ConfigServer Community Forum

Peer support forums for ConfigServer Scripts
https://mail.forum.configserver.com/

Can't upload files with FTP Active mode if CSF is enabled

https://mail.forum.configserver.com/viewtopic.php?t=13176

Page 1 of 1

Can't upload files with FTP Active mode if CSF is enabled

Posted: 01 Jul 2024, 23:12
by benitomdq
I have this problem, maybe you can help me. I am not able to upload files via FTP with CSF active. If I deactivate it I can upload without problems.

My FTP client is very old and has no options. It is part of custom software. It only connects without SSL and uploads files in ACTIVE mode. That's why I can't put it in PASSIVE mode, which surely works. I already have the range of ports open for passive mode.

Do you know if I should adjust something in CSF so that I can use FTP in ACTIVE mode?

Thank you so much

Re: Can't upload files with FTP Active mode if CSF is enabled

Posted: 03 Jul 2024, 23:47
by benitomdq
Hello!

I found that we are blocking our customer FTP but I don't know why.

Jul 3 19:33:16 rivendell kernel: Firewall: *TCP_OUT Blocked* IN= OUT=eth0 SRC=SERVER_IP DST=FTPCLIENT_IP LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=11004 DF PROTO=TCP SPT=20 DPT=60028 WINDOW=29200 RES=0x00 SYN URGP=0 UID=0 GID=0
Jul 3 19:33:17 rivendell kernel: Firewall: *TCP_OUT Blocked* IN= OUT=eth0 SRC=SERVER_IP DST=FTPCLIENT_IP LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=11005 DF PROTO=TCP SPT=20 DPT=60028 WINDOW=29200 RES=0x00 SYN URGP=0 UID=0 GID=0

Port 20 IN and OUT is opened in CSF.

Re: Can't upload files with FTP Active mode if CSF is enabled

Posted: 05 Jul 2024, 00:24
by benitomdq
I fix this problem adding this to /etc/csf/csf.allow

tcp|out|s=20|s=SERVER_IP # active ftp port

Not sure if this will be insecure.
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited