go4java
asked on
Linksys NSLU2 // FTP Port 21 disabled, FTP not possible
I've the NSLU2 box since 2 years and discovered some time ago, that FTP does not work anymore.
I scanned the box and this is the result of the port scan:
Scanning NSLU2 (192.168.178.99) [1714 ports]
Discovered open port 22/tcp on 192.168.178.99
Discovered open port 80/tcp on 192.168.178.99
Discovered open port 23/tcp on 192.168.178.99
Discovered open port 445/tcp on 192.168.178.99
Discovered open port 873/tcp on 192.168.178.99
Discovered open port 139/tcp on 192.168.178.99
1. Port 21 does not appear?
2. Tried active + passive mode access, does not work
3. Firewall rules were set to port 21
4. all network devices within LAN are in subnet 192.168.178
Is there a way to re-install FTP on NSLU2 as it was at the beginning?
I scanned the box and this is the result of the port scan:
Scanning NSLU2 (192.168.178.99) [1714 ports]
Discovered open port 22/tcp on 192.168.178.99
Discovered open port 80/tcp on 192.168.178.99
Discovered open port 23/tcp on 192.168.178.99
Discovered open port 445/tcp on 192.168.178.99
Discovered open port 873/tcp on 192.168.178.99
Discovered open port 139/tcp on 192.168.178.99
1. Port 21 does not appear?
2. Tried active + passive mode access, does not work
3. Firewall rules were set to port 21
4. all network devices within LAN are in subnet 192.168.178
Is there a way to re-install FTP on NSLU2 as it was at the beginning?
If you can telnet to the box, check to make sure that ftp is up and running. It looks like it is based on the fact that you could connect to it from itself.
If it is up and running, then a firewall somewhere is blocking port 21. Uninstalling and re-installing ftp will not fix this.
You need to look at the firewall settings. What OS is this?
If it is up and running, then a firewall somewhere is blocking port 21. Uninstalling and re-installing ftp will not fix this.
You need to look at the firewall settings. What OS is this?
ASKER
All firewalls (except the Gateway) are down.
All components within LAN.
It's a stripped Mini-Linux OS 2.x.
All components within LAN.
It's a stripped Mini-Linux OS 2.x.
Telnet to the box and issue the command:
netstat -anA inet
This should show all the open ip sockets for IPV4 addresses. Look to verify that there is on listening on port 21 and what IP address it is listening on.
netstat -anA inet
This should show all the open ip sockets for IPV4 addresses. Look to verify that there is on listening on port 21 and what IP address it is listening on.
ASKER
...that's what I got:
NSLU2 login: root
Password:
Welcome to Unslung V2.3R63-uNSLUng-6.8-beta
---------- NOTE: THIS SYSTEM IS CURRENTLY UNSLUNG ----------
BusyBox v0.60.4 (2005.03.22-06:52+0000) Built-in shell (ash)
Enter 'help' for a list of built-in commands.
# bash
bash-3.2# netstat -anA inet
bash: netstat: command not found
bash-3.2#
NSLU2 login: root
Password:
Welcome to Unslung V2.3R63-uNSLUng-6.8-beta
---------- NOTE: THIS SYSTEM IS CURRENTLY UNSLUNG ----------
BusyBox v0.60.4 (2005.03.22-06:52+0000) Built-in shell (ash)
Enter 'help' for a list of built-in commands.
# bash
bash-3.2# netstat -anA inet
bash: netstat: command not found
bash-3.2#
O.K. it seems that this a really stripped down. So I am not sure what command are available or not. Basically you need to figure out if the ftp server is running and what IP address and port it is listening on. Generally the netstat command would provide that.
netstat may be there, it just may not be in the default path. You may want to try looking for it in some of the "obvious" places:
/bin
/sbin
/usr/bin
/usr/sbin
if NSLU2 has the find command you could try looking for it by entering:
find / -name netstat
You could try and look at the ftp servers configuration, but not knowing which ftp server your running with I have no clue which file to look at.
netstat may be there, it just may not be in the default path. You may want to try looking for it in some of the "obvious" places:
/bin
/sbin
/usr/bin
/usr/sbin
if NSLU2 has the find command you could try looking for it by entering:
find / -name netstat
You could try and look at the ftp servers configuration, but not knowing which ftp server your running with I have no clue which file to look at.
