Linksys NSLU2 // FTP Port 21 disabled, FTP not possible

I've the NSLU2 box since 2 years and discovered some time ago, that FTP does not work anymore.
I scanned the box and this is the result of the port scan:

Scanning NSLU2 (192.168.178.99) [1714 ports]
Discovered open port 22/tcp on 192.168.178.99
Discovered open port 80/tcp on 192.168.178.99
Discovered open port 23/tcp on 192.168.178.99
Discovered open port 445/tcp on 192.168.178.99
Discovered open port 873/tcp on 192.168.178.99
Discovered open port 139/tcp on 192.168.178.99

1. Port 21 does not appear?
2. Tried active + passive mode access, does not work
3. Firewall rules were set to port 21
4. all network devices within LAN are in subnet 192.168.178

Is there a way to re-install FTP on NSLU2 as it was at the beginning?
go4javaAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

go4javaAuthor Commented:
I connected to NSLU2 with Telnet and started ftp <name_of_nslu2>, the result as follows:

Welcome to Unslung V2.3R63-uNSLUng-6.8-beta
BusyBox v0.60.4 (2005.03.22-06:52+0000) Built-in shell (ash)
Enter 'help' for a list of built-in commands.

# ftp nslu2
Connected to NSLU2.

+++

So there seems to be a successful connection to the NSLU2 box itself, but there is no authentication process. Port 21 seems to be blocked.

0
giltjrCommented:
If you can telnet to the box, check to make sure that ftp is up and running.  It looks like it is based on the fact that you could connect to it from itself.

If it is up and running, then a firewall somewhere is blocking port 21.  Uninstalling and re-installing ftp will not fix this.

You need to look at the firewall settings.  What OS is this?
0
go4javaAuthor Commented:
All firewalls (except the Gateway) are down.
All components within LAN.
It's a stripped Mini-Linux OS 2.x.
0
Upgrade your Question Security!

Your question, your audience. Choose who sees your identity—and your question—with question security.

giltjrCommented:
Telnet to the box and issue the command:

     netstat -anA inet

This should show all the open ip sockets for IPV4 addresses.  Look to verify that there is on listening on port 21 and what IP address it is listening on.  
0
go4javaAuthor Commented:
...that's what I got:


NSLU2 login: root
Password:

Welcome to Unslung V2.3R63-uNSLUng-6.8-beta

   ---------- NOTE: THIS SYSTEM IS CURRENTLY UNSLUNG ----------


BusyBox v0.60.4 (2005.03.22-06:52+0000) Built-in shell (ash)
Enter 'help' for a list of built-in commands.

# bash
bash-3.2# netstat -anA inet
bash: netstat: command not found
bash-3.2#
0
giltjrCommented:
O.K. it seems that this a really stripped down.  So I am not sure what command are available or not.  Basically you need to figure out if the ftp server is running and what IP address and port it is listening on.  Generally the netstat command would provide that.

netstat may be there, it just may not be in the default path.  You may want to try looking for it in some of the "obvious" places:

   /bin
   /sbin
   /usr/bin
   /usr/sbin

if NSLU2 has the find command you could try looking for it by entering:

    find / -name netstat

You could try and look at the ftp servers configuration, but not knowing which ftp server your running with I have no clue which file to look at.
0
go4javaAuthor Commented:
...there are some commands available, under /opt/bin.
But not sure whether these are executables, I get the same error as above.
Are these links to other places? => Screenshot
ScreenShot-002.jpg
0
giltjrCommented:
Based on what little I can see netstsat is symbolically linked to /opt/bin/net-tools-netstat.

