FTP connecting but not fully???

[pce]

Hi there,

I know the title is a little strange but what is happening to my setup is also a little strange.

Previously I had been FreeNAS 8.0.4 and had FTP working fine, all files could be accessed via our internal and also external network. Just recently (2 weeks ago) I upgraded to version 8.3 and it has only just come to my attention that FTP no longer works. Using the windows mapped FTP link I get the error "Could not connect to server please ensure you have permission.......". When i try to access the FTP share via a FTP client program I see that the program can see the FTP share, can log on (I even get my FTP welcome message) but the contents of the FTP share never load and eventually the connection times out.

Has anyone else experienced this with their upgrade? Does anyone have any suggestions on how to solve this? I know it is not a port forwarding issue as i cannot access the FTP share from my internal network either.

Thank in advance :)

 

[pce]

Bump bump bump :)

 

[cyberjock]

Sounds to me like a permissions issue.

 

[pce]

Sounds to me like a permissions issue.

Yeah I originally thought so, but these permissions haven't changed since getting the set up to originally working. When I use FileZilla the connection times out after the client send the MLSD command - this led me to think that it might be a router configuration problem. But that doesn't explain why I can't access the server on the office internal network.

 

[cyberjock]

I assume you've googled MLSD and found stuff like...http://www.alvincheong.com/2010/08/ftp-server-hangs-at-mlsd-command-when-accessing-with-filezilla/

 

[pce]

I found this article - could not find equivalent conf file. Any suggestions?

 

[pce]

Ok so I think there's a problem with my freenas database file. I was looking through my proftpd.conf file and discovered that permission weren't set as they were displayed in the FTP web gui. I tried editting the conf file to no avail. Everytime I editted and saved my changes, the permissions would revert back to what i dont want them to be. I found a post

http://forums.freenas.org/archive/index.php/t-435.html

and made the change to the freenas database like in the link above but with appropriate permissions. Now my proftpd.conf file displays the correct permissions, but i still cannot access my FTP share. Could you please take a look at my conf file and suggest other problem sources?

proftpd.conf -----> (We have the masquerade IP set correctly, I just removed it)

ServerName "PCENAS.local FTP Server"
ServerType standalone
DefaultServer on
#Default Address PCENAS.local
UseIPv6 on
Port 21
User nobody
Group nogroup
Umask 666 777
SyslogFacility ftp
MultilineRFC2228 off
DisplayLogin /var/run/proftpd/proftpd.motd
DeferWelcome off
TimeoutIdle 600
TimeoutLogin 300
TimeoutNoTransfer 300
TimeoutStalled 3600
MaxInstances none
MaxClients 20
MaxConnectionsPerHost 20
MaxLoginAttempts 5
DefaultTransferMode ascii
AllowForeignAddress off
MasqueradeAddress
IdentLookups off
UseReverseDNS off
PassivePorts 30000 35000

<Limit LOGIN>
AllowAll
</Limit>

<Global>
RequireValidShell off
# DefaultRoot ~ !wheel
# RootLogin on
AllowOverwrite on
# AllowRetrieveRestart on
# AllowStoreRestart on
DeleteAbortedStores off


TimesGMT off
</Global>
<IfModule mod_ban.c>
BanEngine off
BanControlsACLs all allow group wheel
BanLog /var/log/proftpd/ban.log
BanMessage Host %a has been banned
# -m "mod_ban/rule"
# -v "concat(' BanOnEvent ',event,' ',occurrence,'/',timeinterval,' ',expire)" -n
# -b
BanTable /var/run/proftpd/ban.tab
</IfModule>


<IfModule mod_delay.c>
DelayEngine on
DelayTable "/var/run/proftpd/proftpd.delay"
</IfModule>

<IfModule mod_wrap.c>
TCPAccessFiles /etc/hosts.allow /etc/hosts.allow
TCPAccessSyslogLevels info warn
TCPServiceName ftpd
</ifModule>

 

[pce]

bump bump - I have some new information so hopefully someone could point out a problem :))))))

This is the output of testing from ftptest.net



Status: Resolving address of ***.xx.xx.xx
Status: Connecting to ***.xx.xx.xx
Status: Connected, waiting for welcome message
Reply: 220 ProFTPD 1.3.4a Server (PCENAS.local FTP Server) [***.xx.xx.xx]
Command: CLNT http://ftptest.net on behalf of ***.xx.xx.xx
Reply: 500 CLNT not understood
Command: USER PatI
Reply: 331 Password required for PatI
Command: PASS *********
Reply: 230-----Welcome to PCE Remote Access----
Reply: 230 User PatI logged in
Command: SYST
Reply: 215 UNIX Type: L8
Command: FEAT
Reply: 211-Features:
Reply: LANG ja-JP.UTF-8;ja-JP;zh-CN.UTF-8;zh-CN;ru-RU.UTF-8;ru-RU;zh-TW.UTF-8;zh-TW;bg-BG.UTF-8;bg-BG;it-IT.UTF-8;it-IT;ko-KR.UTF-8;ko-KR;en-US.UTF-8;en-US*;fr-FR.UTF-8;fr-FR
Reply: MDTM
Reply: MFMT
Reply: TVFS
Reply: UTF8
Reply: MFF modify;UNIX.group;UNIX.mode;
Reply: MLST modify*;perm*;size*;type*;unique*;UNIX.group*;UNIX.mode*;UNIX.owner*;
Reply: REST STREAM
Reply: SIZE
Reply: 211 End
Command: PWD
Reply: 257 "/mnt/PCE_RAID_POOL" is the current directory
Status: Current path is /mnt/PCE_RAID_POOL
Command: TYPE I
Reply: 200 Type set to I
Command: PASV
Reply: 227 Entering Passive Mode (***,xx,xx,xx,234,104).
Command: MLSD
Error: Could not establish data connection: Connection refused

The suggestion offered by the website were

• Make sure to enter the correct server address
• Ensure that the server is up and running.
• Check your firewall configuration, port 21 needs to be opened.
• Check your NAT router configuration, port 21 needs to be forwarded.
• In some cases your ISP might block that port. In this case configure the server to use a different port. Contact your ISP for details.

I have checked the router configuration and as suggested ports are open and forwarded (see attached config for a cisco router running IOS)

View attachment conf.txt

Can anyone please help me?