ASKER
...there are some commands available, under /opt/bin.
But not sure whether these are executables, I get the same error as above.
Are these links to other places? => Screenshot
ScreenShot-002.jpg
But not sure whether these are executables, I get the same error as above.
Are these links to other places? => Screenshot
ScreenShot-002.jpg
Based on what little I can see netstsat is symbolically linked to /opt/bin/net-tools-netstat .
If net-tools-netstat is the same as netstat, then you should be able to enter:
/opt/bin/net-tools-netstat -anA inet
and get back a list of what ports are open. You want to look for port 21.
If net-tools-netstat is the same as netstat, then you should be able to enter:
/opt/bin/net-tools-netstat
and get back a list of what ports are open. You want to look for port 21.
ASKER
...the output:
# bash
bash-3.2# cd /opt/bin
bash-3.2# ls nets*
netstat
bash-3.2# /opt/bin/net-tools-netstat -anA inet
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 192.168.178.99:9000 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:9000 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:873 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:139 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:23 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:445 0.0.0.0:* LISTEN
tcp 0 138 192.168.178.99:23 192.168.178.24:1605 ESTABLISHED
tcp 0 0 192.168.178.99:139 192.168.178.24:1564 ESTABLISHED
tcp 0 0 192.168.178.99:9000 192.168.178.24:1039 ESTABLISHED
udp 0 0 192.168.178.99:137 0.0.0.0:*
udp 0 0 0.0.0.0:137 0.0.0.0:*
udp 0 0 192.168.178.99:138 0.0.0.0:*
udp 0 0 0.0.0.0:138 0.0.0.0:*
udp 0 0 0.0.0.0:915 0.0.0.0:*
udp 0 0 0.0.0.0:917 0.0.0.0:*
udp 0 0 0.0.0.0:918 0.0.0.0:*
udp 0 0 127.0.0.1:1078 0.0.0.0:*
udp 0 0 192.168.178.99:1900 0.0.0.0:*
udp 0 0 239.255.255.250:1900 0.0.0.0:*
udp 0 0 192.168.178.99:9080 0.0.0.0:*
bash-3.2#
# bash
bash-3.2# cd /opt/bin
bash-3.2# ls nets*
netstat
bash-3.2# /opt/bin/net-tools-netstat
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 192.168.178.99:9000 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:9000 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:873 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:139 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:23 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:445 0.0.0.0:* LISTEN
tcp 0 138 192.168.178.99:23 192.168.178.24:1605 ESTABLISHED
tcp 0 0 192.168.178.99:139 192.168.178.24:1564 ESTABLISHED
tcp 0 0 192.168.178.99:9000 192.168.178.24:1039 ESTABLISHED
udp 0 0 192.168.178.99:137 0.0.0.0:*
udp 0 0 0.0.0.0:137 0.0.0.0:*
udp 0 0 192.168.178.99:138 0.0.0.0:*
udp 0 0 0.0.0.0:138 0.0.0.0:*
udp 0 0 0.0.0.0:915 0.0.0.0:*
udp 0 0 0.0.0.0:917 0.0.0.0:*
udp 0 0 0.0.0.0:918 0.0.0.0:*
udp 0 0 127.0.0.1:1078 0.0.0.0:*
udp 0 0 192.168.178.99:1900 0.0.0.0:*
udp 0 0 239.255.255.250:1900 0.0.0.0:*
udp 0 0 192.168.178.99:9080 0.0.0.0:*
bash-3.2#
O.K. There is something listening on port 21 and it is safe to assume it is ftp. Do you no if NSLU2 has iptables installed and configured?
You can try issuing the command:
iptables -L
If that does not work, then try using the find command to see if iptables exists.
You can try issuing the command:
iptables -L
If that does not work, then try using the find command to see if iptables exists.
ASKER
iptables unfortunately is not installed with Unslung and from what I read it's not easy to install/configure:
http://www.nslu2-linux.org/wiki/HowTo/EnableFirewall
...besides possible implications to a running system ;-)
Any other way to find out what you need?
http://www.nslu2-linux.org/wiki/HowTo/EnableFirewall
...besides possible implications to a running system ;-)
Any other way to find out what you need?
O.K. You stated that you had a firewall. Where is the firewall? On your computer or is it on some device inbetween your computer and the NSLU2 box?
