Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Mon 16 Sep 2019, 05:17
All times are UTC - 4
 Forum index » House Training » Users ( For the regulars )
Need help with setting ftp server [Solved]
Moderators: Flash, Ian, JohnMurga
Post new topic   Reply to topic View previous topic :: View next topic
Page 1 of 1 [5 Posts]  
Author Message
Amfiarz

Joined: 08 Feb 2007
Posts: 67

PostPosted: Sat 07 Apr 2007, 13:24    Post subject:  Need help with setting ftp server [Solved]
Subject description: proftpd + gproftpd(gui)
 

Hi,

i need some more advanced help with configuring my ftp server. I try to use proftpd and GUI for it, and here's what i have:

Configuration:
Quote:
ServerType standalone
DefaultServer on
Umask 022
ServerName "0.0.0.0"
ServerIdent on "My FTPD"
ServerAdmin a@b
IdentLookups off
UseReverseDNS off
Port 21
PassivePorts 49152 65534
MasqueradeAddress (yes, it's my ip Very Happy )
TimesGMT off
MaxInstances 30
MaxLoginAttempts 20
TimeoutLogin 300
TimeoutNoTransfer 120
TimeoutIdle 120
DisplayLogin welcome.msg
DisplayFirstChdir .msg
User anonymous
Group nobody
DirFakeUser off nobody
DirFakeGroup off nobody
DefaultTransferMode binary
AllowForeignAddress off
AllowRetrieveRestart on
AllowStoreRestart on
DeleteAbortedStores off
TransferRate RETR 14
TransferRate STOR 0
TransferRate STOU 0
TransferRate APPE 0
SystemLog /var/log/secure
RequireValidShell off
#gp_random_username_length 6
#gp_random_password_length 6
#gp_randomize_case lower
#gp_useradd_homedir_path /var/ftp
#gp_useradd_upload_path /upload
#gp_html_path /var/www/html/ftp.htm
#gp_welcome_name welcome.msg
<IfModule mod_tls.c>
TLSEngine off
TLSRequired off
TLSVerifyClient off
TLSProtocol TLSv1
TLSLog /var/log/proftpd_tls.log
TLSRSACertificateFile /etc/gproftpd/gproftpd.pem
</IfModule>
<IfModule mod_ratio.c>
Ratios off
SaveRatios off
RatioFile "/restricted/proftpd_ratios"
RatioTempFile "/restricted/proftpd_ratios_temp"
CwdRatioMsg "Please upload first!"
FileRatioErrMsg "FileRatio limit exceeded, upload something first..."
ByteRatioErrMsg "ByteRatio limit exceeded, upload something first..."
LeechRatioMsg "Your ratio is unlimited."
</IfModule>
<Limit LOGIN>
AllowUser anonymous
DenyALL
</Limit>

<Anonymous /var/ftp>
User anonymous
Group anonymous
AnonRequirePassword off
MaxClients 20 "The server is full, hosting %m users"
DisplayLogin welcome.msg
DisplayFirstChdir .msg
<Limit LOGIN>
Allow from all
</Limit>
<Limit LIST NLST RETR PWD XPWD SIZE STAT CWD XCWD CDUP XCUP >
AllowAll
</Limit>
<Limit STOR STOU APPE RNFR RNTO DELE MKD XMKD SITE_MKDIR RMD XRMD SITE_RMDIR SITE SITE_CHMOD SITE_CHGRP MTDM >
DenyAll
</Limit>
</Anonymous>


Here's how it looks in gui:


At this moment i'm able to connect to ftp server at localhost and also in LAN. But i'm invisible from outside, and read somewhere, that i have to set ports forwarding in my router. Thanks to XXX (insert name of your God) it was quite easy:

My router configuration has some preconfigured rules, also for ftp server. Also i added ftp-server rule to ip-filtering to make my firewall not block connections (? is it good or i should not do it?) and saved setiings and restarted connection.

Anyway at this moment connections from outside are logged by ftp server. Unfortunately the only action is - user gets logged. He even does not receive a list of files to browse (which i put into /var/ftp).

