[arch-mirrors] FTP strange problem
ftp://mirror.chmuri.net/archmirror/ ftp Poland 0.0% unknown ∞ Please tell me were is problem with ftp server? Firewall is off everything its ok and on the list its a problem within. -- Pozdrawiam Karol Chmurzyński
Hi Karol, On 5/15/2012 1:36 AM, Karol Chmurzyński wrote:
ftp://mirror.chmuri.net/archmirror/ ftp Poland 0.0% unknown ∞
Please tell me were is problem with ftp server? Firewall is off everything its ok and on the list its a problem within.
Your ftp server does not support passive mode: $ wget -S -T 10 ftp://mirror.chmuri.net/archmirror/lastsync --2012-05-15 03:51:35-- ftp://mirror.chmuri.net/archmirror/lastsync => `lastsync' Resolving mirror.chmuri.net... 188.116.52.91 Connecting to mirror.chmuri.net|188.116.52.91|:21... connected. Logging in as anonymous ... 220 FTP Server ready. --> USER anonymous 331 Anonymous login ok, send your complete email address as your password --> PASS Turtle Power! 230 Anonymous login ok, restrictions apply. --> SYST 215 UNIX Type: L8 --> PWD 257 "/" is the current directory --> TYPE I 200 Type set to I --> CWD /archmirror 250 CWD command successful --> SIZE lastsync 213 11 --> PASV Error in server response, closing control connection. Retrying. Meanwhile, PORT mode works fine. Regards, Mitry
2012/5/15 Mitry Matyushkov <ftp@mgts.by>:
Hi Karol,
On 5/15/2012 1:36 AM, Karol Chmurzyński wrote:
ftp://mirror.chmuri.net/archmirror/ ftp Poland 0.0% unknown ∞
Please tell me were is problem with ftp server? Firewall is off everything its ok and on the list its a problem within.
Your ftp server does not support passive mode:
$ wget -S -T 10 ftp://mirror.chmuri.net/archmirror/lastsync --2012-05-15 03:51:35-- ftp://mirror.chmuri.net/archmirror/lastsync => `lastsync' Resolving mirror.chmuri.net... 188.116.52.91 Connecting to mirror.chmuri.net|188.116.52.91|:21... connected. Logging in as anonymous ... 220 FTP Server ready. --> USER anonymous
331 Anonymous login ok, send your complete email address as your password --> PASS Turtle Power!
230 Anonymous login ok, restrictions apply. --> SYST
215 UNIX Type: L8 --> PWD
257 "/" is the current directory --> TYPE I
200 Type set to I --> CWD /archmirror
250 CWD command successful --> SIZE lastsync
213 11 --> PASV
Error in server response, closing control connection. Retrying.
Meanwhile, PORT mode works fine.
Regards, Mitry _______________________________________________ arch-mirrors mailing list arch-mirrors@archlinux.org http://mailman.archlinux.org/mailman/listinfo/arch-mirrors
http://wklej.to/vD71q password for lock is archmirror please look at config for my proftpd.conf -- Pozdrawiam Karol Chmurzyński
Hi Karol, Is your mirror host behind another box with firewall/nat? If this is the case please follow http://www.proftpd.org/docs/howto/NAT.html. Otherwise it looks like you filter port range you set in proftpd.conf PassivePorts 49152 65534 You have to allow connections to these ports. Mitry. On 5/15/2012 12:59 PM, Karol Chmurzyński wrote:
http://wklej.to/vD71q password for lock is archmirror please look at config for my proftpd.conf
Hi Karol,
Is your mirror host behind another box with firewall/nat? If this is the case please follow http://www.proftpd.org/docs/howto/NAT.html.
Otherwise it looks like you filter port range you set in proftpd.conf PassivePorts 49152 65534
You have to allow connections to these ports.
Mitry.
On 5/15/2012 12:59 PM, Karol Chmurzyński wrote:
http://wklej.to/vD71q password for lock is archmirror please look at config for my proftpd.conf
_______________________________________________ arch-mirrors mailing list arch-mirrors@archlinux.org http://mailman.archlinux.org/mailman/listinfo/arch-mirrors Its a xen wirtalization witch one single ip adress, and its not behind a NAT,firwall its off and i dont know what is the problem witch this. System is centos 6 , in the past it was on arch and there are no
2012/5/15 Mitry Matyushkov <ftp@mgts.by>: problem witch in. -- Pozdrawiam Karol Chmurzyński
Check that syslinux is not blocking something. Centos6 defaults syslinux 'on' in all cases I have seen. On May 15, 2012, at 13:26, "Karol Chmurzyński" <chmuri@gmail.com> wrote:
Hi Karol,
Is your mirror host behind another box with firewall/nat? If this is the case please follow http://www.proftpd.org/docs/howto/NAT.html.