ASKER
...the firewall is on my router (AVM Fritz box 7170, the most common router here in Germany).
This firewall only blocks traffic from the outside (Internet).
This router also works as 4-port-switch, modem, VoIP etc.
The firewall rules / port forwarding - but actually not used by my LAN - are set:
port 21 (FTP) -> NSLU2
port 80 (http) -> Network Camera
No firewall on my PC or the NSLU2.
I fear the FTP service of my NSLU2 is somehow corrupt...
This firewall only blocks traffic from the outside (Internet).
This router also works as 4-port-switch, modem, VoIP etc.
The firewall rules / port forwarding - but actually not used by my LAN - are set:
port 21 (FTP) -> NSLU2
port 80 (http) -> Network Camera
No firewall on my PC or the NSLU2.
I fear the FTP service of my NSLU2 is somehow corrupt...
I am assuming that you have "stopped and restarted" the NSLU2 box. Assuming NSLU2 has logs (normally in /var/log/messages) are there any error messages in the log file?
Have you checked the ftp server configuration? Have you stopped and restarted just the ftp server? Sometimes ftp is controlled by a process called inetd. You may want to verify the inetd configuartion.
Have you checked the ftp server configuration? Have you stopped and restarted just the ftp server? Sometimes ftp is controlled by a process called inetd. You may want to verify the inetd configuartion.
ASKER
...the file /var/log/messages contains:
<78>Feb 5 03:02:59 cron[435]: loading crontab file /etc/crontab
<44>Feb 5 03:04:44 klogd: EXT3-fs warning: maximal mount count reached, running e2fsck is recommended
<46>Feb 5 03:04:44 klogd: EXT3 FS 2.4-0.9.19, 19 August 2002 on sd(8,17), internal journal
<78>Feb 5 03:05:09 /opt/sbin/cron[495]: (CRON) STARTUP (V5.0)
<31>Feb 5 03:05:10 xinetd[502]: Reading included configuration file: /opt/etc/xinetd.d/telnetd [file=/opt/etc/xinetd.conf ] [line=15]
<31>Feb 5 03:05:10 xinetd[502]: Reading included configuration file: /opt/etc/xinetd.d/vsftpd [file=/opt/etc/xinetd.d/vs ftpd] [line=15]
<28>Feb 5 03:05:10 xinetd[502]: Bad service flag: REUSE^M [file=/opt/etc/xinetd.d/vs ftpd] [line=3]
<27>Feb 5 03:05:10 xinetd[502]: Error parsing attribute flags - DISABLING SERVICE [file=/opt/etc/xinetd.d/vs ftpd] [line=3]
<27>Feb 5 03:05:10 xinetd[502]: Bad socket type: stream^M [file=/opt/etc/xinetd.d/vs ftpd] [line=4]
<27>Feb 5 03:05:10 xinetd[502]: Error parsing attribute socket_type - DISABLING SERVICE [file=/opt/etc/xinetd.d/vs ftpd] [line=4]
<27>Feb 5 03:05:10 xinetd[502]: Protocol tcp^M not in /etc/protocols [file=/opt/etc/xinetd.d/vs ftpd] [line=5]
<27>Feb 5 03:05:10 xinetd[502]: Error parsing attribute protocol - DISABLING SERVICE [file=/opt/etc/xinetd.d/vs ftpd] [line=5]
<27>Feb 5 03:05:10 xinetd[502]: Bad value for wait: no^M [file=/opt/etc/xinetd.d/vs ftpd] [line=6]
<27>Feb 5 03:05:10 xinetd[502]: Error parsing attribute wait - DISABLING SERVICE [file=/opt/etc/xinetd.d/vs ftpd] [line=6]
<27>Feb 5 03:05:10 xinetd[502]: Unknown user: root^M [file=/opt/etc/xinetd.d/vs ftpd] [line=7]
<27>Feb 5 03:05:10 xinetd[502]: Error parsing attribute user - DISABLING SERVICE [file=/opt/etc/xinetd.d/vs ftpd] [line=7]
<27>Feb 5 03:05:10 xinetd[502]: Server /opt/sbin/vsftpd^M is not executable [file=/opt/etc/xinetd.d/vs ftpd] [line=8]
<27>Feb 5 03:05:10 xinetd[502]: Error parsing attribute server - DISABLING SERVICE [file=/opt/etc/xinetd.d/vs ftpd] [line=8]
<31>Feb 5 03:05:10 xinetd[502]: removing ftp^M
<29>Feb 5 03:05:10 xinetd[502]: xinetd Version 2.3.14 started with no options compiled in.
