CSF MLSD FTP

[TaylordKris21]

Hi guys, apologies if this is in the wrong section. But I've ran out of options on what to do with this specific problem. I've done the research, and I can't seem figure out what it is. Other people keep getting the "MLSD" error on the FTP side. I can connect perfectly (probably because cPanel/Server recognizes im the admin IP (idk))

But the error they get is:

Response: 200 PORT command successful
Command: MLSD
Error: Connection timed out
Error: Failed to retrieve directory listing

I've made the proper modifications to my firewall, but I can't seem to figure out what else there is to do. I've modified the TCP IN/OUT UDP IN/OUT etc.

Any ideas guys?

[sawbuck]

Assume you've configured for PASV mode by confirming that the PassivePortRange isn't commented out in /etc/pure-ftpd.conf and also those ports are included in the TCP_IN section of CSF?

[TaylordKris21]

Yes. I've did that, check this out:

screencloud[dot]net/v/mihF

I also allowed 21 on TCP IN & Out. I have the 21, 22, etc.. does it make a difference if I did 1234:40000 etc? rather than 21,22, 23?

[sawbuck]

Comma separated single ports are okay.

We are using a colon separated range in TCP_IN for PASV - So 20,21,"etc",30000:35000

Also you might want to include 20 if you are using 21.

[TaylordKris21]

Yep, this is what I have:

screencloud[dot]net/v/1htv

could it just be because my server is old? idk what else it could be.

[TaylordKris21]

YES IT WORKS.. THANK YOU.

I had 30000 350000 in the file, but for some reason it wasn't working. I then took that out and manually put in 21,20 etc ..

thanks again !

[sawbuck]

Glad to help.

[Saytik]

Hello.

I have the same problem after enabling of range 30000:35000.

csf configuration:

# Allow incoming TCP ports
TCP_IN = "20,21,22,25,53,80,110,143,443,465,587,993,995,2077,2078,2082,2083,2086,2087,2095,2096,2626,81,30000:35000"
# Allow outgoing TCP ports
TCP_OUT = "20,21,22,25,37,43,53,80,110,113,443,587,873,2086,2087,2089,2703,81"

in pure-ftpd uncommented the PASSV range

PassivePortRange 30000 50000

test of csf:

perl /etc/csf/csftest_pl
Testing ip_tables/iptable_filter...OK
Testing ipt_LOG...OK
Testing ipt_multiport/xt_multiport...OK
Testing ipt_REJECT...OK
Testing ipt_state/xt_state...OK
Testing ipt_limit/xt_limit...OK
Testing ipt_recent...OK
Testing xt_connlimit...FAILED [Error: iptables: Unknown error 18446744073709551615] - Required for CONNLIMIT feature
Testing ipt_owner/xt_owner...OK
Testing iptable_nat/ipt_REDIRECT...OK
Testing iptable_nat/ipt_DNAT...OK
RESULT: csf will function on this server but some features will not work due to some missing iptables modules [1]

I have two Cpanl+csf VPSes on Openvz. One of VPSes returns "ok" during the Testing xt_connlimit. The Second VPS returns the following result:
Testing xt_connlimit...FAILED [Error: iptables: Unknown error 18446744073709551615]

I have tried to reboot VPS, but no luck. Is the problem in xt_connlimit ? How to fix ftp for my users ?

Thank you for any help

[Saytik]

FIXED :-)
by default in /etc/pure-ftpd.conf the port range 30000 50000.
I have changed 50000 to 35000 and now all is ok.