Forums

Resolved
0 votes
Hello! How can I use 21 port as ftp for home, but not for a flexshare? I have tried port forwarding, but it's not working. Errors 200 and 227.
Sunday, December 15 2019, 05:38 PM
Share this post:
Responses (2)
  • Accepted Answer

    Sunday, December 15 2019, 06:24 PM - #Permalink
    Resolved
    0 votes
    You have to change the flexshare definitions in /etc/proftp.d but the webconfig will keep overwriting your changes every time you update a flexshare. You also need to change /etc/proftpd.conf. I don't know if the webconfig will overwrite this but updates may well. It is possible to block the system from overwriting files with (chattr + i ....) but it may have unwanted side effects.

    Firewall redirects may be tricky. Although you think of ftp being on port 21, half the exchange is on port 20 unless you go passive. It is a horrible protocol like that. You wouldn't do a port forward to switch the port, but a redirect so a DNAT rule in the POSTROUTING chain. I have a feeling port information is exchanged in the ftp negotiation.
    The reply is currently minimized Show
  • Accepted Answer

    Monday, December 16 2019, 05:34 PM - #Permalink
    Resolved
    0 votes
    Nick Howitt wrote:

    You have to change the flexshare definitions in /etc/proftp.d but the webconfig will keep overwriting your changes every time you update a flexshare. You also need to change /etc/proftpd.conf. I don't know if the webconfig will overwrite this but updates may well. It is possible to block the system from overwriting files with (chattr + i ....) but it may have unwanted side effects.

    Firewall redirects may be tricky. Although you think of ftp being on port 21, half the exchange is on port 20 unless you go passive. It is a horrible protocol like that. You wouldn't do a port forward to switch the port, but a redirect so a DNAT rule in the POSTROUTING chain. I have a feeling port information is exchanged in the ftp negotiation.


    I think, I've solved this problem. 2 mistakes: 1. I was testing external ftp from home computer, but with vpn. Without vpn there was no connection to ftp at all. I've opened ftp port by firewall and connected to 21 and 2121 normally. 2. I was forwarding external 20-21 port to internal 2120-2121 port. After I've changed forward rule to external 20-21 - external 2120-2121 - BINGO! I still thinking do I need to forward 20 to 2120? But I'm not going to experement with it right now.
    The reply is currently minimized Show
Your Reply