Mailinglist Archive: opensuse (4288 mails)
| < Previous | Next > |
Proftpd and NAT
- From: David List <david@xxxxxxxxxxxx>
- Date: Sat, 4 May 2002 13:06:23 +0200
- Message-id: <200205041106.g44B6NV03332@xxxxxxxxxxxxxxx>
I am trying to run a proftpd server on a SuSE Linux 7.3 system behind a NAT
router. The router is the property of my ISP and its port-configuration
cannot easily be changed. The TCP ports 21 and 53 and the UDP port 53 are
translated to the address 192.168.1.4 on my LAN. I have set up eth0:0 to be
192.168.1.4 on the proftpd system, and I can access the proftpd server from
within the LAN.
The proftpd server answers the address ftp.mydomain.dk, where 'mydomain' is
my registered domain name, when I access the ftp server from within the
LAN. I cannot access the proftpd server from the outside, however. I think
this is about the active/passive ftp problem, but this is my first attempt
to set up an ftp server, so I am not skilled in error-finding/correction
with ftp servers. How do I go about this?
It should be possible to run an ftp server with the Internet product I use.
I know that others are doing it.
Here is my /etc/proftpd.conf:
--------------------
ServerName "powered by SuSE Linux"
ServerType standalone
ServerAdmin ftpadm@xxxxxxxxxxxx
MasqueradeAddress ftp.davidlist.dk
ServerIdent on "FTP Server ready"
DeferWelcome off
DefaultServer on
AuthPAM on
AuthPAMAuthoritative on
AuthPAMConfig proftpd
Port 21
Umask 022
User nobody
Group nogroup
<Directory /*>
AllowOverwrite on
HiddenStor on
#HideNoAccess on
</Directory>
<Directory /*.ftp*>
<Limit ALL>
DenyAll
IgnoreHidden on
</Limit>
</Directory>
PathAllowFilter ".*/[a-zA-Z0-9]+$"
#PathAllowFilter ".*/[a-zA-Z0-9~ \*\/,_.-]+$"
DenyFilter "%"
MaxInstances 30
UseReverseDNS on
IdentLookups on
TimeoutStalled 300
ScoreboardPath /var/run/proftpd
TransferLog /var/log/xferlog
LogFormat default "%h %l %u %t \"%r\" %s %b"
LogFormat auth "%v [%P] %h %t \"%r\" %s"
LogFormat write "%h %l %u %t \"%r\" %s %b"
#ExtendedLog /var/log/proftpd.access_log WRITE,READ write
#ExtendedLog /var/log/proftpd.auth_log AUTH auth
ExtendedLog /var/log/proftpd.paranoid_log ALL default
DefaultRoot ~
DefaultChdir ~
#MaxLoginAttempts 3
RequireValidShell yes
<Anonymous ~ftp>
User ftp
Group public
UserAlias anonymous ftp
MaxClients 10
DisplayLogin msgs/welcome.msg
DisplayFirstChdir .message
<Directory *>
<Limit WRITE>
DenyAll
</Limit>
</Directory>
</Anonymous>
--------------------
Hope somebody can help. Thanks in advance.
Best regards,
David List
router. The router is the property of my ISP and its port-configuration
cannot easily be changed. The TCP ports 21 and 53 and the UDP port 53 are
translated to the address 192.168.1.4 on my LAN. I have set up eth0:0 to be
192.168.1.4 on the proftpd system, and I can access the proftpd server from
within the LAN.
The proftpd server answers the address ftp.mydomain.dk, where 'mydomain' is
my registered domain name, when I access the ftp server from within the
LAN. I cannot access the proftpd server from the outside, however. I think
this is about the active/passive ftp problem, but this is my first attempt
to set up an ftp server, so I am not skilled in error-finding/correction
with ftp servers. How do I go about this?
It should be possible to run an ftp server with the Internet product I use.
I know that others are doing it.
Here is my /etc/proftpd.conf:
--------------------
ServerName "powered by SuSE Linux"
ServerType standalone
ServerAdmin ftpadm@xxxxxxxxxxxx
MasqueradeAddress ftp.davidlist.dk
ServerIdent on "FTP Server ready"
DeferWelcome off
DefaultServer on
AuthPAM on
AuthPAMAuthoritative on
AuthPAMConfig proftpd
Port 21
Umask 022
User nobody
Group nogroup
<Directory /*>
AllowOverwrite on
HiddenStor on
#HideNoAccess on
</Directory>
<Directory /*.ftp*>
<Limit ALL>
DenyAll
IgnoreHidden on
</Limit>
</Directory>
PathAllowFilter ".*/[a-zA-Z0-9]+$"
#PathAllowFilter ".*/[a-zA-Z0-9~ \*\/,_.-]+$"
DenyFilter "%"
MaxInstances 30
UseReverseDNS on
IdentLookups on
TimeoutStalled 300
ScoreboardPath /var/run/proftpd
TransferLog /var/log/xferlog
LogFormat default "%h %l %u %t \"%r\" %s %b"
LogFormat auth "%v [%P] %h %t \"%r\" %s"
LogFormat write "%h %l %u %t \"%r\" %s %b"
#ExtendedLog /var/log/proftpd.access_log WRITE,READ write
#ExtendedLog /var/log/proftpd.auth_log AUTH auth
ExtendedLog /var/log/proftpd.paranoid_log ALL default
DefaultRoot ~
DefaultChdir ~
#MaxLoginAttempts 3
RequireValidShell yes
<Anonymous ~ftp>
User ftp
Group public
UserAlias anonymous ftp
MaxClients 10
DisplayLogin msgs/welcome.msg
DisplayFirstChdir .message
<Directory *>
<Limit WRITE>
DenyAll
</Limit>
</Directory>
</Anonymous>
--------------------
Hope somebody can help. Thanks in advance.
Best regards,
David List
| < Previous | Next > |