<29>Feb 5 03:05:10 xinetd[502]: Started working: 1 available service
<38>Feb 5 03:05:10 sshd[509]: Server listening on 0.0.0.0 port 22.
<38>Feb 5 03:05:11 saslauthd[522]: detach_tty : master pid is: 522
<38>Feb 5 03:05:11 saslauthd[522]: ipc_init : listening on socket: /opt/var/state/saslauthd/m ux
<158>Feb 5 03:05:13 rsyncd[529]: rsyncd version 2.6.9 starting, listening on port 873
...and these are the currently running processes:
# bash
bash-3.2# ps
PID TTY Uid Size State Command
1 root 1212 S /bin/init
2 root 0 S [keventd]
3 root 0 R [ksoftirqd_CPU0]
4 root 0 S [kswapd]
5 root 0 S [bdflush]
6 root 0 S [kupdated]
7 root 0 S [mtdblockd]
8 root 0 S [khubd]
9 root 0 S [jffs2_gcd_mtd4]
10 root 0 S [usb-storage-0]
11 root 0 S [scsi_eh_1]
16 root 0 S [sd-mc-thread]
19 root 0 S [usb-storage-1]
20 root 0 S [scsi_eh_0]
29 root 0 S [kjournald]
52 root 0 D [ixp425_csr]
53 root 0 S [ixp425 ixp0]
56 ttyS0 root 1916 S /bin/sh
57 root 1936 S /sbin/syslogd -n
58 root 1924 S /sbin/klogd -n
154 root 0 S [kjournald]
159 root 0 S [kjournald]
355 root 2144 S /usr/sbin/thttpd -C /etc/thttpd.conf
379 root 6160 S /usr/sbin/smbd -D
381 root 4812 S /usr/sbin/nmbd -D
401 root 6160 S /usr/sbin/smbd -D
409 root 1952 S /usr/sbin/QuickSet
413 root 1904 S /usr/sbin/USB_Detect
418 root 1900 S /usr/sbin/USB_Detect
421 root 1884 S /usr/sbin/onetouch_detect
422 root 1884 S /usr/sbin/onetouch_detect
435 root 1296 S /usr/sbin/crond
442 root 1928 S /usr/sbin/CheckResetButton
444 root 1196 S /usr/sbin/CheckPowerButton
448 root 1196 S /usr/sbin/do_umount
495 root 1320 S /opt/sbin/cron
502 root 2280 S /opt/sbin/xinetd
509 root 3204 S /opt/sbin/sshd
522 root 1552 S /opt/sbin/saslauthd -a getpwent -n 1
529 root 1556 S /opt/bin/rsync --daemon
542 root 1312 S /share/hdd/data/twonkyvisi on/twonkym edia
543 root 16668 S /share/hdd/data/twonkyvisi on/twonkym ediaser
544 root 16668 S /share/hdd/data/twonkyvisi on/twonkym ediaser
545 root 16668 S /share/hdd/data/twonkyvisi on/twonkym ediaser
546 root 16668 S /share/hdd/data/twonkyvisi on/twonkym ediaser
547 root 16668 S /share/hdd/data/twonkyvisi on/twonkym ediaser
548 root 16668 S /share/hdd/data/twonkyvisi on/twonkym ediaser
549 root 16668 S /share/hdd/data/twonkyvisi on/twonkym ediaser
551 root 16668 S /share/hdd/data/twonkyvisi on/twonkym ediaser
793 root 16668 S /share/hdd/data/twonkyvisi on/twonkym ediaser
