Any idea what the problem is on that?
Possibly proftpd was built for IPv6 but your kernel wan't(?)
It's odd though that you have that line in inetd.con yet you can't see the port listening. I wonder if this is a new inetd that uses a different config file? I would concentrate on resolving that for now.
Avatar of Mark

ASKER

This is a straight slackware download from about 3 months ago. I did no building, vanilla, out of the box. I didn't even have to add drivers. I'll work on the addressing first and get back to this thread. Thanks
Avatar of Mark

ASKER

OK - I've added my linux host to the LMhosts file on the Server 2003. So now I can reference the host by name from there. However, this made no difference on proftpd. I've posted my proftpd.conf file below. I'll repeat the error messages here:

When I run proftpd -t (test config file) I get:
 - IPv6 getaddrinfo 'webserver.ohprs.org' error: Name or service not known

When I run 'proftpd -n -d 1' I get the above message and:

webserver.ohprs.org - fatal: Socket operation on non-socket

These messages don't tell me anything useful (to me). Does anyone know what they mean?

duncan_roe, inetd doesn't appear to have a version switch, but ident shows:
     $OpenBSD: inetd.c,v 1.79 2001/01/30 08:30:57 deraadt Exp $
     $Slackware: inetd.c 1.79s 2001/02/06 13:18:00 volkerdi Exp $
these don't look all that new. In fact they are the same as on the older Linix 2.4.29 where proftpd seems to run fine.

Below the proftpd.conf listing is the version/configuration of proftpd on the system that is NOT working: proftpd -V

ALL HELP GREATLY APPRECIATED!!!
# This is a basic ProFTPD configuration file.
# It establishes a single server and a single anonymous login.
# It assumes that you have a user/group "nobody" and "ftp"
# for normal/anonymous operation.
 
ServerName                      "ProFTPD Default Installation"
#ServerType                     standalone
ServerType                      inetd
DefaultServer                   on
 
# Port 21 is the standard FTP port.
Port                            21
# Umask 022 is a good standard umask to prevent new dirs and files
# from being group and world writable.
Umask                           022
 
# To prevent DoS attacks, set the maximum number of child processes
# to 30.  If you need to allow more than 30 concurrent connections
# at once, simply increase this value.  Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd)
MaxInstances                    30
 
# Set the user and group that the server normally runs at.
#User                           nobody
#Group                          nogroup
User                            ftp
Group                           ftp
 
# This next option is required for NIS or NIS+ to work properly:
#PersistentPasswd off
 
SystemLog                       /var/log/proftpd.log
TransferLog                     /var/log/xferlog
 
# Normally, we want files to be overwriteable.
<Directory /*>
  AllowOverwrite                on
</Directory>
 
# A basic anonymous FTP server configuration.
# To enable this, remove the user ftp from /etc/ftpusers.
<Anonymous ~ftp>
  RequireValidShell             off
  User                          ftp
  Group                         ftp
  # We want clients to be able to login with "anonymous" as well as "ftp"
  UserAlias                     anonymous ftp
 
  # Limit the maximum number of anonymous logins
  MaxClients                    50
 
  # We want 'welcome.msg' displayed at login, and '.message' displayed
  # in each newly chdired directory.
  DisplayLogin                  welcome.msg
  DisplayFirstChdir             .message
 
  # Limit WRITE everywhere in the anonymous chroot
  <Limit WRITE>
    DenyAll
  </Limit>
 
  # An upload directory that allows storing files but not retrieving
  # or creating directories.
#  <Directory incoming/*>
#    <Limit READ>
#      DenyAll
#    </Limit>
#
#    <Limit STOR>
#      AllowAll
#    </Limit>
#  </Directory>
 
</Anonymous>
 
 
> proftpd -V
Compile-time Settings:
  Version: 1.3.0a
  Platform: LINUX
  Built With:
    configure --prefix=/usr --sysconfdir=/etc --enable-autoshadow --enable-ctrls --enable-ipv6 --localstatedir=/var/run --with-modules=mod_readme:mod_ratio:mod_tls:mod_wrap:mod_ctrls_admin i486-slackware-linux
 
  Files:
    Configuration File:
      /etc/proftpd.conf
    Pid File:
      /var/run/proftpd.pid
    Scoreboard File:
      /var/run/proftpd/proftpd.scoreboard
 
  Features:
    + Autoshadow support
    + Controls support
    + curses support
    - Developer support
    - DSO support
    + IPv6 support
    + Largefile support
    + ncurses support
    - POSIX ACL support
    + Shadow file support
    + Sendfile support
 
  Tunable Options:
    PR_TUNABLE_BUFFER_SIZE = 1024
    PR_TUNABLE_GLOBBING_MAX = 8
    PR_TUNABLE_HASH_TABLE_SIZE = 40
    PR_TUNABLE_NEW_POOL_SIZE = 512
    PR_TUNABLE_RCVBUFSZ = 87380
    PR_TUNABLE_SCOREBOARD_BUFFER_SIZE = 80
    PR_TUNABLE_SCOREBOARD_SCRUB_TIMER = 30
    PR_TUNABLE_SELECT_TIMEOUT = 30
    PR_TUNABLE_SNDBUFSZ = 16384
    PR_TUNABLE_TIMEOUTIDENT = 10
    PR_TUNABLE_TIMEOUTIDLE = 600
    PR_TUNABLE_TIMEOUTLINGER = 180
    PR_TUNABLE_TIMEOUTLOGIN = 300
    PR_TUNABLE_TIMEOUTNOXFER = 300
    PR_TUNABLE_TIMEOUTSTALLED = 3600
    PR_TUNABLE_XFER_BUFFER_SIZE = 16384
    PR_TUNABLE_XFER_SCOREBOARD_UPDATES = 10

Open in new window

Avatar of Mark

ASKER

More information. I copied the proftpd version 1.2.10 from my older Linux system and replaced the 1.3.0a version on the newer Linux. This time proftpd -t worked. If I change the proftpd.conf file to specify standalone and run 'proftpd -n -d 1', that now works and I can ftp files. I can also now use inetd. There must be some funky build setting in the 1.3.0a version. I suppose I could research it, but the heck with that! I'll just run 1.2.10.
Avatar of Mark

ASKER

(in fact, maybe all I had to do was kill -HUP (inetd process)?!