[FUG-BR] proftpd jailed

Gilberto Villani Brito linux em giboia.org
Qua Maio 10 11:31:00 BRT 2006


Tente mudar o modo passivo ou ativo usando o comando pass no seu cliente de ftp.

Abraços
Gilberto



On Tue, 09 May 2006 22:04:51 +0100
Tiago André Robalo <trobalo at mrna.ist.utl.pt> wrote:

> ftp> ls
> 200 PORT command successful
> 425 Unable to build data connection: Operation timed out
> ftp>
> 
> 
> Tiago André Robalo wrote:
> > Afinal em ms-dos não consigo ver os files, não me lista nada...
> > 
> > No log do proftpd nao vejo nenhum erro...
> > 
> > Sugestões?
> > 
> > Gilberto Villani Brito wrote:
> > 
> >>Estranho, pois meu proftpd roda como nobody e todos os diretórios dos meus usuários
> >>são do nobody e nogroup, mas eu uso um arquivo de senhas separado do sistema.
> >>--- proftpd.conf
> >>...
> >>AuthUserFile                    /etc/passwd.ftp
> >>...
> >>--- proftpd.conf
> >>
> >>Abraços
> >>Gilberto
> >>
> >>
> >>On Tue, 09 May 2006 15:22:40 +0100
> >>Tiago André Robalo <trobalo at mrna.ist.utl.pt> wrote:
> >>
> >>
> >>
> >>>O usuário teste é a share que estou tentar aceder. Não tem a ver com o 
> >>>owner do proftpd.
> >>>
> >>>
> >>>Tiago
> >>>
> >>>Gilberto Villani Brito wrote:
> >>>
> >>>
> >>>>O proftpd esta rodando com o usuário nobody e o grupo nogroup e o diretório teste
> >>>>pertence ao usuário teste e ao grupo wheel.
> >>>>Acredito que seja isso.
> >>>>
> >>>>Abraços
> >>>>Gilberto
> >>>>
> >>>>
> >>>>
> >>>>On Tue, 09 May 2006 11:42:33 +0200
> >>>>trobalo at mrna.ist.utl.pt wrote:
> >>>>
> >>>>
> >>>>
> >>>>
> >>>>>Tenho aqui 1 problema com o proftpd a correr numa jail.
> >>>>>
> >>>>>-> pf.conf
> >>>>>
> >>>>>ext_if="em0"
> >>>>>
> >>>>>ip_ext="*.*.*.*"
> >>>>>
> >>>>>ip_jail="127.0.0.3"
> >>>>>
> >>>>>rdr on $ext_if proto tcp from any to $ip_ext port 21 -> $ip_jail port 21
> >>>>>rdr on $ext_if proto tcp from any to $ip_ext port 49152:52000 ->  
> >>>>>$ip_jail port 49152:52000
> >>>>>
> >>>>>pass in log quick on $ext_if proto tcp from any to $ip_jail port 21  
> >>>>>flags S/SAFR keep state
> >>>>>
> >>>>>pass in log quick on $ext_if proto tcp from any to $ip_jail port 49151  
> >>>>>
> >>>>>
> >>>>>>< 52001
> >>>>>
> >>>>>pass out log quick on $ext_if proto tcp from $ip_jail port 49151 ><  
> >>>>>52001 to any
> >>>>>
> >>>>>
> >>>>>-> proftpd.conf
> >>>>>
> >>>>>ServerName                      "SERVER X"
> >>>>>ServerType                      standalone
> >>>>>DefaultServer                   on
> >>>>>ScoreboardFile                  /var/run/proftpd.scoreboard
> >>>>>ExtendedLog                     /var/log/proftpd.log
> >>>>>
> >>>>>AllowForeignAddress on
> >>>>>PassivePorts 49152 52000
> >>>>>IdentLookups off
> >>>>>UseReverseDNS off
> >>>>>DefaultRoot ~ !wheel
> >>>>>
> >>>>>DisplayConnect /etc/motd
> >>>>>Port                            21
> >>>>>Umask                           022
> >>>>>
> >>>>>MaxInstances                    30
> >>>>>
> >>>>>User                            nobody
> >>>>>Group                           nogroup
> >>>>>
> >>>>>AllowOverwrite          on
> >>>>>
> >>>>><Limit SITE_CHMOD>
> >>>>> DenyAll
> >>>>></Limit>