1460 root 2144 S /usr/sbin/thttpd -C /etc/thttpd.conf
1476 root 1288 R /bin/inetd
1477 root 1256 R telnetd
1478 ttyp0 root 1928 S -sh
1483 ttyp0 root 2148 S bash
1484 root 5968 S sshd: root@notty
1486 root 1912 S sh -c /opt/libexec/sftp-server
1487 root 3088 S /opt/libexec/sftp-server
1494 ttyp0 root 1984 R ps
bash-3.2#
<78>Feb 5 03:02:59 cron[435]: loading crontab file /etc/crontab
<44>Feb 5 03:04:44 klogd: EXT3-fs warning: maximal mount count reached, running e2fsck is recommended
<46>Feb 5 03:04:44 klogd: EXT3 FS 2.4-0.9.19, 19 August 2002 on sd(8,17), internal journal
<78>Feb 5 03:05:09 /opt/sbin/cron[495]: (CRON) STARTUP (V5.0)
<31>Feb 5 03:05:10 xinetd[502]: Reading included configuration file: /opt/etc/xinetd.d/telnetd [file=/opt/etc/xinetd.conf
<31>Feb 5 03:05:10 xinetd[502]: Reading included configuration file: /opt/etc/xinetd.d/vsftpd [file=/opt/etc/xinetd.d/vs
<28>Feb 5 03:05:10 xinetd[502]: Bad service flag: REUSE^M [file=/opt/etc/xinetd.d/vs
<27>Feb 5 03:05:10 xinetd[502]: Error parsing attribute flags - DISABLING SERVICE [file=/opt/etc/xinetd.d/vs
<27>Feb 5 03:05:10 xinetd[502]: Bad socket type: stream^M [file=/opt/etc/xinetd.d/vs
<27>Feb 5 03:05:10 xinetd[502]: Error parsing attribute socket_type - DISABLING SERVICE [file=/opt/etc/xinetd.d/vs
<27>Feb 5 03:05:10 xinetd[502]: Protocol tcp^M not in /etc/protocols [file=/opt/etc/xinetd.d/vs
<27>Feb 5 03:05:10 xinetd[502]: Error parsing attribute protocol - DISABLING SERVICE [file=/opt/etc/xinetd.d/vs
<27>Feb 5 03:05:10 xinetd[502]: Bad value for wait: no^M [file=/opt/etc/xinetd.d/vs
<27>Feb 5 03:05:10 xinetd[502]: Error parsing attribute wait - DISABLING SERVICE [file=/opt/etc/xinetd.d/vs
<27>Feb 5 03:05:10 xinetd[502]: Unknown user: root^M [file=/opt/etc/xinetd.d/vs
<27>Feb 5 03:05:10 xinetd[502]: Error parsing attribute user - DISABLING SERVICE [file=/opt/etc/xinetd.d/vs
<27>Feb 5 03:05:10 xinetd[502]: Server /opt/sbin/vsftpd^M is not executable [file=/opt/etc/xinetd.d/vs
<27>Feb 5 03:05:10 xinetd[502]: Error parsing attribute server - DISABLING SERVICE [file=/opt/etc/xinetd.d/vs
<31>Feb 5 03:05:10 xinetd[502]: removing ftp^M
<29>Feb 5 03:05:10 xinetd[502]: xinetd Version 2.3.14 started with no options compiled in.
<29>Feb 5 03:05:10 xinetd[502]: Started working: 1 available service
<38>Feb 5 03:05:10 sshd[509]: Server listening on 0.0.0.0 port 22.
