• We value your experience with Plesk during 2024
    Plesk strives to perform even better in 2025. To help us improve further, please answer a few questions about your experience with Plesk Obsidian 2024.
    Please take this short survey:

    https://pt-research.typeform.com/to/AmZvSXkx
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

Cannot get ProFTPD working

kiav

Basic Pleskian
Plesk 12.5.30 WEB Admin Edition on CentOS 6.1
FileZilla 3.14.1 as a client.
External (white) fixed IPv4.

I get an error:
Code:
02:10:39   Status:   Resolving address of example.com
02:10:39   Status:   Connecting to 1.2.3.4:21...
02:10:39   Status:   Connection established, waiting for welcome message...
02:10:39   Status:   Initializing TLS...
02:10:40   Status:   Verifying certificate...
02:10:40   Status:   TLS connection established.
02:10:40   Status:   Connected
02:10:40   Status:   Retrieving directory listing...
02:11:00   Command:   PWD
02:11:00   Response:   257 "/" is the current directory
02:11:00   Command:   TYPE I
02:11:00   Response:   200 Type set to I
02:11:00   Command:   PORT 192,168,10,2,209,84
02:11:00   Response:   200 PORT command successful
02:11:00   Command:   MLSD
02:11:00   Error:   Connection timed out after 20 seconds of inactivity
02:11:00   Error:   Failed to retrieve directory listing

I never saw a directory listing.

In /var/log/messages:
Code:
Oct 26 01:47:38 mybirds xinetd[1917]: START: ftp pid=5662 from=::ffff:31.135.228.80
Oct 26 01:47:38 mybirds proftpd[5662]: processing configuration directory '/etc/proftpd.d'
Oct 26 01:47:38 mybirds proftpd[5662]: 127.0.0.1 (31.135.228.80[31.135.228.80]) - mod_delay/0.7: unable to open DelayTable '/var/proftpd.delay': No such file or directory
Oct 26 01:47:38 mybirds proftpd[5662]: 127.0.0.1 (31.135.228.80[31.135.228.80]) - FTP session opened.


I already tried to set up passive ports in Global section of /etc/proftpd.conf as told in KB:
Code:
PassivePorts 57000 58000

Code:
# lsmod | grep ftp
nf_nat_ftp  3443  0
nf_nat  22676  1 nf_nat_ftp
nf_conntrack_ftp  11953  1 nf_nat_ftp
nf_conntrack  79206  6 nf_nat_ftp,nf_nat,nf_conntrack_ftp,nf_conntrack_ipv4,nf_conntrack_ipv6,xt_state


And manually added all ports into iptables:
Code:
# iptables -I INPUT 5 -m state --state NEW -p tcp --dport 57000:58000 -j ACCEPT
# iptables -I INPUT 5 -m state --state NEW -p tcp --dport 990 -j ACCEPT
# iptables -I INPUT 5 -m state --state NEW -p tcp --dport 20 -j ACCEPT
# iptables -I INPUT 5 -m state --state NEW -p tcp --dport 21 -j ACCEPT

# iptables -L --line-numbers
Chain INPUT (policy ACCEPT)
num  target  prot opt source  destination
1  ACCEPT  all  --  anywhere  anywhere  state RELATED,ESTABLISHED
2  ACCEPT  icmp --  anywhere  anywhere
3  ACCEPT  all  --  anywhere  anywhere
4  ACCEPT  tcp  --  anywhere  anywhere  state NEW tcp dpt:ssh
5  ACCEPT  tcp  --  anywhere  anywhere  state NEW tcp dpt:ftp
6  ACCEPT  tcp  --  anywhere  anywhere  state NEW tcp dpt:ftp-data
7  ACCEPT  tcp  --  anywhere  anywhere  state NEW tcp dpt:ftps
8  ACCEPT  tcp  --  anywhere  anywhere  state NEW tcp dpts:57000:58000
9  ACCEPT  tcp  --  anywhere  anywhere  state NEW tcp dpt:http
10  ACCEPT  tcp  --  anywhere  anywhere  state NEW tcp dpt:https
11  ACCEPT  tcp  --  anywhere  anywhere  state NEW tcp dpt:pcsync-https
12  REJECT  all  --  anywhere  anywhere  reject-with icmp-host-prohibited

Chain FORWARD (policy ACCEPT)
num  target  prot opt source  destination
1  REJECT  all  --  anywhere  anywhere  reject-with icmp-host-prohibited

Chain OUTPUT (policy ACCEPT)
num  target  prot opt source  destination


I even manualy reinstalled psa-proftpd.

What is the reason?
 
I found solution.

For sure I set passive ports acording admin guide (port range 49152:65534 and xinetd restart).
Then I forwarded port for active mode as told in FileZilla docs.

I guess that Active Mode is working for me.
 
Back
Top