The only idea i have is to replace ip address (the one which i type into "Configure NAT routing" field in GUI) with some other. I mean i type there my ip which i obtain for example when visiting http://www.ip-adress.com/ and maybe it should be some other ip? But on the other hand, now it almost works, including that my server sees people trying to connect from outside. It's only them, who's not seeing server Very Happy

Does anyone have some idea? Please help (and when we got all the solution, we could paste it into "howto" forum? Very Happy )

Edit1: of course user "anonymous" is set properly (or so i think, but logging from other computer in LAN is anonymous and work well).

Last edited by Amfiarz on Sun 08 Apr 2007, 10:14; edited 1 time in total
Back to top
View user's profile Send private message 
Bruce B

Joined: 18 May 2005
Posts: 11488
Location: The Peoples Republic of California

PostPosted: Sat 07 Apr 2007, 21:14    Post subject:  

We can start with dealing with the quirks. Presuming you downloaded the two dotpups which I downloaded (gproftp) and (proftpd)

Gproftp has a quirk in not saving some settings, I think the description of the quirks were included in the dotpup. But in order to know about them, you would have to read the docs.

This means that some of the .conf file must be filled out manually.

As I remember Gproftp, the setup program uses /etc/proftpd.conf for the configuration file,


But gproftpd, the binary, looks for /usr/local/etc/proftpd.conf

What I did was make a symlink /etc/proftpd.conf -> /usr/local/etc/proftpd.conf

Here is a working conf file, differences are I don't allow anonymous and I give XYZ full permissions. We are both, I think behind NAT routers, which not all FTP servers handle well, but proftpd does.
Code:

ServerType standalone
DefaultServer on
Umask 022
ServerName "0.0.0.0"
ServerIdent on "My FTPD"
ServerAdmin root@localhost
IdentLookups off
UseReverseDNS off
Port 21
PassivePorts 49152 65534
MasqueradeAddress 192.168.1.100
TimesGMT off
MaxInstances 30
MaxLoginAttempts 3
TimeoutLogin 300
TimeoutNoTransfer 120
TimeoutIdle 120
DisplayLogin welcome.msg
DisplayFirstChdir .message
User root
Group root
DirFakeUser off nobody
DirFakeGroup off nobody
DefaultTransferMode binary
AllowForeignAddress on
AllowRetrieveRestart on
AllowStoreRestart on
DeleteAbortedStores on
TransferRate RETR 100
TransferRate STOR 100
TransferRate STOU 100
TransferRate APPE 100
SystemLog /usr/local/var/log/secure
RequireValidShell off
#gp_random_username_length 6
#gp_random_password_length 6
#gp_randomize_case lower
#gp_useradd_homedir_path /var/ftp
#gp_useradd_upload_path /upload
#gp_html_path /var/www/html/ftp.htm
#gp_welcome_name welcome.msg
<IfModule mod_tls.c>
TLSEngine off
TLSRequired off
TLSVerifyClient off
TLSProtocol TLSv1
TLSLog /usr/local/var/log/proftpd_tls.log
TLSRSACertificateFile /etc/gproftpd/gproftpd.pem
</IfModule>
<Limit LOGIN>
  AllowUser XYZ
  DenyALL
</Limit>

<Anonymous /data/XYZ>
User XYZ
Group root
AnonRequirePassword on
MaxClients 5 "The server is full, hosting %m users"
DisplayLogin welcome.msg
DisplayFirstChdir .msg
<Limit LOGIN>
Allow from all
Deny from all
</Limit>
AllowOverwrite on
<Limit LIST NLST  STOR STOU  RETR  RNFR RNTO  DELE  MKD XMKD SITE_MKDIR  RMD XRMD SITE_RMDIR  SITE  MTDM  PWD XPWD  SIZE  STAT  CWD XCWD  CDUP XCUP >
 AllowAll
</Limit>
<Limit APPE  SITE_CHMOD  SITE_CHGRP >
 DenyAll
</Limit>
</Anonymous>



I also had to make an account for the user XYZ at the directory specified.

--------------

--------------

It looks like later I made an alias to run proftd which forces the use of the configuration file in /etc

alias ftpd='proftpd -c /etc/proftpd.conf -n'
Back to top
View user's profile Send private message 
Bruce B

Joined: 18 May 2005
Posts: 11488
Location: The Peoples Republic of California

PostPosted: Sat 07 Apr 2007, 21:52    Post subject:  

Also for the little I know about allowing anonymous users on my server, I think, you need to add a user called ftp, with no password, enter, enter for password.