<38>Feb 5 03:05:11 saslauthd[522]: detach_tty : master pid is: 522
<38>Feb 5 03:05:11 saslauthd[522]: ipc_init : listening on socket: /opt/var/state/saslauthd/m
<158>Feb 5 03:05:13 rsyncd[529]: rsyncd version 2.6.9 starting, listening on port 873
...and these are the currently running processes:
# bash
bash-3.2# ps
PID TTY Uid Size State Command
1 root 1212 S /bin/init
2 root 0 S [keventd]
3 root 0 R [ksoftirqd_CPU0]
4 root 0 S [kswapd]
5 root 0 S [bdflush]
6 root 0 S [kupdated]
7 root 0 S [mtdblockd]
8 root 0 S [khubd]
9 root 0 S [jffs2_gcd_mtd4]
10 root 0 S [usb-storage-0]
11 root 0 S [scsi_eh_1]
16 root 0 S [sd-mc-thread]
19 root 0 S [usb-storage-1]
20 root 0 S [scsi_eh_0]
29 root 0 S [kjournald]
52 root 0 D [ixp425_csr]
53 root 0 S [ixp425 ixp0]
56 ttyS0 root 1916 S /bin/sh
57 root 1936 S /sbin/syslogd -n
58 root 1924 S /sbin/klogd -n
154 root 0 S [kjournald]
159 root 0 S [kjournald]
355 root 2144 S /usr/sbin/thttpd -C /etc/thttpd.conf
379 root 6160 S /usr/sbin/smbd -D
381 root 4812 S /usr/sbin/nmbd -D
401 root 6160 S /usr/sbin/smbd -D
409 root 1952 S /usr/sbin/QuickSet
413 root 1904 S /usr/sbin/USB_Detect
418 root 1900 S /usr/sbin/USB_Detect
421 root 1884 S /usr/sbin/onetouch_detect
422 root 1884 S /usr/sbin/onetouch_detect
435 root 1296 S /usr/sbin/crond
442 root 1928 S /usr/sbin/CheckResetButton
444 root 1196 S /usr/sbin/CheckPowerButton
448 root 1196 S /usr/sbin/do_umount
495 root 1320 S /opt/sbin/cron
502 root 2280 S /opt/sbin/xinetd
509 root 3204 S /opt/sbin/sshd
522 root 1552 S /opt/sbin/saslauthd -a getpwent -n 1
529 root 1556 S /opt/bin/rsync --daemon
542 root 1312 S /share/hdd/data/twonkyvisi
543 root 16668 S /share/hdd/data/twonkyvisi
544 root 16668 S /share/hdd/data/twonkyvisi
545 root 16668 S /share/hdd/data/twonkyvisi
546 root 16668 S /share/hdd/data/twonkyvisi
547 root 16668 S /share/hdd/data/twonkyvisi
548 root 16668 S /share/hdd/data/twonkyvisi
549 root 16668 S /share/hdd/data/twonkyvisi
551 root 16668 S /share/hdd/data/twonkyvisi
793 root 16668 S /share/hdd/data/twonkyvisi
1460 root 2144 S /usr/sbin/thttpd -C /etc/thttpd.conf
1476 root 1288 R /bin/inetd
1477 root 1256 R telnetd
1478 ttyp0 root 1928 S -sh
1483 ttyp0 root 2148 S bash
1484 root 5968 S sshd: root@notty
1486 root 1912 S sh -c /opt/libexec/sftp-server
1487 root 3088 S /opt/libexec/sftp-server
1494 ttyp0 root 1984 R ps
bash-3.2#
Umm, according to the log there are some problems with the configuration for vsftp. You may want to double check what the file file=/opt/etc/xinetd.d/vsf tpd has in it. It looks like it is not setup correctly. Before you update anything in the file though I would suggest you look at the date on it. See when it was last updated.
With that many errors I am surprised that port 21 is actually open. You may want to issue the netstat command with the option "-anpA inet" this will show you what programs have each port open.
I notices that there is a process called "sftp-server" running. I am assuming that this is a sftp (SSH ftp) server. Have you though about using sftp instead of ftp?
sftp is not real ftp, but it works close enough for most people and is considered much more secure that plain text ftp because SSH will encrypt everything.
With that many errors I am surprised that port 21 is actually open. You may want to issue the netstat command with the option "-anpA inet" this will show you what programs have each port open.
I notices that there is a process called "sftp-server" running. I am assuming that this is a sftp (SSH ftp) server. Have you though about using sftp instead of ftp?
sftp is not real ftp, but it works close enough for most people and is considered much more secure that plain text ftp because SSH will encrypt everything.
ASKER
...the file /opt/etc/xinetd.d/vsftpd contains (updated 28. Jan 2008):
service ftp
{
flags = REUSE
socket_type = stream
protocol = tcp
wait = no
user = root
server = /opt/sbin/vsftpd
server_args = /opt/etc/vsftpd.conf
}
...is there any IP missing?
