FTP connection error

I have done these things:
1- Allowed SSH Access “bash” from the package.
2- Allowed SSH Access “bash” to user
3- Already opened ports 20, 21, 12000-12100 from server’s networks.
4- Confirmed all the ports 20, 21, 12000-12100 open in firewal of hestiacp.
5- Rebooted the server and hestiacp
6- create ftp Credentials
7- using winSCP

Fact: using proftpd.

Problem: An error always come i.e.
Lost Connection
"Timeout detected. (control connection)
Could not retrieve directory listing
Error listing directory ‘/’.

Screenshot (193)_cr
Screenshot (192)_cr

Please help to solve this.

Thanks in advance

The error you’re encountering is common in FTP connections and usually relates to issues with passive mode configuration, firewall settings, or network address translation (NAT).

Steps to Resolve the Issue:

1. Verify Passive Mode Configuration in ProFTPD:

Ensure that the ProFTPD server is properly configured to use passive mode. Edit the ProFTPD configuration file, usually located at /etc/proftpd/proftpd.conf, and make sure it includes the following directives:

PassivePorts 12000 12100
MasqueradeAddress <your_public_IP_address>

  • PassivePorts specifies the range of ports you’ve opened (12000-12100).
  • MasqueradeAddress should be set to your public IP address, especially if the server is behind a NAT.

2. Firewall Settings:

Even though you’ve opened the ports, double-check the firewall rules to ensure that the necessary ports are allowed:

sudo ufw allow 21/tcp
sudo ufw allow 12000:12100/tcp

Confirm the firewall status with:

sudo ufw status

3. Check WinSCP Settings:

Ensure that WinSCP is configured to use passive mode. Passive mode is typically required because it allows the client to establish the data connection, which helps avoid firewall issues.

4. Review ProFTPD Logs:

Check the ProFTPD logs for any specific errors that might indicate the root cause of the issue. You can view the logs with:

tail -f /var/log/proftpd/proftpd.log

This log file may provide more detailed information on what is going wrong during the connection.

5. Test the Connection:

After making the changes, attempt to reconnect using WinSCP. If the problem persists, try testing the FTP connection with a different client or from a different network to rule out network-related issues.

Additional Considerations:

  • NAT and Router Configuration: If your server is behind a router or firewall that performs NAT, ensure that the necessary ports are forwarded correctly to your server’s internal IP address.
  • Check for ISP Restrictions: Some ISPs block FTP ports by default. Ensure that your ISP isn’t blocking any of the ports you’re using.

If these steps do not resolve the issue, consider providing more details from the ProFTPD logs or test with a different FTP client to gather additional clu

what is this a chatgpt reply?

1 Like

this all is not working. the error is same and still remain.

Yes, When I asked to chatgpt for this problem the same solution provided to me too.

means, you are right.

But the error is still remain, becuase this solution is not working.

Should I remove proftpd and install another ftp server for hestiacp?

Could you please show the proftpd conf?

cat /etc/proftpd/proftpd.log

Also, the iptables rules:

iptables -S
iptables -S -t nat
1 Like

I didn’t realize about this comment. Are you behind NAT? If the answer is yes, you could check WinSCP log (maybe you must activate it, as far as I know it is disabled by default) and check if in the session log you see this line:

2024-09-03 13:03:43.801 227 Entering Passive Mode (A,B,C,D,E,F).

Where A,B,C,D must be your public ip address if it isn’t, you should edit proftpd.conf and add this directive:

Note: replace 203.0.113.1 by your actual public ip.

MasqueradeAddress 203.0.113.1

Restart proftpd and try again.

1 Like

Thanks for your interest and support.
This is the full text of session log file of winSCP i.e.

. 2024-09-03 18:24:28.543 --------------------------------------------------------------------------
. 2024-09-03 18:24:28.546 WinSCP Version 6.3.4 (Build 14955 2024-06-17) (OS 10.0.22631 – Windows 10 Enterprise)
. 2024-09-03 18:24:28.546 Configuration: HKCU\Software\Martin Prikryl\WinSCP 2
. 2024-09-03 18:24:28.548 Log level: Normal
. 2024-09-03 18:24:28.548 Local account: DGA-PERSONAL-PC\dga
. 2024-09-03 18:24:28.548 Working directory: C:\Program Files (x86)\WinSCP
. 2024-09-03 18:24:28.548 Process ID: 46488
. 2024-09-03 18:24:28.590 Ancestor processes: explorer, …
. 2024-09-03 18:24:28.617 Command-line: “C:\Program Files (x86)\WinSCP\WinSCP.exe”
. 2024-09-03 18:24:28.617 Time zone: Current: GMT+5:30 (India Standard Time), No DST
. 2024-09-03 18:24:28.617 Login time: 03 September 2024 18:24:28
. 2024-09-03 18:24:28.617 --------------------------------------------------------------------------
. 2024-09-03 18:24:28.617 Session name: [email protected] (Site)
. 2024-09-03 18:24:28.617 Host name: 123.456.789.012 (Port: 21)
. 2024-09-03 18:24:28.617 User name: user1_domain.com (Password: Yes, Key file: No, Passphrase: No)
. 2024-09-03 18:24:28.622 Transfer Protocol: FTP
. 2024-09-03 18:24:28.622 Ping type: Dummy, Ping interval: 30 sec; Timeout: 15 sec
. 2024-09-03 18:24:28.622 Disable Nagle: No
. 2024-09-03 18:24:28.622 Proxy: None
. 2024-09-03 18:24:28.622 Send buffer: 262144
. 2024-09-03 18:24:28.622 UTF: Auto
. 2024-09-03 18:24:28.622 FTPS: None [Client certificate: No]
. 2024-09-03 18:24:28.622 FTP: Passive: Yes [Force IP: Auto]; MLSD: Auto [List all: Auto]; HOST: Auto
. 2024-09-03 18:24:28.622 Local directory: default, Remote directory: home, Update: Yes, Cache: Yes
. 2024-09-03 18:24:28.622 Cache directory changes: Yes, Permanent: Yes
. 2024-09-03 18:24:28.622 Recycle bin: Delete to: No, Overwritten to: No, Bin path:
. 2024-09-03 18:24:28.622 Timezone offset: 0h 0m
. 2024-09-03 18:24:28.622 --------------------------------------------------------------------------
. 2024-09-03 18:24:28.779 Connecting to 123.456.789.012 …
. 2024-09-03 18:24:28.780 Connected with 123.456.789.012. Waiting for welcome message…
< 2024-09-03 18:24:28.812 220 FTP Server ready.

