proftpd & jail
trobalo at mrna.ist.utl.pt
trobalo at mrna.ist.utl.pt
Wed May 10 11:01:41 UTC 2006
we have a problem with proftp running in a jail
-> pf.conf
ext_if="em0"
ip_ext="*.*.*.*"
ip_jail="127.0.0.3"
rdr on $ext_if proto tcp from any to $ip_ext port 20 -> $ip_jail port 20
rdr on $ext_if proto tcp from any to $ip_ext port 21 -> $ip_jail port 21
rdr on $ext_if proto tcp from any to $ip_ext port 49152:52000 ->
$ip_jail port 49152:52000
pass in log quick on $ext_if proto tcp from any to $ip_jail port 20
flags S/SAFR keep state
pass in log quick on $ext_if proto tcp from any to $ip_jail port 21
flags S/SAFR keep state
pass in log quick on $ext_if proto tcp from any to $ip_jail port 49151
>< 52001
pass out log quick on $ext_if proto tcp from $ip_jail port 49151 ><
52001 to any
-> proftpd.conf
ServerName "SERVER X"
ServerType standalone
DefaultServer on
ScoreboardFile /var/run/proftpd.scoreboard
ExtendedLog /var/log/proftpd.log
AllowForeignAddress on
PassivePorts 49152 52000
IdentLookups off
DisplayConnect /etc/motd
Port 21
Umask 022
MaxInstances 30
User nobody
Group nogroup
AllowOverwrite on
<Limit SITE_CHMOD>
DenyAll
</Limit>
-> proftp log:
*.*.*.* UNKNOWN test [09/May/2006:10:36:23 +0100] "NOOP" 200 -
*.*.*.* UNKNOWN test [09/May/2006:10:36:23 +0100] "CWD
/usr/home/teste/" 250 -
*.*.*.* UNKNOWN test [09/May/2006:10:36:23 +0100] "TYPE A" 200 -
*.*.*.* UNKNOWN test [09/May/2006:10:36:23 +0100] "PASV" 227 -
*.*.*.* UNKNOWN test [09/May/2006:10:36:24 +0100] "USER anonymous" 331 -
*.*.*.* UNKNOWN nobody [09/May/2006:10:36:24 +0100] "PASS (hidden)" 530 -
*.*.*.* UNKNOWN test [09/May/2006:10:36:24 +0100] "NOOP" 200 -
*.*.*.* UNKNOWN test [09/May/2006:10:36:24 +0100] "CWD
/usr/home/test/" 250 -
*.*.*.* UNKNOWN test [09/May/2006:10:36:24 +0100] "TYPE A" 200 -
*.*.*.* UNKNOWN test [09/May/2006:10:36:24 +0100] "PASV" 227 -
*.*.*.* UNKNOWN nobody [09/May/2006:10:36:27 +0100] "USER test" 331 -
*.*.*.* UNKNOWN test [09/May/2006:10:36:27 +0100] "PASS (hidden)" 230 -
*.*.*.* UNKNOWN test [09/May/2006:10:36:27 +0100] "OPTS utf8 on" 501 -
*.*.*.* UNKNOWN test [09/May/2006:10:36:27 +0100] "PWD" 257 -
*.*.*.* UNKNOWN test [09/May/2006:10:36:27 +0100] "NOOP" 200 -
*.*.*.* UNKNOWN test [09/May/2006:10:36:27 +0100] "CWD
/usr/home/test/" 250 -
*.*.*.* UNKNOWN test [09/May/2006:10:36:27 +0100] "TYPE A" 200 -
*.*.*.* UNKNOWN test [09/May/2006:10:36:27 +0100] "PASV" 227 -
If we use ftp browse (firefox, IE) or ms-dos we can?t open ftp contents,
it appears the login window but after that show this error:
"An error occurred opening that folder on the FTP Server. Make sure that
you have permission to access that folder
drwx------ 3 test wheel 512 May 8 18:48 teste
using chmod 777 the error continues.
sugestions?
thanks a lot
More information about the freebsd-questions
mailing list