If net-tools-netstat is the same as netstat, then you should be able to enter:


     /opt/bin/net-tools-netstat -anA inet

and get back a list of what ports are open.  You want to look for port 21.
0
go4javaAuthor Commented:
...the output:

# bash
bash-3.2# cd /opt/bin
bash-3.2# ls nets*
netstat
bash-3.2# /opt/bin/net-tools-netstat -anA inet
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State
tcp        0      0 192.168.178.99:9000     0.0.0.0:*               LISTEN
tcp        0      0 127.0.0.1:9000          0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:873             0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:139             0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:21              0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:23              0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:445             0.0.0.0:*               LISTEN
tcp        0    138 192.168.178.99:23       192.168.178.24:1605     ESTABLISHED
tcp        0      0 192.168.178.99:139      192.168.178.24:1564     ESTABLISHED
tcp        0      0 192.168.178.99:9000     192.168.178.24:1039     ESTABLISHED
udp        0      0 192.168.178.99:137      0.0.0.0:*
udp        0      0 0.0.0.0:137             0.0.0.0:*
udp        0      0 192.168.178.99:138      0.0.0.0:*
udp        0      0 0.0.0.0:138             0.0.0.0:*
udp        0      0 0.0.0.0:915             0.0.0.0:*
udp        0      0 0.0.0.0:917             0.0.0.0:*
udp        0      0 0.0.0.0:918             0.0.0.0:*
udp        0      0 127.0.0.1:1078          0.0.0.0:*
udp        0      0 192.168.178.99:1900     0.0.0.0:*
udp        0      0 239.255.255.250:1900    0.0.0.0:*
udp        0      0 192.168.178.99:9080     0.0.0.0:*
bash-3.2#
0
giltjrCommented:
O.K.  There is something listening on port 21 and it is safe to assume it is ftp.  Do you no if NSLU2 has iptables installed and configured?

You can try issuing the command:

      iptables -L

If that does not work, then try using the find command to see if iptables exists.
0
go4javaAuthor Commented:
iptables unfortunately is not installed with Unslung and from what I read it's not easy to install/configure:

http://www.nslu2-linux.org/wiki/HowTo/EnableFirewall

...besides possible implications to a running system ;-)

Any other way to find out what you need?
0
giltjrCommented:
O.K.  You stated that you had a firewall.  Where is the firewall?  On your computer or is it on some device inbetween your computer and the NSLU2 box?
0
go4javaAuthor Commented:
...the firewall is on my router (AVM Fritz box 7170, the most common router here in Germany).

This firewall only blocks traffic from the outside (Internet).
This router also works as 4-port-switch, modem, VoIP etc.
The firewall rules / port forwarding - but actually not used by my LAN - are set:
port 21 (FTP) -> NSLU2
port 80 (http) -> Network Camera

No firewall on my PC or the NSLU2.

I fear the FTP service of my NSLU2 is somehow corrupt...
0
giltjrCommented:
I am assuming that you have "stopped and restarted" the NSLU2 box.  Assuming NSLU2 has logs (normally in /var/log/messages) are there any error messages  in the log file?

Have you checked the ftp server configuration?  Have you stopped and restarted just the ftp server?  Sometimes ftp is controlled by a process called inetd.  You may want to verify the inetd configuartion.

0
go4javaAuthor Commented:
...the file /var/log/messages contains:

