VSFTP Connection Refused Error

[Denda]

Hi All -
I have a Red Hat Enterprise server built. I'm going to use it as a ftp server in our DMZ. While building the system internally, vsftp worked great, once I had everything set up, I then changed my ip's and put it in our DMZ. As soon as I did that, the following is happening.

1) unable to ftp localhost -> gives connection refused error
2) vsftpd will not stop via service vsftpd stop, it gives a failed message
3) vsftpd will start via service vsftpd start, but ps -ef|grep vsftpd brings up nothing.. So the process is not actually starting from what I can tell
4) vsftpd is not writing to /var/log/vsftpd
5) /var/log/message just shows vsftpd started successfully & vsftpd stop failed....

HELP!! Thank you all for your time.

 

[mrregan]

What files are in your /etc/vsftpd directory

 

[Denda]

just vsftpd.conf.

I put it back internally and now I'm getting unknown error number error....

 

[thedaver]

I believe that Redhats run vsftpd under inetd by default? Thus you might be having contention for the port/service?

"killall vsftpd" should make it right.

check /etc/xinetd.d/ for conflicts

D.E.R. Management - IT Project Management Consulting

http://www.dermanagement.com/

 

[Denda]

vsftpd is not run under xinetd. It's a stand alone daemon. killall vsftpd does not 'kill' vsftpd, it comes back with failed.

 

[Annihilannic]

Which release of RHEL? What version of the vsftpd RPM?

What is the output of bash -x /etc/init.d/vsftpd start?

Annihilannic.

 

[Denda]

Red Hat Linux 3.2.3.54
vsftpd.1.2.1-3E.1.i386.rpm

ot@twbftp2 sbin]# bash -x /etc/init.d/vsftpd start
+ . /etc/rc.d/init.d/functions
++ TEXTDOMAIN=initscripts
++ umask 022
++ PATH=/sbin:/usr/sbin:/bin:/usr/bin:/usr/X11R6/bin
++ export PATH
++ '[' -z '' ']'
++ COLUMNS=80
++ '[' -z '' ']'
+++ /sbin/consoletype
++ CONSOLETYPE=pty
++ '[' -f /etc/sysconfig/i18n -a -z '' ']'
++ . /etc/sysconfig/i18n
+++ LANG=en_US.UTF-8
+++ SUPPORTED=en_US.UTF-8:en_US:en
+++ SYSFONT=latarcyrheb-sun16
++ '[' pty '!=' pty ']'
++ export LANG
++ '[' -z '' ']'
++ '[' -f /etc/sysconfig/init ']'
++ . /etc/sysconfig/init
+++ BOOTUP=color
+++ GRAPHICAL=yes
+++ RES_COL=60
+++ MOVE_TO_COL=echo -en \033[60G
+++ SETCOLOR_SUCCESS=echo -en \033[0;32m
+++ SETCOLOR_FAILURE=echo -en \033[0;31m
+++ SETCOLOR_WARNING=echo -en \033[0;33m
+++ SETCOLOR_NORMAL=echo -en \033[0;39m
+++ LOGLEVEL=3
+++ PROMPT=yes
++ '[' pty = serial ']'
++ '[' color '!=' verbose ']'
++ INITLOG_ARGS=-q
+ . /etc/sysconfig/network
++ NETWORKING=yes
++ HOSTNAME=twbftp2.twbcompany.com
+ '[' yes = no ']'
+ '[' -x /usr/sbin/vsftpd ']'
+ RETVAL=0
+ prog=vsftpd
+ start
+ '[' -d /etc/vsftpd ']'
++ ls /etc/vsftpd/vsftpd.conf
++ basename /etc/vsftpd/vsftpd.conf .conf
+ site=vsftpd
+ echo -n 'Starting vsftpd for vsftpd: '
Starting vsftpd for vsftpd: + /usr/sbin/vsftpd /etc/vsftpd/vsftpd.conf
+ RETVAL=0
+ '[' 0 -eq 0 ']'
+ touch /var/lock/subsys/vsftpd
+ success 'vsftpd vsftpd'
+ '[' -z '' ']'
+ initlog -q -n /etc/init.d/vsftpd -s 'vsftpd vsftpd' -e 1
+ '[' color '!=' verbose -a -z '' ']'
+ echo_success
+ '[' color = color ']'
+ echo -en '\033[60G'
+ echo -n '[ '
[ + '[' color = color ']'
+ echo -en '\033[0;32m'
+ echo -n OK
OK+ '[' color = color ']'
+ echo -en '\033[0;39m'
+ echo -n ' ]'
]+ echo -ne '\r'
+ return 0
+ return 0
+ echo

+ return 0
+ exit 0

Thanks!

 

[Annihilannic]

Looks fine.

What happens if you just type vsftpd /etc/vsftpd/vsftpd.conf? Does your prompt come back immediately? If so, try strace -f vsftpd /etc/vsftpd.conf and see if you can see any clues in the system calls it makes.

Annihilannic.

 

[Denda]

Thank you annihilannic!!

It looks as though I had inadvertantly put a page break in my vsftpd.conf file! Once I fixed that I could ftp internally again back & forth. I just put it back in our DMZ and will start testing again. Thank you!

 

[Denda]

Well... I'm back. I've got the system accepting ftp's now, however... It will only accept ftp's from my internal systems or the other systems within the DMZ. 10.53.X.X & 192.168.X.X. Anytime someone trys to connect from the outside they receive the following error-
ftp: connect :Unknown error number

Firewall is setup exactly like our current ftp server which works fine. The differences here are the following:
current ftp server - mandrake & proftp
new ftp server - red hat & vsftpd.

Any ideas? Thank you in advance..

 

[mrregan]

what are the contents of /etc/hosts.allow and hosts.deny?

 

[Denda]

hosts.deny -> nothing in there
hosts.allow has the following, BUT they are all commented out (just like the current ftp server that is working properly)

#ssh:170.103.XXX.
#sshd sshd1 sshd2 : ALL : ALLOW
#ssh:10.53.X.
#ssh:192.168.X.

X's have actual numbers in them in the file...

 

[Denda]

I just 'uncommented them' and an outside connection gets the response...

Connecting to 63.238.XXX.XXX

Sit's there for a second and then comes back with connection closed by host.

Where do I go from here & any reason why it's not needed with the proftpd server? Not a biggie, since that will be going away, just wondering..

 

[mrregan]

try this in the /etc/hosts.allow

vsftpd: all

 

[Denda]

oops, sorry. I missed that in typing, it is there.

 

[mrregan]

What does the /var/log/vsftpd.log show?

 

[mrregan]

If you are trying to connect from a windows machine, look in the internet tools\internet options\advanced and
check "use passive ftp

 

[Denda]

logs are being created, although nothing is being written to them...

 

[Denda]

passive ftp is already checked.. Good thought though..

 

[mrregan]

what about the contents of /var/log/secure?