Pages

Friday, September 19, 2014

Enableing passive mode in FTP server with CSF firewall

Passive mode is always very important for ftp servers, if you are running csf firewall and cannot connect to ftp server then it means that range of passive ports is blocked in firewall. Here are simple steps

1) Add Passive Port range 30000-350000 to your Pureftp or Proftp configuration file

i) For Pure FTP

open /etc/pure-ftpd.conf, and this line

PassivePortRange    30000 35000

ii) For pro FTP

Open /etc/proftpd.conf, and add this line

PassivePorts    30000 35000

iii) Now add these ports in CSF config

Open /etc/csf/csf.conf

# Allow incoming TCP ports
TCP_IN = "20,21,22,25,53,80,110,30000:35000"

iv) restart csf and ftp

service csf restart
service pureftpd restart (or)
service proftpd restart

Now you will not get error while connecting to ftp
That's it!

No comments:

Post a Comment