+++
# bash
bash-3.2# /opt/bin/netstat
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 2 NSLU2:telnet nx6325:1402 ESTABLISHED
tcp 0 0 NSLU2:www nx6325:1301 TIME_WAIT
tcp 0 0 NSLU2:www nx6325:1401 ESTABLISHED
tcp 0 0 NSLU2:www nx6325:1399 TIME_WAIT
tcp 0 0 NSLU2:www nx6325:1397 TIME_WAIT
tcp 0 0 NSLU2:www nx6325:1395 TIME_WAIT
tcp 0 0 NSLU2:www nx6325:1393 TIME_WAIT
tcp 0 0 NSLU2:ssh nx6325:1302 ESTABLISHED
tcp 0 0 NSLU2:9000 nx6325:1037 ESTABLISHED
Active UNIX domain sockets (w/o servers)
Proto RefCnt Flags Type State I-Node Path
unix 8 [ ] DGRAM 27 /var/tmp/log
unix 3 [ ] STREAM CONNECTED 22056
unix 3 [ ] STREAM CONNECTED 22055
unix 3 [ ] STREAM CONNECTED 22054
unix 3 [ ] STREAM CONNECTED 22053
unix 2 [ ] DGRAM 1875
unix 2 [ ] DGRAM 1781
unix 2 [ ] DGRAM 1589
unix 2 [ ] DGRAM 1502
unix 2 [ ] DGRAM 1081
unix 2 [ ] DGRAM 626
bash-3.2# /opt/bin/netstat -anpA inet
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
PID/Program name
tcp 0 0 192.168.178.99:9000 0.0.0.0:* LISTEN
543/twonkymediaserv
tcp 0 0 127.0.0.1:9000 0.0.0.0:* LISTEN
543/twonkymediaserv
tcp 0 0 0.0.0.0:873 0.0.0.0:* LISTEN
529/rsync
tcp 0 0 0.0.0.0:139 0.0.0.0:* LISTEN
379/smbd
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN
355/thttpd
tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN
1603/inetd
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
509/sshd
tcp 0 0 0.0.0.0:23 0.0.0.0:* LISTEN
502/xinetd
tcp 0 0 0.0.0.0:445 0.0.0.0:* LISTEN
379/smbd
tcp 0 0 192.168.178.99:9000 192.168.178.20:2817 TIME_WAIT
-
tcp 0 668 192.168.178.99:23 192.168.178.24:1402 ESTABLISHED
1604/telnetd
tcp 0 0 192.168.178.99:80 192.168.178.24:1401 ESTABLISHED
1587/thttpd
tcp 0 0 192.168.178.99:22 192.168.178.24:1302 ESTABLISHED
1570/sshd: root@not
tcp 0 0 192.168.178.99:9000 192.168.178.24:1037 ESTABLISHED
543/twonkymediaserv
udp 0 0 192.168.178.99:137 0.0.0.0:*
381/nmbd
udp 0 0 0.0.0.0:137 0.0.0.0:*
381/nmbd
udp 0 0 192.168.178.99:138 0.0.0.0:*
381/nmbd
udp 0 0 0.0.0.0:138 0.0.0.0:*
381/nmbd
udp 0 0 0.0.0.0:915 0.0.0.0:*
409/QuickSet
udp 0 0 0.0.0.0:917 0.0.0.0:*
418/USB_Detect
udp 0 0 0.0.0.0:918 0.0.0.0:*
422/onetouch_detect
udp 0 0 192.168.178.99:1900 0.0.0.0:*
543/twonkymediaserv
udp 0 0 239.255.255.250:1900 0.0.0.0:*
543/twonkymediaserv
udp 0 0 192.168.178.99:9080 0.0.0.0:*
543/twonkymediaserv
bash-3.2#
+++
Yes, SFTP would be better. I need simple FTP for my Axis netcam.
service ftp
{
flags = REUSE
socket_type = stream
protocol = tcp
wait = no
user = root
server = /opt/sbin/vsftpd
server_args = /opt/etc/vsftpd.conf
}
...is there any IP missing?
