Problem with ftp server
panagiotis takis_rs
takispadaz at hotmail.com
Sat Jan 10 21:11:25 EET 2009
1) ps -ef |grep vsftpd
τι δίνει;
root 6913 1 0 20:56 ? 00:00:00 /usr/sbin/vsftpd
takis 8611 8402 0 21:03 pts/0 00:00:00 grep vsftpd
2) netstat -atp |grep -i LISTEN
τι δίνει;
tcp 0 0 localhost:mysql *:* LISTEN 6331/mysqld
tcp 0 0 *:ftp *:* LISTEN 6913/vsftpd
tcp 0 0 localhost:ipp *:* LISTEN 6476/cupsd
tcp6 0 0 localhost:8005 [::]:* LISTEN 7410/java
tcp6 0 0 [::]:8009 [::]:* LISTEN 7410/java
tcp6 0 0 [::]:5900 [::]:* LISTEN 7979/vino-server
tcp6 0 0 [::]:http-alt [::]:* LISTEN 7410/java
3) κάνε attach το vsftpd.conf
listen=YES
max_clients=4
max_per_ip=1
ftpd_banner=Takis_rs, ftp server.
anonymous_enable=YES
anon_root=/home/takis/Desktop/
local_enable=YES
write_enable=NO
anon_upload_enable=NO
anon_mkdir_write_enable=NO
anon_other_write_enable=NO
hide_ids=YES
ls_recurse_enable=NO
tcp_wrappers=YES
log_ftp_protocol=YES
dual_log_enable=YES
xferlog_enable=YES
idle_session_timeout=60
data_connection_timeout=300
accept_timeout=60
connect_timeout=60
dirmessage_enable=YES
background=YES
pasv_min_port=50000
pasv_max_port=50003
anonymous_enable=YES
banner_file=/etc/WELCOME_BANNER
connect_from_port_20=YES
nopriv_user=ftpsecure
xferlog_enable=YES
4) iptables -L
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT tcp -- calchas.forthnet.gr anywhere tcp flags:!FIN,SYN,RST,ACK/SYN
ACCEPT udp -- nsath.forthnet.gr anywhere
ACCEPT all -- anywhere anywhere
ACCEPT icmp -- anywhere anywhere limit: avg 10/sec burst 5
DROP all -- anywhere 255.255.255.255
DROP all -- anywhere 192.168.1.255
DROP all -- BASE-ADDRESS.MCAST.NET/8 anywhere
DROP all -- anywhere BASE-ADDRESS.MCAST.NET/8
DROP all -- 255.255.255.255 anywhere
DROP all -- anywhere 0.0.0.0
DROP all -- anywhere anywhere state INVALID
LSI all -f anywhere anywhere limit: avg 10/min burst 5
INBOUND all -- anywhere anywhere
LOG_FILTER all -- anywhere anywhere
LOG all -- anywhere anywhere LOG level info prefix `Unknown Input'
Chain FORWARD (policy DROP)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere limit: avg 10/sec burst 5
LOG_FILTER all -- anywhere anywhere
LOG all -- anywhere anywhere LOG level info prefix `Unknown Forward'
Chain OUTPUT (policy DROP)
target prot opt source destination
ACCEPT tcp -- 192.168.1.4 calchas.forthnet.gr tcp dpt:domain
ACCEPT udp -- 192.168.1.4 nsath.forthnet.gr udp dpt:domain
ACCEPT all -- anywhere anywhere
DROP all -- BASE-ADDRESS.MCAST.NET/8 anywhere
DROP all -- anywhere BASE-ADDRESS.MCAST.NET/8
DROP all -- 255.255.255.255 anywhere
DROP all -- anywhere 0.0.0.0
DROP all -- anywhere anywhere state INVALID
OUTBOUND all -- anywhere anywhere
LOG_FILTER all -- anywhere anywhere
LOG all -- anywhere anywhere LOG level info prefix `Unknown Output'
Chain INBOUND (1 references)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT udp -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT tcp -- anywhere anywhere tcp dpts:ftp-data:ftp
ACCEPT udp -- anywhere anywhere udp dpts:20:fsp
ACCEPT tcp -- anywhere anywhere tcp dpt:http-alt
ACCEPT udp -- anywhere anywhere udp dpt:http-alt
LSI all -- anywhere anywhere
Chain LOG_FILTER (5 references)
target prot opt source destination
Chain LSI (2 references)
target prot opt source destination
LOG_FILTER all -- anywhere anywhere
LOG tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,ACK/SYN limit: avg 1/sec burst 5 LOG level info prefix `Inbound '
DROP tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,ACK/SYN
LOG tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,ACK/RST limit: avg 1/sec burst 5 LOG level info prefix `Inbound '
DROP tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,ACK/RST
LOG icmp -- anywhere anywhere icmp echo-request limit: avg 1/sec burst 5 LOG level info prefix `Inbound '
DROP icmp -- anywhere anywhere icmp echo-request
LOG all -- anywhere anywhere limit: avg 5/sec burst 5 LOG level info prefix `Inbound '
DROP all -- anywhere anywhere
Chain LSO (0 references)
target prot opt source destination
LOG_FILTER all -- anywhere anywhere
LOG all -- anywhere anywhere limit: avg 5/sec burst 5 LOG level info prefix `Outbound '
REJECT all -- anywhere anywhere reject-with icmp-port-unreachable
Chain OUTBOUND (1 references)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere
ACCEPT tcp -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT udp -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT all -- anywhere anywhere
iptables -L -t nat
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
5) netstat -atp |grep -i xinet
ΤΙΠΟΤΑ
_________________________________________________________________
News, entertainment and everything you care about at Live.com. Get it now!
http://www.live.com/getstarted.aspx
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.hellug.gr/pipermail/linux-greek-users/attachments/20090110/6a0e23f6/attachment.htm>
More information about the Linux-greek-users
mailing list