2024-09-03 18:24:28.812 USER user1_domain.com
< 2024-09-03 18:24:28.853 331 Password required for user1_domain.com
2024-09-03 18:24:28.853 PASS ****************
< 2024-09-03 18:24:28.940 230 User user1_domain.com logged in
2024-09-03 18:24:28.940 SYST
< 2024-09-03 18:24:28.973 215 UNIX Type: L8
2024-09-03 18:24:28.976 FEAT
< 2024-09-03 18:24:29.004 211-Features:
< 2024-09-03 18:24:29.004 CLNT
< 2024-09-03 18:24:29.004 EPRT
< 2024-09-03 18:24:29.004 EPSV
< 2024-09-03 18:24:29.009 HOST
< 2024-09-03 18:24:29.009 LANG C.UTF-8*
< 2024-09-03 18:24:29.009 MDTM
< 2024-09-03 18:24:29.009 MFF modify;UNIX.group;UNIX.mode;
< 2024-09-03 18:24:29.009 MFMT
< 2024-09-03 18:24:29.009 MLST modify*;perm*;size*;type*;unique*;UNIX.group*;UNIX.groupname*;UNIX.mode*;UNIX.owner*;UNIX.ownername*;
< 2024-09-03 18:24:29.009 RANG STREAM
< 2024-09-03 18:24:29.009 REST STREAM
< 2024-09-03 18:24:29.009 SIZE
< 2024-09-03 18:24:29.009 TVFS
< 2024-09-03 18:24:29.009 UTF8
< 2024-09-03 18:24:29.009 211 End
2024-09-03 18:24:29.009 CLNT WinSCP-release-6.3.4
< 2024-09-03 18:24:29.035 200 OK
2024-09-03 18:24:29.035 OPTS UTF8 ON
< 2024-09-03 18:24:29.067 200 UTF8 set to on
. 2024-09-03 18:24:29.114 Connected
. 2024-09-03 18:24:29.116 --------------------------------------------------------------------------
. 2024-09-03 18:24:29.116 Using FTP protocol.
. 2024-09-03 18:24:29.116 Doing startup conversation with host.
2024-09-03 18:24:29.145 PWD
< 2024-09-03 18:24:29.177 257 “/” is the current directory
. 2024-09-03 18:24:29.177 Getting current directory name.
. 2024-09-03 18:24:29.240 Retrieving directory listing…
2024-09-03 18:24:29.240 TYPE A
< 2024-09-03 18:24:29.273 200 Type set to A
2024-09-03 18:24:29.303 PASV
< 2024-09-03 18:24:29.336 227 Entering Passive Mode (152,67,2,44,47,52)
2024-09-03 18:24:29.350 MLSD
. 2024-09-03 18:24:29.350 Connecting to 123.456.789.012:12084 …
. 2024-09-03 18:24:44.373 Data connection closed
. 2024-09-03 18:24:44.373
. 2024-09-03 18:24:59.816 Timeout detected. (control connection)
. 2024-09-03 18:24:59.816 Could not retrieve directory listing