After adding him, I'd open and edit /etc/passwd, find a line like the one below, and make sure the path points to where you actually are running the ftp service.

ftp:x:510:510:Linux User,,,:/home/ftp:/bin/sh

Check and see if it works. If so, then add a file to your path called nosh, replace it where :/bin/sh is as follows:

ftp:x:510:510:Linux User,,,:/home/ftp:/pathto/nosh

Make a file called nosh that looks like this

Code:
#!/bin/sh
echo Oh Oh


chmod nosh to correspond with /bin/sh as follows

# chmod 777 /pathto/nosh

Test and see if it works. If it doesn't work forget it, and put it back as it was. I've not actually tried it.
Back to top
View user's profile Send private message 
Amfiarz

Joined: 08 Feb 2007
Posts: 67

PostPosted: Sun 08 Apr 2007, 08:11    Post subject:  

Ok, we'll see. In fact, i have server and gui compiled on my own, not from the dotpets. Eh, these net probelms Very Happy I had problems with sylpheed, now with ftpserver and also i cannot connect to ftp with gftp Very Happy I think something very strange is with my router Very Happy

The user whom i use for anonymous ftp account is "anonymous" and i created him and gave null password. I've heard that many servers need user called "ftp", but in help for gproftpd i've read that here it's unnecessary. Anyway, will try this with "ftp" user Very Happy

Edit 1: Nothing. When you call to this server from outside of LAN, you are prompted to type user and password, and when you type ftp and enter, nothing happens. And server is still in "authenticating" stage. It looks like someting is blocking all transfer after appearing of "authenticating" window at the client's side. :/

Edit 2: I've connections with gftp back Very Happy It looks like i've had bad firewall settings. Ok, so now i can connect to ftp servers with ftp client, not only with opera. I checked my server with gftp (to have full log of connection) and here's what i have:

Quote:
Looking up localhost
Trying localhost:21
Connected to localhost:21
220 My FTPD
USER anonymous
331 Anonymous login ok, send your complete email address as your password.
PASS xxxx
230 Anonymous access granted, restrictions apply.
SYST
215 UNIX Type: L8
TYPE I
200 Type set to I
PWD
257 "/" is current directory.
Loading directory listing / from server (LC_TIME=C)
PASV
227 Entering Passive Mode (83,27,83,33,234,165).
Cannot create a data connection: Connection refused
Disconnecting from site localhost


I can see my ip in line "227 Entering Passive Mode (83,27,83,33,234,165).", so i guess it's beacuse of setting NAT. I (just for testing purposes) deactivated NAT management in proftpd server, and thus i could connect with ftp client.

It's strange, how does it work that opera manages with connecting to localhost anyway, and client - does not? (i assume that opera does some dirty tricks, it should not connect because when i've NAT setted in server and connections to localhost does not go thru router, the server should not establish connection, just like with this gftp).

Anyway, i'm still testing how does it look like from outside of my LAN.


Edit 3: SOLVED - but it's kind of strange. I'm sure, 100% sure that i do have NAT enabled in my router. I checked this Very Happy But the srever works fine when i disable NAT support (-> first screen in first post in this topic, "Configure NAT routing" i set to "Off"). Friend ~20 km away downloaded files Very Happy Maybe this GUI is a little buggy, as Bruce B said. Anyway, now it works and i'm satisfied.
Back to top
View user's profile Send private message 
Bruce B

Joined: 18 May 2005
Posts: 11488
Location: The Peoples Republic of California

PostPosted: Mon 09 Apr 2007, 02:07    Post subject:  

It was frustrating for me a first. The only thing I can say for both of us is - persistence pays

I was about to give up 'til I found proftpd (thanks Mark).

As for making user ftp, this is only what I've read, it maybe it doesn't apply to anonymous users, with proftpd

The thing I found important with specified users is file permissions. It seems Linux permissions take precedence over proftpd's settings.

Meaning to say: both Linux file permissions and owners have to correspond with what you want to do with proftpd.

Anyway, congratulations, hopefully our work will help blaze the trail for future Puppy FTP Servers Smile
Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 1 of 1 [5 Posts]  
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » House Training » Users ( For the regulars )
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0652s ][ Queries: 11 (0.0238s) ][ GZIP on ]