On Saturday 02 November 2013, jdd wrote:
Le 02/11/2013 19:53, Ruediger Meier a écrit :
Have you tried from localhost again? ftp is a bit complicated for any port forwardding, iptables etc.
For me it looks like passive mode does not work. You could try ftp -A or for the server pasv_enable=NO
Finally, after lot of attempts, I could get a working config with:
write_enable=YES dirmessage_enable=YES nopriv_user=ftpsecure ls_recurse_enable=YES local_enable=YES anonymous_enable=NO connect_from_port_20=YES pam_service_name=vsftpd listen=YES pasv_min_port=30000 pasv_max_port=30100 anon_mkdir_write_enable=NO anon_root=/srv/ftp anon_upload_enable=NO ftpd_banner=Bienvenue sur le ftp de Nemo. pasv_enable=NO seccomp_sandbox=NO
There where *two* problems.
first seccomp_sandbox is *not* compatible with the openSUSE (yast) ssl options. I had to disable them to have vsftp launch with this last line.
then pasv works locally, but not remotely.
I yet have to test with wordpress, too late tomorrow :-)
but by the way:
* is it necessary to masquerade the port 20 (ftp_data)? I did it with no change
Don't know exactly yet. Usually you need to load kernel modules like Per mentioned (nf_conntrack_ipv6, nf_conntrack_ipv4, nf_conntrack_ftp, nf_nat_ftp ...) If you use /etc/sysconfig/SuSEfirewall2 FW_LOAD_MODULES="..." also see /etc/sysconfig/SuSEfirewall2.d/services/vsftpd Could be that yast firewall is able to set it up correctly somehow. cu, Rudi -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org