  • 2024-09-03 18:24:59.959 (EFatal) Lost connection.
  • 2024-09-03 18:24:59.959 Timeout detected. (control connection)
  • 2024-09-03 18:24:59.959 Could not retrieve directory listing
  • 2024-09-03 18:24:59.959 Error listing directory ‘/’.
    . 2024-09-03 18:26:56.056 --------------------------------------------------------------------------
    . 2024-09-03 18:26:56.056 WinSCP Version 6.3.4 (Build 14955 2024-06-17) (OS 10.0.22631 – Windows 10 Enterprise)
    . 2024-09-03 18:26:56.056 Configuration: HKCU\Software\Martin Prikryl\WinSCP 2
    . 2024-09-03 18:26:56.056 Log level: Normal
    . 2024-09-03 18:26:56.056 Local account: DGA-PERSONAL-PC\dga
    . 2024-09-03 18:26:56.056 Working directory: C:\Program Files (x86)\WinSCP
    . 2024-09-03 18:26:56.056 Process ID: 46488
    . 2024-09-03 18:26:56.056 Ancestor processes: explorer, …
    . 2024-09-03 18:26:56.056 Command-line: “C:\Program Files (x86)\WinSCP\WinSCP.exe”
    . 2024-09-03 18:26:56.056 Time zone: Current: GMT+5:30 (India Standard Time), No DST
    . 2024-09-03 18:26:56.056 Login time: 03 September 2024 18:26:56
    . 2024-09-03 18:26:56.056 --------------------------------------------------------------------------
    . 2024-09-03 18:26:56.056 Session name: [email protected] (Site)
    . 2024-09-03 18:26:56.056 Host name: 123.456.789.012 (Port: 21)
    . 2024-09-03 18:26:56.056 User name: user1_domain.com (Password: Yes, Key file: No, Passphrase: No)
    . 2024-09-03 18:26:56.056 Transfer Protocol: FTP
    . 2024-09-03 18:26:56.056 Ping type: Dummy, Ping interval: 30 sec; Timeout: 15 sec
    . 2024-09-03 18:26:56.056 Disable Nagle: No
    . 2024-09-03 18:26:56.056 Proxy: None
    . 2024-09-03 18:26:56.056 Send buffer: 262144
    . 2024-09-03 18:26:56.056 UTF: Auto
    . 2024-09-03 18:26:56.056 FTPS: None [Client certificate: No]
    . 2024-09-03 18:26:56.056 FTP: Passive: Yes [Force IP: Auto]; MLSD: Auto [List all: Auto]; HOST: Auto
    . 2024-09-03 18:26:56.056 Local directory: default, Remote directory: home, Update: Yes, Cache: Yes
    . 2024-09-03 18:26:56.056 Cache directory changes: Yes, Permanent: Yes
    . 2024-09-03 18:26:56.056 Recycle bin: Delete to: No, Overwritten to: No, Bin path:
    . 2024-09-03 18:26:56.056 Timezone offset: 0h 0m
    . 2024-09-03 18:26:56.056 --------------------------------------------------------------------------
    . 2024-09-03 18:26:56.230 Connecting to 123.456.789.012 …
    . 2024-09-03 18:26:56.230 Connected with 123.456.789.012. Waiting for welcome message…
    < 2024-09-03 18:26:56.241 220 FTP Server ready.

2024-09-03 18:26:56.242 USER user1_domain.com
< 2024-09-03 18:26:56.277 331 Password required for user1_domain.com
2024-09-03 18:26:56.277 PASS ****************
< 2024-09-03 18:26:56.358 230 User user1_domain.com logged in
2024-09-03 18:26:56.358 SYST
< 2024-09-03 18:26:56.397 215 UNIX Type: L8
2024-09-03 18:26:56.415 FEAT
< 2024-09-03 18:26:56.423 211-Features:
< 2024-09-03 18:26:56.423 CLNT
< 2024-09-03 18:26:56.423 EPRT
< 2024-09-03 18:26:56.423 EPSV
< 2024-09-03 18:26:56.423 HOST
< 2024-09-03 18:26:56.423 LANG C.UTF-8*
< 2024-09-03 18:26:56.436 MDTM
< 2024-09-03 18:26:56.436 MFF modify;UNIX.group;UNIX.mode;
< 2024-09-03 18:26:56.436 MFMT
< 2024-09-03 18:26:56.436 MLST modify*;perm*;size*;type*;unique*;UNIX.group*;UNIX.groupname*;UNIX.mode*;UNIX.owner*;UNIX.ownername*;
< 2024-09-03 18:26:56.453 RANG STREAM
< 2024-09-03 18:26:56.453 REST STREAM
< 2024-09-03 18:26:56.453 SIZE
< 2024-09-03 18:26:56.453 TVFS
< 2024-09-03 18:26:56.453 UTF8
< 2024-09-03 18:26:56.453 211 End
2024-09-03 18:26:56.453 CLNT WinSCP-release-6.3.4
< 2024-09-03 18:26:56.486 200 OK
2024-09-03 18:26:56.486 OPTS UTF8 ON
< 2024-09-03 18:26:56.517 200 UTF8 set to on
. 2024-09-03 18:26:56.542 Connected
. 2024-09-03 18:26:56.548 --------------------------------------------------------------------------
. 2024-09-03 18:26:56.548 Using FTP protocol.
. 2024-09-03 18:26:56.548 Doing startup conversation with host.
2024-09-03 18:26:56.564 PWD
< 2024-09-03 18:26:56.627 257 “/” is the current directory
. 2024-09-03 18:26:56.627 Getting current directory name.
. 2024-09-03 18:26:56.673 Retrieving directory listing…
2024-09-03 18:26:56.673 TYPE A
< 2024-09-03 18:26:56.705 200 Type set to A
2024-09-03 18:26:56.745 PASV
< 2024-09-03 18:26:56.771 227 Entering Passive Mode (152,67,2,44,47,20)
2024-09-03 18:26:56.771 MLSD
. 2024-09-03 18:26:56.771 Connecting to 123.456.789.012:12052 …
. 2024-09-03 18:27:08.831 Data connection closed
. 2024-09-03 18:27:08.831
. 2024-09-03 18:27:23.178 Timeout detected. (control connection)
. 2024-09-03 18:27:23.178 Could not retrieve directory listing