<78>Feb  5 03:02:59 cron[435]: loading crontab file /etc/crontab
<44>Feb  5 03:04:44 klogd: EXT3-fs warning: maximal mount count reached, running e2fsck is recommended
<46>Feb  5 03:04:44 klogd: EXT3 FS 2.4-0.9.19, 19 August 2002 on sd(8,17), internal journal
<78>Feb  5 03:05:09 /opt/sbin/cron[495]: (CRON) STARTUP (V5.0)
<31>Feb  5 03:05:10 xinetd[502]: Reading included configuration file: /opt/etc/xinetd.d/telnetd [file=/opt/etc/xinetd.conf] [line=15]
<31>Feb  5 03:05:10 xinetd[502]: Reading included configuration file: /opt/etc/xinetd.d/vsftpd [file=/opt/etc/xinetd.d/vsftpd] [line=15]
<28>Feb  5 03:05:10 xinetd[502]: Bad service flag: REUSE^M [file=/opt/etc/xinetd.d/vsftpd] [line=3]
<27>Feb  5 03:05:10 xinetd[502]: Error parsing attribute flags - DISABLING SERVICE [file=/opt/etc/xinetd.d/vsftpd] [line=3]
<27>Feb  5 03:05:10 xinetd[502]: Bad socket type: stream^M [file=/opt/etc/xinetd.d/vsftpd] [line=4]
<27>Feb  5 03:05:10 xinetd[502]: Error parsing attribute socket_type - DISABLING SERVICE [file=/opt/etc/xinetd.d/vsftpd] [line=4]
<27>Feb  5 03:05:10 xinetd[502]: Protocol tcp^M not in /etc/protocols [file=/opt/etc/xinetd.d/vsftpd] [line=5]
<27>Feb  5 03:05:10 xinetd[502]: Error parsing attribute protocol - DISABLING SERVICE [file=/opt/etc/xinetd.d/vsftpd] [line=5]
<27>Feb  5 03:05:10 xinetd[502]: Bad value for wait: no^M [file=/opt/etc/xinetd.d/vsftpd] [line=6]
<27>Feb  5 03:05:10 xinetd[502]: Error parsing attribute wait - DISABLING SERVICE [file=/opt/etc/xinetd.d/vsftpd] [line=6]
<27>Feb  5 03:05:10 xinetd[502]: Unknown user: root^M [file=/opt/etc/xinetd.d/vsftpd] [line=7]
<27>Feb  5 03:05:10 xinetd[502]: Error parsing attribute user - DISABLING SERVICE [file=/opt/etc/xinetd.d/vsftpd] [line=7]
<27>Feb  5 03:05:10 xinetd[502]: Server /opt/sbin/vsftpd^M is not executable [file=/opt/etc/xinetd.d/vsftpd] [line=8]
<27>Feb  5 03:05:10 xinetd[502]: Error parsing attribute server - DISABLING SERVICE [file=/opt/etc/xinetd.d/vsftpd] [line=8]
<31>Feb  5 03:05:10 xinetd[502]: removing ftp^M
<29>Feb  5 03:05:10 xinetd[502]: xinetd Version 2.3.14 started with no options compiled in.
<29>Feb  5 03:05:10 xinetd[502]: Started working: 1 available service
<38>Feb  5 03:05:10 sshd[509]: Server listening on 0.0.0.0 port 22.
<38>Feb  5 03:05:11 saslauthd[522]: detach_tty      : master pid is: 522
<38>Feb  5 03:05:11 saslauthd[522]: ipc_init        : listening on socket: /opt/var/state/saslauthd/mux
<158>Feb  5 03:05:13 rsyncd[529]: rsyncd version 2.6.9 starting, listening on port 873  

...and these are the currently running processes:

