I have this problem, maybe you can help me. I am not able to upload files via FTP with CSF active. If I deactivate it I can upload without problems.
My FTP client is very old and has no options. It is part of custom software. It only connects without SSL and uploads files in ACTIVE mode. That's why I can't put it in PASSIVE mode, which surely works. I already have the range of ports open for passive mode.
Do you know if I should adjust something in CSF so that I can use FTP in ACTIVE mode?
Thank you so much
Can't upload files with FTP Active mode if CSF is enabled
Re: Can't upload files with FTP Active mode if CSF is enabled
Hello!
I found that we are blocking our customer FTP but I don't know why.
Jul 3 19:33:16 rivendell kernel: Firewall: *TCP_OUT Blocked* IN= OUT=eth0 SRC=SERVER_IP DST=FTPCLIENT_IP LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=11004 DF PROTO=TCP SPT=20 DPT=60028 WINDOW=29200 RES=0x00 SYN URGP=0 UID=0 GID=0
Jul 3 19:33:17 rivendell kernel: Firewall: *TCP_OUT Blocked* IN= OUT=eth0 SRC=SERVER_IP DST=FTPCLIENT_IP LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=11005 DF PROTO=TCP SPT=20 DPT=60028 WINDOW=29200 RES=0x00 SYN URGP=0 UID=0 GID=0
Port 20 IN and OUT is opened in CSF.
I found that we are blocking our customer FTP but I don't know why.
Jul 3 19:33:16 rivendell kernel: Firewall: *TCP_OUT Blocked* IN= OUT=eth0 SRC=SERVER_IP DST=FTPCLIENT_IP LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=11004 DF PROTO=TCP SPT=20 DPT=60028 WINDOW=29200 RES=0x00 SYN URGP=0 UID=0 GID=0
Jul 3 19:33:17 rivendell kernel: Firewall: *TCP_OUT Blocked* IN= OUT=eth0 SRC=SERVER_IP DST=FTPCLIENT_IP LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=11005 DF PROTO=TCP SPT=20 DPT=60028 WINDOW=29200 RES=0x00 SYN URGP=0 UID=0 GID=0
Port 20 IN and OUT is opened in CSF.
Re: Can't upload files with FTP Active mode if CSF is enabled
I fix this problem adding this to /etc/csf/csf.allow
tcp|out|s=20|s=SERVER_IP # active ftp port
Not sure if this will be insecure.
tcp|out|s=20|s=SERVER_IP # active ftp port
Not sure if this will be insecure.