  • 2024-09-03 18:27:23.352 (EFatal) Lost connection.
  • 2024-09-03 18:27:23.352 Timeout detected. (control connection)
  • 2024-09-03 18:27:23.352 Could not retrieve directory listing
  • 2024-09-03 18:27:23.352 Error listing directory ‘/’.
    . 2024-09-03 18:34:51.095 --------------------------------------------------------------------------
    . 2024-09-03 18:34:51.095 WinSCP Version 6.3.4 (Build 14955 2024-06-17) (OS 10.0.22631 – Windows 10 Enterprise)
    . 2024-09-03 18:34:51.095 Configuration: HKCU\Software\Martin Prikryl\WinSCP 2
    . 2024-09-03 18:34:51.095 Log level: Debug 1
    . 2024-09-03 18:34:51.095 Local account: DGA-PERSONAL-PC\dga
    . 2024-09-03 18:34:51.095 Working directory: C:\Program Files (x86)\WinSCP
    . 2024-09-03 18:34:51.095 Process ID: 46488
    . 2024-09-03 18:34:51.095 Ancestor processes: explorer, …
    . 2024-09-03 18:34:51.095 Command-line: “C:\Program Files (x86)\WinSCP\WinSCP.exe”
    . 2024-09-03 18:34:51.095 Time zone: Current: GMT+5:30 (India Standard Time), No DST
    . 2024-09-03 18:34:51.095 Login time: 03 September 2024 18:34:51
    . 2024-09-03 18:34:51.095 --------------------------------------------------------------------------
    . 2024-09-03 18:34:51.095 Session name: [email protected] (Site)
    . 2024-09-03 18:34:51.095 Host name: 123.456.789.012 (Port: 21)
    . 2024-09-03 18:34:51.095 User name: user1_domain.com (Password: Yes, Key file: No, Passphrase: No)
    . 2024-09-03 18:34:51.095 Transfer Protocol: FTP
    . 2024-09-03 18:34:51.095 Ping type: Dummy, Ping interval: 30 sec; Timeout: 15 sec
    . 2024-09-03 18:34:51.095 Disable Nagle: No
    . 2024-09-03 18:34:51.095 Proxy: None
    . 2024-09-03 18:34:51.095 Send buffer: 262144
    . 2024-09-03 18:34:51.095 UTF: Auto
    . 2024-09-03 18:34:51.095 FTPS: None [Client certificate: No]
    . 2024-09-03 18:34:51.095 FTP: Passive: Yes [Force IP: Auto]; MLSD: Auto [List all: Auto]; HOST: Auto
    . 2024-09-03 18:34:51.095 Local directory: default, Remote directory: home, Update: Yes, Cache: Yes
    . 2024-09-03 18:34:51.095 Cache directory changes: Yes, Permanent: Yes
    . 2024-09-03 18:34:51.095 Recycle bin: Delete to: No, Overwritten to: No, Bin path:
    . 2024-09-03 18:34:51.095 Timezone offset: 0h 0m
    . 2024-09-03 18:34:51.095 --------------------------------------------------------------------------
    . 2024-09-03 18:34:51.134 Session upkeep
    . 2024-09-03 18:34:51.269 Connecting to 123.456.789.012 …
    . 2024-09-03 18:34:51.269 Connected with 123.456.789.012. Waiting for welcome message…
    < 2024-09-03 18:34:51.269 220 FTP Server ready.

2024-09-03 18:34:51.269 USER user1_domain.com
< 2024-09-03 18:34:51.285 331 Password required for user1_domain.com
2024-09-03 18:34:51.285 PASS ****************
< 2024-09-03 18:34:51.364 230 User user1_domain.com logged in
2024-09-03 18:34:51.364 SYST
< 2024-09-03 18:34:51.397 215 UNIX Type: L8
2024-09-03 18:34:51.397 FEAT
< 2024-09-03 18:34:51.474 211-Features:
< 2024-09-03 18:34:51.474 CLNT
< 2024-09-03 18:34:51.474 EPRT
< 2024-09-03 18:34:51.474 EPSV
< 2024-09-03 18:34:51.474 HOST
< 2024-09-03 18:34:51.474 LANG C.UTF-8*
< 2024-09-03 18:34:51.474 MDTM
< 2024-09-03 18:34:51.474 MFF modify;UNIX.group;UNIX.mode;
< 2024-09-03 18:34:51.474 MFMT
< 2024-09-03 18:34:51.474 MLST modify*;perm*;size*;type*;unique*;UNIX.group*;UNIX.groupname*;UNIX.mode*;UNIX.owner*;UNIX.ownername*;
< 2024-09-03 18:34:51.474 RANG STREAM
< 2024-09-03 18:34:51.474 REST STREAM
< 2024-09-03 18:34:51.474 SIZE
< 2024-09-03 18:34:51.474 TVFS
< 2024-09-03 18:34:51.474 UTF8
< 2024-09-03 18:34:51.474 211 End
2024-09-03 18:34:51.474 CLNT WinSCP-release-6.3.4
< 2024-09-03 18:34:51.507 200 OK
2024-09-03 18:34:51.507 OPTS UTF8 ON
< 2024-09-03 18:34:51.538 200 UTF8 set to on
. 2024-09-03 18:34:51.553 Session upkeep
. 2024-09-03 18:34:51.562 Connected
. 2024-09-03 18:34:51.562 Got reply 1 to the command 1
. 2024-09-03 18:34:51.562 --------------------------------------------------------------------------
. 2024-09-03 18:34:51.569 Using FTP protocol.
. 2024-09-03 18:34:51.569 Doing startup conversation with host.
2024-09-03 18:34:51.600 PWD
< 2024-09-03 18:34:51.633 257 “/” is the current directory
. 2024-09-03 18:34:51.633 Got reply 1 to the command 16
. 2024-09-03 18:34:51.633 Getting current directory name.
. 2024-09-03 18:34:51.696 Retrieving directory listing…
2024-09-03 18:34:51.696 TYPE A
< 2024-09-03 18:34:51.727 200 Type set to A
2024-09-03 18:34:51.774 PASV
< 2024-09-03 18:34:51.806 227 Entering Passive Mode (152,67,2,44,47,54)
2024-09-03 18:34:51.806 MLSD
. 2024-09-03 18:34:51.806 Connecting to 123.456.789.012:12086 …
. 2024-09-03 18:34:55.821 Data connection closed
. 2024-09-03 18:34:55.821
. 2024-09-03 18:35:10.189 Timeout detected. (control connection)
. 2024-09-03 18:35:10.189 Could not retrieve directory listing
. 2024-09-03 18:35:10.189 Got reply 1004 to the command 2