> >>>>>
> >>>>>
> >>>>>No log do proftpd apenas surge isto quando acesso via browser:
> >>>>>
> >>>>>
> >>>>>*.*.*.* UNKNOWN teste [09/May/2006:10:36:23 +0100] "NOOP" 200 -
> >>>>>*.*.*.* UNKNOWN teste [09/May/2006:10:36:23 +0100] "CWD  
> >>>>>/usr/home/teste/" 250 -
> >>>>>*.*.*.* UNKNOWN teste [09/May/2006:10:36:23 +0100] "TYPE A" 200 -
> >>>>>*.*.*.* UNKNOWN teste [09/May/2006:10:36:23 +0100] "PASV" 227 -
> >>>>>*.*.*.* UNKNOWN teste [09/May/2006:10:36:24 +0100] "USER anonymous" 331 -
> >>>>>*.*.*.* UNKNOWN nobody [09/May/2006:10:36:24 +0100] "PASS (hidden)" 530 -
> >>>>>*.*.*.* UNKNOWN teste [09/May/2006:10:36:24 +0100] "NOOP" 200 -
> >>>>>*.*.*.* UNKNOWN teste [09/May/2006:10:36:24 +0100] "CWD  
> >>>>>/usr/home/teste/" 250 -
> >>>>>*.*.*.* UNKNOWN teste [09/May/2006:10:36:24 +0100] "TYPE A" 200 -
> >>>>>*.*.*.* UNKNOWN teste [09/May/2006:10:36:24 +0100] "PASV" 227 -
> >>>>>*.*.*.* UNKNOWN nobody [09/May/2006:10:36:27 +0100] "USER teste" 331 -
> >>>>>*.*.*.* UNKNOWN teste [09/May/2006:10:36:27 +0100] "PASS (hidden)" 230 -
> >>>>>*.*.*.* UNKNOWN testee [09/May/2006:10:36:27 +0100] "OPTS utf8 on" 501 -
> >>>>>*.*.*.* UNKNOWN teste [09/May/2006:10:36:27 +0100] "PWD" 257 -
> >>>>>*.*.*.* UNKNOWN teste [09/May/2006:10:36:27 +0100] "NOOP" 200 -
> >>>>>*.*.*.* UNKNOWN teste [09/May/2006:10:36:27 +0100] "CWD  
> >>>>>/usr/home/teste/" 250 -
> >>>>>*.*.*.* UNKNOWN teste [09/May/2006:10:36:27 +0100] "TYPE A" 200 -
> >>>>>*.*.*.* UNKNOWN teste [09/May/2006:10:36:27 +0100] "PASV" 227 -
> >>>>>
> >>>>>
> >>>>>Sempre que acedo via firefox ou IE não consigo abrir o FTP, ele mostra  
> >>>>>a janela de login mas depois devolve 1 mensagem onde diz que para  
> >>>>>verificar as permissões da folder e que a ligação ao servidor não é  
> >>>>>possível.
> >>>>>
> >>>>>drwx------   3 teste  wheel  512 May  8 18:48 teste
> >>>>>
> >>>>>Contudo, se aceder via ms-dos
> >>>>>
> >>>>>fazendo ftp
> >>>>>open *.*.*.*
> >>>>>
> >>>>>ele pede o login e abre o FTP.
> >>>>>
> >>>>>Na firewall nao vejo nada a ser bloqueado...
> >>>>>
> >>>>>Alguma ideia?
> >>>>>
> >>>>>
> >>>>>
> >>>>>
> >>>>>
> >>>>>
> >>>>>
> >>>>>-------------------------
> >>>>>Histórico: http://www.fug.com.br/historico/html/freebsd/
> >>>>>Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd
> >>>>>
> >>>>
> >>>>-------------------------
> >>>>Histórico: http://www.fug.com.br/historico/html/freebsd/
> >>>>Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd
> >>>
> >>>-------------------------
> >>>Histórico: http://www.fug.com.br/historico/html/freebsd/
> >>>Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd
> >>>
> >>
> >>-------------------------
> >>Histórico: http://www.fug.com.br/historico/html/freebsd/
> >>Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd
> > 
> > -------------------------
> > Histórico: http://www.fug.com.br/historico/html/freebsd/
> > Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd
> -------------------------
> Histórico: http://www.fug.com.br/historico/html/freebsd/
> Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd
> 


Mais detalhes sobre a lista de discussão freebsd