Otherwise it looks like you filter port range you set in proftpd.conf PassivePorts 49152 65534
You have to allow connections to these ports.
Mitry.
On 5/15/2012 12:59 PM, Karol Chmurzyński wrote:
http://wklej.to/vD71q password for lock is archmirror please look at config for my proftpd.conf
_______________________________________________ arch-mirrors mailing list arch-mirrors@archlinux.org http://mailman.archlinux.org/mailman/listinfo/arch-mirrors Its a xen wirtalization witch one single ip adress, and its not behind a NAT,firwall its off and i dont know what is the problem witch this. System is centos 6 , in the past it was on arch and there are no
2012/5/15 Mitry Matyushkov <ftp@mgts.by>: problem witch in.
-- Pozdrawiam Karol Chmurzyński _______________________________________________ arch-mirrors mailing list arch-mirrors@archlinux.org http://mailman.archlinux.org/mailman/listinfo/arch-mirrors
2012/5/15 Andrew Holland <Andrew.holland@academica.fi>:
Check that syslinux is not blocking something. Centos6 defaults syslinux 'on' in all cases I have seen.
On May 15, 2012, at 13:26, "Karol Chmurzyński" <chmuri@gmail.com> wrote:
Hi Karol,
Is your mirror host behind another box with firewall/nat? If this is the case please follow http://www.proftpd.org/docs/howto/NAT.html.
Otherwise it looks like you filter port range you set in proftpd.conf PassivePorts 49152 65534
You have to allow connections to these ports.
Mitry.
On 5/15/2012 12:59 PM, Karol Chmurzyński wrote:
http://wklej.to/vD71q password for lock is archmirror please look at config for my proftpd.conf
_______________________________________________ arch-mirrors mailing list arch-mirrors@archlinux.org http://mailman.archlinux.org/mailman/listinfo/arch-mirrors Its a xen wirtalization witch one single ip adress, and its not behind a NAT,firwall its off and i dont know what is the problem witch this. System is centos 6 , in the past it was on arch and there are no
2012/5/15 Mitry Matyushkov <ftp@mgts.by>: problem witch in.
-- Pozdrawiam Karol Chmurzyński _______________________________________________ arch-mirrors mailing list arch-mirrors@archlinux.org http://mailman.archlinux.org/mailman/listinfo/arch-mirrors
arch-mirrors mailing list arch-mirrors@archlinux.org http://mailman.archlinux.org/mailman/listinfo/arch-mirrors
Selinux is disabled. No NAT no firwall nothing just a pure proftpd config nothing else. -- Pozdrawiam Karol Chmurzyński
Ok - well, to debug further, I would suggest doing some tests on the server side (to find out if it's seeing packets to those ports) I'd test some ports via netcat - i.e. on the server: nc -l -p 49152 / on client machine: nc [ip of ftp server] 49152 If it can connect, and you can write/read on both sides, try other ports in that range (49152 to 65534.) If they are BLOCKED, you've got a firewall in the way (probably external to your xen domU.) I'd also look at the server logs and see if there's something there, just in case. It probably won't help much, but - my mirror is hosted on CentOS as well (not my decision) and we are using vsftpd. ________________________________________ From: arch-mirrors-bounces@archlinux.org [arch-mirrors-bounces@archlinux.org] on behalf of Karol Chmurzyński [chmuri@gmail.com] Sent: Tuesday, May 15, 2012 13:41 To: Arch Linux Mirroring Discussion and Announcements Subject: Re: [arch-mirrors] FTP strange problem [removed quoted stuff] Selinux is disabled. No NAT no firwall nothing just a pure proftpd config nothing else. -- Pozdrawiam Karol Chmurzyński _______________________________________________ arch-mirrors mailing list arch-mirrors@archlinux.org http://mailman.archlinux.org/mailman/listinfo/arch-mirrors
2012/5/15 Andrew Holland <Andrew.holland@academica.fi>:
Ok - well, to debug further, I would suggest doing some tests on the server side (to find out if it's seeing packets to those ports)
I'd test some ports via netcat - i.e. on the server: nc -l -p 49152 / on client machine: nc [ip of ftp server] 49152 If it can connect, and you can write/read on both sides, try other ports in that range (49152 to 65534.)
If they are BLOCKED, you've got a firewall in the way (probably external to your xen domU.)
I'd also look at the server logs and see if there's something there, just in case.