  • 2024-09-03 18:35:10.284 (EFatal) Lost connection.
  • 2024-09-03 18:35:10.284 Timeout detected. (control connection)
  • 2024-09-03 18:35:10.284 Could not retrieve directory listing
  • 2024-09-03 18:35:10.284 Error listing directory ‘/’.
    . 2024-09-03 18:35:19.515 Session upkeep
    . 2024-09-03 18:35:19.645 Connecting to 123.456.789.012 …
    . 2024-09-03 18:35:19.645 Connected with 123.456.789.012. Waiting for welcome message…
    < 2024-09-03 18:35:19.668 220 FTP Server ready.

2024-09-03 18:35:19.668 USER user1_domain.com
< 2024-09-03 18:35:19.705 331 Password required for user1_domain.com
2024-09-03 18:35:19.705 PASS ****************
< 2024-09-03 18:35:19.796 230 User user1_domain.com logged in
2024-09-03 18:35:19.796 SYST
< 2024-09-03 18:35:19.843 215 UNIX Type: L8
2024-09-03 18:35:19.843 FEAT
< 2024-09-03 18:35:19.874 211-Features:
< 2024-09-03 18:35:19.874 CLNT
< 2024-09-03 18:35:19.874 EPRT
< 2024-09-03 18:35:19.874 EPSV
< 2024-09-03 18:35:19.874 HOST
< 2024-09-03 18:35:19.874 LANG C.UTF-8*
< 2024-09-03 18:35:19.874 MDTM
< 2024-09-03 18:35:19.874 MFF modify;UNIX.group;UNIX.mode;
< 2024-09-03 18:35:19.881 MFMT
< 2024-09-03 18:35:19.881 MLST modify*;perm*;size*;type*;unique*;UNIX.group*;UNIX.groupname*;UNIX.mode*;UNIX.owner*;UNIX.ownername*;
< 2024-09-03 18:35:19.881 RANG STREAM
< 2024-09-03 18:35:19.881 REST STREAM
< 2024-09-03 18:35:19.881 SIZE
< 2024-09-03 18:35:19.882 TVFS
< 2024-09-03 18:35:19.882 UTF8
< 2024-09-03 18:35:19.882 211 End
2024-09-03 18:35:19.882 CLNT WinSCP-release-6.3.4
< 2024-09-03 18:35:19.918 200 OK
2024-09-03 18:35:19.919 OPTS UTF8 ON
< 2024-09-03 18:35:19.949 200 UTF8 set to on
. 2024-09-03 18:35:19.998 Connected
. 2024-09-03 18:35:19.998 Got reply 1 to the command 1
. 2024-09-03 18:35:20.003 Doing startup conversation with host.
2024-09-03 18:35:20.032 PWD
< 2024-09-03 18:35:20.075 257 “/” is the current directory
. 2024-09-03 18:35:20.075 Got reply 1 to the command 16
. 2024-09-03 18:35:20.075 Getting current directory name.
. 2024-09-03 18:35:20.075 Session upkeep
. 2024-09-03 18:35:20.174 Retrieving directory listing…
2024-09-03 18:35:20.175 TYPE A
< 2024-09-03 18:35:20.209 200 Type set to A
2024-09-03 18:35:20.265 PASV
< 2024-09-03 18:35:20.431 227 Entering Passive Mode (152,67,2,44,47,25)
2024-09-03 18:35:20.431 MLSD
. 2024-09-03 18:35:20.431 Connecting to 123.456.789.012:12057 …
. 2024-09-03 18:35:24.452 Data connection closed
. 2024-09-03 18:35:24.452
. 2024-09-03 18:35:39.225 Timeout detected. (control connection)
. 2024-09-03 18:35:39.225 Could not retrieve directory listing
. 2024-09-03 18:35:39.225 Got reply 1004 to the command 2

  • 2024-09-03 18:35:39.325 (EFatal) Lost connection.
  • 2024-09-03 18:35:39.325 Timeout detected. (control connection)
  • 2024-09-03 18:35:39.329 Could not retrieve directory listing
  • 2024-09-03 18:35:39.329 Error listing directory ‘/’.
    . 2024-09-03 18:35:48.624 Session upkeep
    . 2024-09-03 18:35:48.780 Connecting to 123.456.789.012 …
    . 2024-09-03 18:35:48.780 Connected with 123.456.789.012. Waiting for welcome message…
    < 2024-09-03 18:35:48.780 220 FTP Server ready.

