Firewall Beta and FTP
Hello!
I have enabled the new beta firewall on my linodes and am very happy. I have one issue. Using Filezilla as client with Centos/cPanel I am connecting but not getting a directly listing.
Ports 20 and 21 are open.
Turn the firewall off and connection is fine. I know Filezilla can be problematic. I have played with Filezilla setting to no avail. With the firewall off nmap shows nothing unusual.
Any feedback would be great!
Thank you!
Art
1 Reply
jdutton
Linode Staff
Hey Art - I tried to recreate this issue with a similar setup (different distro), but I didn't encounter any connection issues with or without Cloud Firewalls enabled.
I'm not using cPanel, but here's the setup I used:
- Distro: Debian 10
- FTP connection client: FileZilla
- FTP server (Linode): vsftpd
- Cloud Firewalls rules: allow ports 21 and 22
- Confirmed services listening on both ports 21 and 22:
nmap -p 21,22 <IPAddress>
Starting Nmap 7.91 ( https://nmap.org ) at 2021-03-30 13:59 EDT
Nmap scan report for URL.members.linode.com (<IPAddress>)
Host is up (0.059s latency).
PORT STATE SERVICE
21/tcp open ftp
22/tcp open ssh
Using FileZilla, I was able to connect and get directory listings over ports 21 (FTP) and 22 (SFTP) with two different users with and without Cloud Firewalls enabled.
Keep in mind that Cloud Firewalls act as a drop list by default, so any rules you set are for allowing traffic over a specified port or IP range. I'm not sure how your Cloud Firewall rules are configured, but I'd give them a once-over to make sure they're not inadvertently blocking your traffic. If everything looks fine there, it also can't hurt updating both your Linode and FileZilla software versions to help rule out software as an issue.
Also of note: Connecting over port 22 (SFTP) is generally more secure that connecting over either ports 20 or 21. I might look to try connecting over port 22 if that still works for your use case.