I’m trying to offload some work to my server running quickbox; namely my security cameras. They’re older cameras only support passive non-secure FTP uploads. I’ve been searching and reading, and everything tells me this should work using port 5757. However, when I try to test the connection using FileZilla (and the Cameras) they don’t want to connect. The error message given in FileZilla is “Failed to retrieve directory listing”. From what I can tell they can authenticate and connect, but some permissions issue is blocking access to the directory? I’m not sure if this is a linux or a quickbox issue, as I’m a bit over my head here. If anyone can advise, I’d appreciate it. What all do I need to do to make this work?
A quick Google returned this: https://my.wirenine.com/knowledgebase/140/How-to-fix-failed-to-retrieve-directory-listing-error-in-FileZilla-FTP.html
I’ve played with those settings, but it doesn’t seem to be the issue. I believe it’s an issue with the CSF install done via quickbox. When I set my IP for quick allow under CSF, it connects just fine. When I remove the quick allow, the non-secure FTP fails to get a response with the directory listing.
Checking the CSF configuration, the port 5757 is allowed both in and out for TCP and UDP under IPv4. I know from some additional reading on Google, Active mode FTP will use port 21 to connect, but port 20 to receive information back (unclear terminology here, sorry. Rough understanding from what I’ve found). So this brings me to my new question — Does Quickbox change the default port 20, that is used with active FTP?
I have tested just allowing port 20 for TCP and UDP under IPv4, but it still doesn’t work.
What are the contents of your /etc/vsftpd.conf file?
listen=YES
anonymous_enable=NO
guest_enable=NO
dirmessage_enable=YES
dirlist_enable=YES
download_enable=YES
secure_chroot_dir=/var/run/vsftpd/empty
chroot_local_user=YES
chroot_list_file=/etc/vsftpd.chroot_list
passwd_chroot_enable=YES
allow_writeable_chroot=YES
pam_service_name=vsftpd
ssl_enable=YES
allow_anon_ssl=NO
force_local_data_ssl=NO
force_local_logins_ssl=NO
ssl_tlsv1=YES
ssl_sslv2=NO
ssl_sslv3=NO
require_ssl_reuse=NO
ssl_request_cert=YES
ssl_ciphers=HIGH
rsa_cert_file=/etc/ssl/private/vsftpd.pem
local_enable=YES
write_enable=YES
local_umask=022
max_per_ip=0
pasv_enable=YES
port_enable=YES
pasv_promiscuous=NO
port_promiscuous=NO
pasv_min_port=10090
pasv_max_port=10100
listen_port=5757
seccomp_sandbox=no
utf8_filesystem=YES
pasv_address=Will you comment out the line:
pasv_address=
like so…
#pasv_address=
Then save and issue a restart to the vsftpd service with service vsftpd restart. See if that yields proper results for you.
In addition to commenting out the pasv address, I had to add the passive port ranges 10090:10100 to CSF for incoming TCP connections. It’s working now. Thanks for pointing me to the vsftpd config.
1 Like
This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.