2024-09-03 18:35:48.782 USER user1_domain.com
< 2024-09-03 18:35:48.788 331 Password required for user1_domain.com
2024-09-03 18:35:48.788 PASS ****************
< 2024-09-03 18:35:48.874 230 User user1_domain.com logged in
2024-09-03 18:35:48.874 SYST
< 2024-09-03 18:35:48.911 215 UNIX Type: L8
2024-09-03 18:35:48.911 FEAT
< 2024-09-03 18:35:48.946 211-Features:
< 2024-09-03 18:35:48.946 CLNT
< 2024-09-03 18:35:48.946 EPRT
< 2024-09-03 18:35:48.946 EPSV
< 2024-09-03 18:35:48.947 HOST
< 2024-09-03 18:35:48.947 LANG C.UTF-8*
< 2024-09-03 18:35:48.947 MDTM
< 2024-09-03 18:35:48.947 MFF modify;UNIX.group;UNIX.mode;
< 2024-09-03 18:35:48.947 MFMT
< 2024-09-03 18:35:48.947 MLST modify*;perm*;size*;type*;unique*;UNIX.group*;UNIX.groupname*;UNIX.mode*;UNIX.owner*;UNIX.ownername*;
< 2024-09-03 18:35:48.947 RANG STREAM
< 2024-09-03 18:35:48.947 REST STREAM
< 2024-09-03 18:35:48.947 SIZE
< 2024-09-03 18:35:48.947 TVFS
< 2024-09-03 18:35:48.948 UTF8
< 2024-09-03 18:35:48.948 211 End
2024-09-03 18:35:48.948 CLNT WinSCP-release-6.3.4
< 2024-09-03 18:35:48.980 200 OK
2024-09-03 18:35:48.980 OPTS UTF8 ON
< 2024-09-03 18:35:49.014 200 UTF8 set to on
. 2024-09-03 18:35:49.014 Session upkeep
. 2024-09-03 18:35:49.078 Connected
. 2024-09-03 18:35:49.078 Got reply 1 to the command 1
. 2024-09-03 18:35:49.078 Doing startup conversation with host.
2024-09-03 18:35:49.110 PWD
< 2024-09-03 18:35:49.147 257 “/” is the current directory
. 2024-09-03 18:35:49.156 Got reply 1 to the command 16
. 2024-09-03 18:35:49.156 Getting current directory name.
. 2024-09-03 18:35:49.208 Retrieving directory listing…
2024-09-03 18:35:49.208 TYPE A
< 2024-09-03 18:35:49.242 200 Type set to A
2024-09-03 18:35:49.289 PASV
< 2024-09-03 18:35:49.322 227 Entering Passive Mode (152,67,2,44,47,28)
2024-09-03 18:35:49.322 MLSD
. 2024-09-03 18:35:49.322 Connecting to 123.456.789.012:12060 …
. 2024-09-03 18:35:53.342 Data connection closed
. 2024-09-03 18:35:53.342
. 2024-09-03 18:36:08.352 Timeout detected. (control connection)
. 2024-09-03 18:36:08.352 Could not retrieve directory listing
. 2024-09-03 18:36:08.352 Got reply 1004 to the command 2

