Vsftpd and iptables problem : LIST command does not work

Question

general

Hi,

I am using CentOS 5.5 [Latest 2.6 Stable (2.6.18)]

Installed vsftpd with TLS.

I am able to connect to FTP site but LIST command is failing. If I disbale my iptables then the LIST command works fine.

I tried following command

modprobe ip_conntrack

modprobe ipconntrackftp

But it says no such module.

I do not want to open port above 1024 for passive FTP to work.

Filezilla status

18:38:37 Status: Retrieving directory listing…

18:38:37 Command: PWD

18:38:37 Response: 257 "/"

18:38:37 Command: TYPE I

18:38:37 Response: 200 Switching to Binary mode.

18:38:37 Command: PASV

18:38:38 Response: 227 Entering Passive Mode (121,121,198,152,255,8)

18:38:38 Command: LIST

18:38:59 Error: GnuTLS error -53: Error in the push function.

18:39:38 Response: 425 Failed to establish connection.

What can be done?

Richard

http://www.vasaiflowers.com

forum:richardvc · Answer 1 · Dec. 20, 2010, 1:35 p.m.

I used following rule in iptables

-A INPUT -p tcp -s 0/0 –source-port 1024: --destination-port 64100:64200 --syn -j ACCEPT

and I mentioned above ports in vsftpd as min and max …

pasv_enable=YES

pasvminport=64100

pasvmaxport=64200