It probably won't help much, but - my mirror is hosted on CentOS as well (not my decision) and we are using vsftpd.
________________________________________ From: arch-mirrors-bounces@archlinux.org [arch-mirrors-bounces@archlinux.org] on behalf of Karol Chmurzyński [chmuri@gmail.com] Sent: Tuesday, May 15, 2012 13:41 To: Arch Linux Mirroring Discussion and Announcements Subject: Re: [arch-mirrors] FTP strange problem
[removed quoted stuff]
Selinux is disabled. No NAT no firwall nothing just a pure proftpd config nothing else.
-- Pozdrawiam Karol Chmurzyński _______________________________________________ arch-mirrors mailing list arch-mirrors@archlinux.org http://mailman.archlinux.org/mailman/listinfo/arch-mirrors _______________________________________________ arch-mirrors mailing list arch-mirrors@archlinux.org http://mailman.archlinux.org/mailman/listinfo/arch-mirrors
Ok i have changed to the vsftp that i have on arch in the past witch this simple config cat /etc/vsftpd/vsftpd.conf ftpd_banner=Welcome offical chmuri mirror. # Sample anonymous FTP server configuration # # Mandatory directives # listen=YES local_enable=NO anonymous_enable=YES write_enable=NO anon_root=/usr/mirror/ # # Optional directives # xferlog_enable=YES listen_port=21 -- Pozdrawiam Karol Chmurzyński
Karol, The same issue with vsftpd. Can you please show `ip addr' output? On 5/15/2012 2:52 PM, Karol Chmurzyński wrote:
Ok i have changed to the vsftp that i have on arch in the past witch this simple config cat /etc/vsftpd/vsftpd.conf ftpd_banner=Welcome offical chmuri mirror. # Sample anonymous FTP server configuration # # Mandatory directives # listen=YES local_enable=NO anonymous_enable=YES write_enable=NO anon_root=/usr/mirror/ # # Optional directives # xferlog_enable=YES listen_port=21
2012/5/15 Mitry Matyushkov <ftp@mgts.by>:
Karol,
The same issue with vsftpd. Can you please show `ip addr' output?
On 5/15/2012 2:52 PM, Karol Chmurzyński wrote:
Ok i have changed to the vsftp that i have on arch in the past witch this simple config cat /etc/vsftpd/vsftpd.conf ftpd_banner=Welcome offical chmuri mirror. # Sample anonymous FTP server configuration # # Mandatory directives # listen=YES local_enable=NO anonymous_enable=YES write_enable=NO anon_root=/usr/mirror/ # # Optional directives # xferlog_enable=YES listen_port=21
_______________________________________________ arch-mirrors mailing list arch-mirrors@archlinux.org http://mailman.archlinux.org/mailman/listinfo/arch-mirrors ip addr 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:16:3e:9c:de:40 brd ff:ff:ff:ff:ff:ff inet 188.116.52.91/24 brd 188.116.52.255 scope global eth0 inet6 fe80::216:3eff:fe9c:de40/64 scope link valid_lft forever preferred_lft forever
-- Pozdrawiam Karol Chmurzyński
Hi, This issue is very similar to https://bugzilla.redhat.com/show_bug.cgi?id=642388 Regards, Mitry On 5/15/2012 7:32 PM, Karol Chmurzyński wrote:
ip addr 1: lo:<LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth0:<BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:16:3e:9c:de:40 brd ff:ff:ff:ff:ff:ff inet 188.116.52.91/24 brd 188.116.52.255 scope global eth0 inet6 fe80::216:3eff:fe9c:de40/64 scope link valid_lft forever preferred_lft forever
2012/5/15 Mitry Matyushkov <ftp@mgts.by>:
Hi,
This issue is very similar to https://bugzilla.redhat.com/show_bug.cgi?id=642388
Regards, Mitry
On 5/15/2012 7:32 PM, Karol Chmurzyński wrote:
ip addr 1: lo:<LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth0:<BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:16:3e:9c:de:40 brd ff:ff:ff:ff:ff:ff inet 188.116.52.91/24 brd 188.116.52.255 scope global eth0 inet6 fe80::216:3eff:fe9c:de40/64 scope link valid_lft forever preferred_lft forever
_______________________________________________ arch-mirrors mailing list arch-mirrors@archlinux.org http://mailman.archlinux.org/mailman/listinfo/arch-mirrors
Ok ive changed system to debian 6 x64 added one more IP 188.116.56.222 and the problem is the same. ( iptables are flushed) -- Pozdrawiam Karol Chmurzyński
participants (3)
-
Andrew Holland
-
Karol Chmurzyński
-
Mitry Matyushkov