  • 2024-09-03 18:36:08.540 (EFatal) Lost connection.
  • 2024-09-03 18:36:08.540 Timeout detected. (control connection)
  • 2024-09-03 18:36:08.540 Could not retrieve directory listing
  • 2024-09-03 18:36:08.540 Error listing directory ‘/’.
    . 2024-09-03 18:37:55.723 --------------------------------------------------------------------------
    . 2024-09-03 18:37:55.723 WinSCP Version 6.3.4 (Build 14955 2024-06-17) (OS 10.0.22631 – Windows 10 Enterprise)
    . 2024-09-03 18:37:55.723 Configuration: HKCU\Software\Martin Prikryl\WinSCP 2
    . 2024-09-03 18:37:55.723 Log level: Debug 1
    . 2024-09-03 18:37:55.723 Local account: DGA-PERSONAL-PC\dga
    . 2024-09-03 18:37:55.723 Working directory: C:\Program Files (x86)\WinSCP
    . 2024-09-03 18:37:55.723 Process ID: 46488
    . 2024-09-03 18:37:55.723 Ancestor processes: explorer, …
    . 2024-09-03 18:37:55.728 Command-line: “C:\Program Files (x86)\WinSCP\WinSCP.exe”
    . 2024-09-03 18:37:55.728 Time zone: Current: GMT+5:30 (India Standard Time), No DST
    . 2024-09-03 18:37:55.728 Login time: 03 September 2024 18:37:55
    . 2024-09-03 18:37:55.728 --------------------------------------------------------------------------
    . 2024-09-03 18:37:55.728 Session name: [email protected] (Site)
    . 2024-09-03 18:37:55.728 Host name: 123.456.789.012 (Port: 21)
    . 2024-09-03 18:37:55.728 User name: user1_domain.com (Password: Yes, Key file: No, Passphrase: No)
    . 2024-09-03 18:37:55.728 Transfer Protocol: FTP
    . 2024-09-03 18:37:55.728 Ping type: Dummy, Ping interval: 30 sec; Timeout: 15 sec
    . 2024-09-03 18:37:55.728 Disable Nagle: No
    . 2024-09-03 18:37:55.728 Proxy: None
    . 2024-09-03 18:37:55.728 Send buffer: 262144
    . 2024-09-03 18:37:55.728 UTF: Auto
    . 2024-09-03 18:37:55.728 FTPS: None [Client certificate: No]
    . 2024-09-03 18:37:55.728 FTP: Passive: Yes [Force IP: Auto]; MLSD: Auto [List all: Auto]; HOST: Auto
    . 2024-09-03 18:37:55.728 Local directory: default, Remote directory: home, Update: Yes, Cache: Yes
    . 2024-09-03 18:37:55.728 Cache directory changes: Yes, Permanent: Yes
    . 2024-09-03 18:37:55.728 Recycle bin: Delete to: No, Overwritten to: No, Bin path:
    . 2024-09-03 18:37:55.728 Timezone offset: 0h 0m
    . 2024-09-03 18:37:55.728 --------------------------------------------------------------------------
    . 2024-09-03 18:37:55.766 Session upkeep
    . 2024-09-03 18:37:55.939 Connecting to 123.456.789.012 …
    . 2024-09-03 18:37:55.939 Connected with 123.456.789.012. Waiting for welcome message…
    < 2024-09-03 18:37:55.939 220 FTP Server ready.

2024-09-03 18:37:55.939 USER user1_domain.com
< 2024-09-03 18:37:55.939 331 Password required for user1_domain.com
2024-09-03 18:37:55.939 PASS ****************
< 2024-09-03 18:37:56.008 230 User user1_domain.com logged in
2024-09-03 18:37:56.008 SYST
< 2024-09-03 18:37:56.043 215 UNIX Type: L8
2024-09-03 18:37:56.043 FEAT
< 2024-09-03 18:37:56.073 211-Features:
< 2024-09-03 18:37:56.073 CLNT
< 2024-09-03 18:37:56.073 EPRT
< 2024-09-03 18:37:56.078 EPSV
< 2024-09-03 18:37:56.078 HOST
< 2024-09-03 18:37:56.078 LANG C.UTF-8*
< 2024-09-03 18:37:56.078 MDTM
< 2024-09-03 18:37:56.078 MFF modify;UNIX.group;UNIX.mode;
< 2024-09-03 18:37:56.078 MFMT
< 2024-09-03 18:37:56.078 MLST modify*;perm*;size*;type*;unique*;UNIX.group*;UNIX.groupname*;UNIX.mode*;UNIX.owner*;UNIX.ownername*;
< 2024-09-03 18:37:56.078 RANG STREAM
< 2024-09-03 18:37:56.078 REST STREAM
< 2024-09-03 18:37:56.078 SIZE
< 2024-09-03 18:37:56.078 TVFS
< 2024-09-03 18:37:56.078 UTF8
< 2024-09-03 18:37:56.078 211 End
2024-09-03 18:37:56.078 CLNT WinSCP-release-6.3.4
< 2024-09-03 18:37:56.109 200 OK
2024-09-03 18:37:56.109 OPTS UTF8 ON
< 2024-09-03 18:37:56.137 200 UTF8 set to on
. 2024-09-03 18:37:56.137 Session upkeep
. 2024-09-03 18:37:56.206 Connected
. 2024-09-03 18:37:56.206 Got reply 1 to the command 1
. 2024-09-03 18:37:56.206 --------------------------------------------------------------------------
. 2024-09-03 18:37:56.206 Using FTP protocol.
. 2024-09-03 18:37:56.208 Doing startup conversation with host.
2024-09-03 18:37:56.232 PWD
< 2024-09-03 18:37:56.270 257 “/” is the current directory
. 2024-09-03 18:37:56.270 Got reply 1 to the command 16
. 2024-09-03 18:37:56.270 Getting current directory name.
. 2024-09-03 18:37:56.343 Retrieving directory listing…
2024-09-03 18:37:56.343 TYPE A
< 2024-09-03 18:37:56.373 200 Type set to A
2024-09-03 18:37:56.415 PASV
< 2024-09-03 18:37:56.451 227 Entering Passive Mode (152,67,2,44,47,8)
2024-09-03 18:37:56.453 MLSD
. 2024-09-03 18:37:56.453 Connecting to 123.456.789.012:12040 …
. 2024-09-03 18:38:00.494 Data connection closed
. 2024-09-03 18:38:00.494
. 2024-09-03 18:38:15.779 Timeout detected. (control connection)
. 2024-09-03 18:38:15.779 Could not retrieve directory listing
. 2024-09-03 18:38:15.779 Got reply 1004 to the command 2

  • 2024-09-03 18:38:15.936 (EFatal) Lost connection.
  • 2024-09-03 18:38:15.936 Timeout detected. (control connection)
  • 2024-09-03 18:38:15.936 Could not retrieve directory listing
  • 2024-09-03 18:38:15.936 Error listing directory ‘/’.