# bash
bash-3.2# ps
  PID TTY     Uid        Size State Command
    1         root       1212   S   /bin/init
    2         root          0   S   [keventd]
    3         root          0   R   [ksoftirqd_CPU0]
    4         root          0   S   [kswapd]
    5         root          0   S   [bdflush]
    6         root          0   S   [kupdated]
    7         root          0   S   [mtdblockd]
    8         root          0   S   [khubd]
    9         root          0   S   [jffs2_gcd_mtd4]
   10         root          0   S   [usb-storage-0]
   11         root          0   S   [scsi_eh_1]
   16         root          0   S   [sd-mc-thread]
   19         root          0   S   [usb-storage-1]
   20         root          0   S   [scsi_eh_0]
   29         root          0   S   [kjournald]
   52         root          0   D   [ixp425_csr]
   53         root          0   S   [ixp425 ixp0]
   56 ttyS0   root       1916   S   /bin/sh
   57         root       1936   S   /sbin/syslogd -n
   58         root       1924   S   /sbin/klogd -n
  154         root          0   S   [kjournald]
  159         root          0   S   [kjournald]
  355         root       2144   S   /usr/sbin/thttpd -C /etc/thttpd.conf
  379         root       6160   S   /usr/sbin/smbd -D
  381         root       4812   S   /usr/sbin/nmbd -D
  401         root       6160   S   /usr/sbin/smbd -D
  409         root       1952   S   /usr/sbin/QuickSet
  413         root       1904   S   /usr/sbin/USB_Detect
  418         root       1900   S   /usr/sbin/USB_Detect
  421         root       1884   S   /usr/sbin/onetouch_detect
  422         root       1884   S   /usr/sbin/onetouch_detect
  435         root       1296   S   /usr/sbin/crond
  442         root       1928   S   /usr/sbin/CheckResetButton
  444         root       1196   S   /usr/sbin/CheckPowerButton
  448         root       1196   S   /usr/sbin/do_umount
  495         root       1320   S   /opt/sbin/cron
  502         root       2280   S   /opt/sbin/xinetd
  509         root       3204   S   /opt/sbin/sshd
  522         root       1552   S   /opt/sbin/saslauthd -a getpwent -n 1
  529         root       1556   S   /opt/bin/rsync --daemon
  542         root       1312   S   /share/hdd/data/twonkyvision/twonkymedia
  543         root      16668   S   /share/hdd/data/twonkyvision/twonkymediaser
  544         root      16668   S   /share/hdd/data/twonkyvision/twonkymediaser
  545         root      16668   S   /share/hdd/data/twonkyvision/twonkymediaser
  546         root      16668   S   /share/hdd/data/twonkyvision/twonkymediaser
  547         root      16668   S   /share/hdd/data/twonkyvision/twonkymediaser
  548         root      16668   S   /share/hdd/data/twonkyvision/twonkymediaser
  549         root      16668   S   /share/hdd/data/twonkyvision/twonkymediaser
  551         root      16668   S   /share/hdd/data/twonkyvision/twonkymediaser
  793         root      16668   S   /share/hdd/data/twonkyvision/twonkymediaser
 1460         root       2144   S   /usr/sbin/thttpd -C /etc/thttpd.conf
 1476         root       1288   R   /bin/inetd
 1477         root       1256   R   telnetd
 1478 ttyp0   root       1928   S   -sh
 1483 ttyp0   root       2148   S   bash
 1484         root       5968   S   sshd: root@notty
 1486         root       1912   S   sh -c /opt/libexec/sftp-server
 1487         root       3088   S   /opt/libexec/sftp-server
 1494 ttyp0   root       1984   R   ps
bash-3.2#
0
giltjrCommented:
Umm,  according to the log there are some problems with the configuration for vsftp.  You may want to double check what the file file=/opt/etc/xinetd.d/vsftpd has in it.  It looks like it is not setup correctly.  Before you update anything in the file though I would suggest you look at the date on it.  See when it was last updated.

With that many errors I am surprised that port 21 is actually open.  You may want to issue the netstat command with the option "-anpA inet" this will show you what programs have each port open.

I notices that there is a process called "sftp-server" running.  I am assuming that this is a sftp (SSH ftp) server.  Have you though about using sftp instead of ftp?

sftp is not real ftp, but it works close enough for most people and is considered much more secure that plain text ftp because SSH will encrypt everything.
0
go4javaAuthor Commented:
...the file /opt/etc/xinetd.d/vsftpd contains (updated 28. Jan 2008):

service ftp
        {
        flags       = REUSE
        socket_type = stream
        protocol    = tcp
        wait        = no
        user        = root
        server      = /opt/sbin/vsftpd
        server_args = /opt/etc/vsftpd.conf
        }

...is there any IP missing?

