Can't transfer anything with FTP

Question

I cant send or receive anything after connecting to FTP, but can remove files. I know that I didn't do a 'good job' with the iptables and now I need help.

Here is the output from iptables -L -n -v

Chain INPUT (policy DROP 16184 packets, 4360K bytes)
 pkts bytes target     prot opt in     out     source               destination         
 930  149K ACCEPT     all  --  *      *       127.0.0.1            0.0.0.0/0           
 4672 3279K ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            state RELATED,ESTABLISHED
    1    71 ACCEPT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0            udp dpt:53
    1    60 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:20000
   90  5200 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:10000
   28  1632 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:443
   39  2140 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:80
    1    60 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:993
    1    60 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:143
    1    60 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:995
    3   160 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:110
    1    60 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:53
    1    60 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:587
    1    60 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:20
    5   300 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:21
   21  1240 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:25

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain OUTPUT (policy ACCEPT 6260 packets, 4251K bytes)
 pkts bytes target     prot opt in     out     source               destination

If i change the input policy to accept everything works again but I dont want to do that. I tried to enable all the states for port 21 but still didn't work.

The firewalls rules you've shown are unhelpful, as they lack interface information. Could you replace them with the output of `iptables -L -n -v`? — MadHatter, Jun 23 '17 at 20:03
@MadHatter Okay i used iptables -L -n -v now hope that helps — Bill, Jun 23 '17 at 21:23
FTP uses ports 20, 21, and the ephemeral port range which is typically 49152 to 65535. — Tim, Jun 23 '17 at 21:30
I would also suggest this VSFTP specific answer of mine for some background: https://serverfault.com/a/555585/37681 — HBruijn, Jun 24 '17 at 09:29

score 1 · Accepted Answer · answered Jun 23 '17 at 22:10

1

There is two answers(one and two), both offer to use module ip_conntrack_ftp. Also in the second question, you could find answer with another solution with using net.netfilter.nf_conntrack_helper=1. Try those solutions.

answered Jun 23 '17 at 22:10

Alexander Tolkachev

4,513
3
14
23

the second answer did the trick! i have tried to enable states on port 21 but forgot to change it to port 20! When i changed it there too RELATED,ESTABLISHED everything worked both sending and receiving – Bill Jun 24 '17 at 12:05

Can't transfer anything with FTP

1 Answers1