64Bit Fedora and Proftp
Edward. S. P. Leong
edwardspl at ita.org.mo
Sun Mar 7 04:26:49 UTC 2010
Dear you,
Mine is 64Bit Fedora 11....
/etc/xinetd.d/proftpd
service ftp
{
disable = no
flags = REUSE
socket_type = stream
wait = no
user = root
server = /usr/sbin/proftpd
log_on_success += DURATION USERID
log_on_failure += USERID
nice = 10
}
Firewall Setting ( iptables ) :
#!/bin/bash
# modprobe ip_tables
# modprobe ip_nat_ftp
# modprobe ip_conntrack
# modprobe ip_conntrack_ftp
iptables -F
iptables -X
iptables -F -t nat
iptables -X -t nat
iptables -F -t mangle
iptables -X -t mangle
iptables -P INPUT DROP
iptables -P OUTPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -t nat -P OUTPUT ACCEPT
iptables -t nat -P PREROUTING ACCEPT
iptables -t nat -P POSTROUTING ACCEPT
iptables -t mangle -P PREROUTING ACCEPT
iptables -t mangle -P POSTROUTING ACCEPT
iptables -t mangle -P INPUT ACCEPT
iptables -t mangle -P OUTPUT ACCEPT
iptables -t mangle -P FORWARD ACCEPT
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
# ( FTP services ) :
iptables -A INPUT -i $ext_int -p tcp --dport 20 -d $ext_add -j ACCEPT
iptables -A INPUT -i $ext_int -p tcp --dport 21 -d $ext_add -j ACCEPT
/etc/proftpd.conf
ServerType inetd
DefaultServer on
UseReverseDNS off
IdentLookups off
Port 21
Umask 022
MaxInstances 30
MaxClients 50
User nobody
Group nobody
TimeoutIdle 1800
TimeoutStalled 1800
TimeoutNoTransfer 1800
TimeoutLogin 1800
TimesGMT off
AllowRetrieveRestart on
AllowOverwrite on
AllowStoreRestart on
<Directory /*>
AllowOverwrite on
<Limit LOGIN CWD MKD RMD RNFR RNTO DELE STOR RETR READ SITE_CHMOD>
# Order Deny,Allow
AllowUser xxxx
IgnoreHidden on
DenyAll
</Limit>
</Directory>
When upload around more than 10MB data to the ftp server, there is error
messages as the following :
STOR MySQL-client-5.1.44-1.glibc23.x86_64.rpm
150 Opening BINARY mode data connection for
MySQL-client-5.1.44-1.glibc23.x86_64.rpm
Transmitted 7359458 bytes in 155.5 secs, (464.13 Kbps), transfer succeeded
! Receive error: Blocking call cancelled
So, would you mind to help ?
Thanks !
Edward.
More information about the users
mailing list