+++

# bash
bash-3.2# /opt/bin/netstat
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State
tcp        0      2 NSLU2:telnet            nx6325:1402             ESTABLISHED
tcp        0      0 NSLU2:www               nx6325:1301             TIME_WAIT
tcp        0      0 NSLU2:www               nx6325:1401             ESTABLISHED
tcp        0      0 NSLU2:www               nx6325:1399             TIME_WAIT
tcp        0      0 NSLU2:www               nx6325:1397             TIME_WAIT
tcp        0      0 NSLU2:www               nx6325:1395             TIME_WAIT
tcp        0      0 NSLU2:www               nx6325:1393             TIME_WAIT
tcp        0      0 NSLU2:ssh               nx6325:1302             ESTABLISHED
tcp        0      0 NSLU2:9000              nx6325:1037             ESTABLISHED
Active UNIX domain sockets (w/o servers)
Proto RefCnt Flags       Type       State         I-Node Path
unix  8      [ ]         DGRAM                    27     /var/tmp/log
unix  3      [ ]         STREAM     CONNECTED     22056
unix  3      [ ]         STREAM     CONNECTED     22055
unix  3      [ ]         STREAM     CONNECTED     22054
unix  3      [ ]         STREAM     CONNECTED     22053
unix  2      [ ]         DGRAM                    1875
unix  2      [ ]         DGRAM                    1781
unix  2      [ ]         DGRAM                    1589
unix  2      [ ]         DGRAM                    1502
unix  2      [ ]         DGRAM                    1081
unix  2      [ ]         DGRAM                    626
bash-3.2# /opt/bin/netstat -anpA inet
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State
PID/Program name
tcp        0      0 192.168.178.99:9000     0.0.0.0:*               LISTEN
543/twonkymediaserv
tcp        0      0 127.0.0.1:9000          0.0.0.0:*               LISTEN
543/twonkymediaserv
tcp        0      0 0.0.0.0:873             0.0.0.0:*               LISTEN
529/rsync
tcp        0      0 0.0.0.0:139             0.0.0.0:*               LISTEN
379/smbd
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN
355/thttpd
tcp        0      0 0.0.0.0:21              0.0.0.0:*               LISTEN
1603/inetd
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN
509/sshd
tcp        0      0 0.0.0.0:23              0.0.0.0:*               LISTEN
502/xinetd
tcp        0      0 0.0.0.0:445             0.0.0.0:*               LISTEN
379/smbd
tcp        0      0 192.168.178.99:9000     192.168.178.20:2817     TIME_WAIT
-
tcp        0    668 192.168.178.99:23       192.168.178.24:1402     ESTABLISHED
1604/telnetd
tcp        0      0 192.168.178.99:80       192.168.178.24:1401     ESTABLISHED
1587/thttpd
tcp        0      0 192.168.178.99:22       192.168.178.24:1302     ESTABLISHED
1570/sshd: root@not
tcp        0      0 192.168.178.99:9000     192.168.178.24:1037     ESTABLISHED
543/twonkymediaserv
udp        0      0 192.168.178.99:137      0.0.0.0:*
381/nmbd
udp        0      0 0.0.0.0:137             0.0.0.0:*
381/nmbd
udp        0      0 192.168.178.99:138      0.0.0.0:*
381/nmbd
udp        0      0 0.0.0.0:138             0.0.0.0:*
381/nmbd
udp        0      0 0.0.0.0:915             0.0.0.0:*
409/QuickSet
udp        0      0 0.0.0.0:917             0.0.0.0:*
418/USB_Detect
udp        0      0 0.0.0.0:918             0.0.0.0:*
422/onetouch_detect
udp        0      0 192.168.178.99:1900     0.0.0.0:*
543/twonkymediaserv
udp        0      0 239.255.255.250:1900    0.0.0.0:*
543/twonkymediaserv
udp        0      0 192.168.178.99:9080     0.0.0.0:*
543/twonkymediaserv
bash-3.2#

+++

Yes, SFTP would be better. I need simple FTP for my Axis netcam.

0
go4javaAuthor Commented:
...and this is the output of a FileZilla connection, right now:

Status:      Connecting to 192.168.178.99 ...
Status:      Connected with 192.168.178.99. Waiting for welcome message...
Error:      Timeout detected!
Error:      Unable to connect!
0
giltjrCommented:
Did you do anything on Jan 28, 2008?  The vsftpd file that contains the parameters for xinetd seem to be fine, at least based on the most recent level of xinetd.

Umm, one thing is that in the error log the lines with errors all show a ^M, which is the text representation of a carriage return.  It is almost as if somebody edited this file on a Windows box, ftp'ed it back the the NSLU2 box as "binary" which means the Windows EOR of CRLF was left in tact and *nix based os expect EOR of LF.

I would suggest that you copy the vsftpd file to a backup file (say vsftpd.bkup) and then see if NSLU2 has the utility dos2unix and issue the command (while in the /etc/xinetd.d/ directory):

     dos2unix vsftpd.bkup vsftpd

Then restart xinetd and see what happens.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
go4javaAuthor Commented:
Many thanks for your help. I've been trying to resolve my problem through different 'expert' forums - YOU have been of great help, I could learn something and YOU FOUND A SOLUTION.
All the best from Germany, Rainer
0
giltjrCommented:
Thank you for the grade and I am glad to be of help.  The best way to learn new things is to help others.  That is why forums like this are wonderful.  It helps the helper and the helpee both learn.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
File Sharing Software

From novice to tech pro — start learning today.