+++
# bash
bash-3.2# /opt/bin/netstat
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 2 NSLU2:telnet nx6325:1402 ESTABLISHED
tcp 0 0 NSLU2:www nx6325:1301 TIME_WAIT
tcp 0 0 NSLU2:www nx6325:1401 ESTABLISHED
tcp 0 0 NSLU2:www nx6325:1399 TIME_WAIT
tcp 0 0 NSLU2:www nx6325:1397 TIME_WAIT
tcp 0 0 NSLU2:www nx6325:1395 TIME_WAIT
tcp 0 0 NSLU2:www nx6325:1393 TIME_WAIT
tcp 0 0 NSLU2:ssh nx6325:1302 ESTABLISHED
tcp 0 0 NSLU2:9000 nx6325:1037 ESTABLISHED
Active UNIX domain sockets (w/o servers)
Proto RefCnt Flags Type State I-Node Path
unix 8 [ ] DGRAM 27 /var/tmp/log
unix 3 [ ] STREAM CONNECTED 22056
unix 3 [ ] STREAM CONNECTED 22055
unix 3 [ ] STREAM CONNECTED 22054
unix 3 [ ] STREAM CONNECTED 22053
unix 2 [ ] DGRAM 1875
unix 2 [ ] DGRAM 1781
unix 2 [ ] DGRAM 1589
unix 2 [ ] DGRAM 1502
unix 2 [ ] DGRAM 1081
unix 2 [ ] DGRAM 626
bash-3.2# /opt/bin/netstat -anpA inet
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
PID/Program name
tcp 0 0 192.168.178.99:9000 0.0.0.0:* LISTEN
543/twonkymediaserv
tcp 0 0 127.0.0.1:9000 0.0.0.0:* LISTEN
543/twonkymediaserv
tcp 0 0 0.0.0.0:873 0.0.0.0:* LISTEN
529/rsync
tcp 0 0 0.0.0.0:139 0.0.0.0:* LISTEN
379/smbd
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN
355/thttpd
tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN
1603/inetd
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
509/sshd
tcp 0 0 0.0.0.0:23 0.0.0.0:* LISTEN
502/xinetd
tcp 0 0 0.0.0.0:445 0.0.0.0:* LISTEN
379/smbd
tcp 0 0 192.168.178.99:9000 192.168.178.20:2817 TIME_WAIT
-
tcp 0 668 192.168.178.99:23 192.168.178.24:1402 ESTABLISHED
1604/telnetd
tcp 0 0 192.168.178.99:80 192.168.178.24:1401 ESTABLISHED
1587/thttpd
tcp 0 0 192.168.178.99:22 192.168.178.24:1302 ESTABLISHED
1570/sshd: root@not
tcp 0 0 192.168.178.99:9000 192.168.178.24:1037 ESTABLISHED
543/twonkymediaserv
udp 0 0 192.168.178.99:137 0.0.0.0:*
381/nmbd
udp 0 0 0.0.0.0:137 0.0.0.0:*
381/nmbd
udp 0 0 192.168.178.99:138 0.0.0.0:*
381/nmbd
udp 0 0 0.0.0.0:138 0.0.0.0:*
381/nmbd
udp 0 0 0.0.0.0:915 0.0.0.0:*
409/QuickSet
udp 0 0 0.0.0.0:917 0.0.0.0:*
418/USB_Detect
udp 0 0 0.0.0.0:918 0.0.0.0:*
422/onetouch_detect
udp 0 0 192.168.178.99:1900 0.0.0.0:*
543/twonkymediaserv
udp 0 0 239.255.255.250:1900 0.0.0.0:*
543/twonkymediaserv
udp 0 0 192.168.178.99:9080 0.0.0.0:*
543/twonkymediaserv
bash-3.2#
+++
Yes, SFTP would be better. I need simple FTP for my Axis netcam.
ASKER
...and this is the output of a FileZilla connection, right now:
Status: Connecting to 192.168.178.99 ...
Status: Connected with 192.168.178.99. Waiting for welcome message...
Error: Timeout detected!
Error: Unable to connect!
Status: Connecting to 192.168.178.99 ...
Status: Connected with 192.168.178.99. Waiting for welcome message...
Error: Timeout detected!
Error: Unable to connect!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Many thanks for your help. I've been trying to resolve my problem through different 'expert' forums - YOU have been of great help, I could learn something and YOU FOUND A SOLUTION.
All the best from Germany, Rainer
All the best from Germany, Rainer
Thank you for the grade and I am glad to be of help. The best way to learn new things is to help others. That is why forums like this are wonderful. It helps the helper and the helpee both learn.
ASKER
Welcome to Unslung V2.3R63-uNSLUng-6.8-beta
BusyBox v0.60.4 (2005.03.22-06:52+0000) Built-in shell (ash)
Enter 'help' for a list of built-in commands.
# ftp nslu2
Connected to NSLU2.
+++
So there seems to be a successful connection to the NSLU2 box itself, but there is no authentication process. Port 21 seems to be blocked.