The all results for ```
cat /etc/proftpd/proftpd.log


Also, the iptables rules:

iptables -S
iptables -S -t nat


are here as:

root@hcp:~# cat /etc/proftpd/proftpd.log
cat: /etc/proftpd/proftpd.log: No such file or directory
root@hcp:~# iptables -S
iptables -S -t nat
-P INPUT DROP
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
-N InstanceServices
-N fail2ban-HESTIA
-N fail2ban-MAIL
-N fail2ban-RECIDIVE
-N fail2ban-SSH
-N fail2ban-WEB
-N hestia
-A INPUT -p tcp -m multiport --dports 80,443 -j fail2ban-WEB
-A INPUT -p tcp -m tcp --dport 2083 -j fail2ban-HESTIA
-A INPUT -p tcp -m multiport --dports 25,465,587,110,995,143,993 -j fail2ban-MAI                                                L
-A INPUT -p tcp -m tcp --dport 22 -j fail2ban-SSH
-A INPUT -p tcp -m multiport --dports 1:65535 -j fail2ban-RECIDIVE
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -s 10.0.0.40/32 -j ACCEPT
-A INPUT -s 127.0.0.1/32 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m multiport --dports 80,443 -j ACCEPT
-A INPUT -p tcp -m multiport --dports 20,21,12000:12100 -j ACCEPT
-A INPUT -p udp -m udp --dport 53 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 53 -j ACCEPT
-A INPUT -p tcp -m multiport --dports 25,465,587 -j ACCEPT
-A INPUT -p tcp -m multiport --dports 110,995 -j ACCEPT
-A INPUT -p tcp -m multiport --dports 143,993 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 2083 -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
-A OUTPUT -d 169.254.0.0/16 -j InstanceServices
-A OUTPUT -d 169.254.0.0/16 -j InstanceServices
-A OUTPUT -d 169.254.0.0/16 -j InstanceServices
-A OUTPUT -d 169.254.0.0/16 -j InstanceServices
-A OUTPUT -d 169.254.0.0/16 -j InstanceServices
-A OUTPUT -d 169.254.0.0/16 -j InstanceServices
-A OUTPUT -d 169.254.0.0/16 -j InstanceServices
-A OUTPUT -d 169.254.0.0/16 -j InstanceServices
-A InstanceServices -d 169.254.0.2/32 -p tcp -m owner --uid-owner 0 -m tcp --dpo                                                rt 3260 -m comment --comment "See the Oracle-Provided Images section in the Orac                                                le Cloud Infrastructure documentation for security impact of modifying or removi                                                ng this rule" -j ACCEPT
-A InstanceServices -d 169.254.2.0/24 -p tcp -m owner --uid-owner 0 -m tcp --dpo                                                rt 3260 -m comment --comment "See the Oracle-Provided Images section in the Orac                                                le Cloud Infrastructure documentation for security impact of modifying or removi                                                ng this rule" -j ACCEPT
-A InstanceServices -d 169.254.4.0/24 -p tcp -m owner --uid-owner 0 -m tcp --dpo                                                rt 3260 -m comment --comment "See the Oracle-Provided Images section in the Orac                                                le Cloud Infrastructure documentation for security impact of modifying or removi                                                ng this rule" -j ACCEPT
-A InstanceServices -d 169.254.5.0/24 -p tcp -m owner --uid-owner 0 -m tcp --dpo                                                rt 3260 -m comment --comment "See the Oracle-Provided Images section in the Orac                                                le Cloud Infrastructure documentation for security impact of modifying or removi                                                ng this rule" -j ACCEPT
-A InstanceServices -d 169.254.0.2/32 -p tcp -m tcp --dport 80 -m comment --comm                                                ent "See the Oracle-Provided Images section in the Oracle Cloud Infrastructure d                                                ocumentation for security impact of modifying or removing this rule" -j ACCEPT
-A InstanceServices -d 169.254.169.254/32 -p udp -m udp --dport 53 -m comment --                                                comment "See the Oracle-Provided Images section in the Oracle Cloud Infrastructu                                                re documentation for security impact of modifying or removing this rule" -j ACCE                                                PT
-A InstanceServices -d 169.254.169.254/32 -p tcp -m tcp --dport 53 -m comment --                                                comment "See the Oracle-Provided Images section in the Oracle Cloud Infrastructu                                                re documentation for security impact of modifying or removing this rule" -j ACCE                                                PT
-A InstanceServices -d 169.254.0.3/32 -p tcp -m owner --uid-owner 0 -m tcp --dpo                                                rt 80 -m comment --comment "See the Oracle-Provided Images section in the Oracle                                                 Cloud Infrastructure documentation for security impact of modifying or removing                                                 this rule" -j ACCEPT
-A InstanceServices -d 169.254.0.4/32 -p tcp -m tcp --dport 80 -m comment --comm                                                ent "See the Oracle-Provided Images section in the Oracle Cloud Infrastructure d                                                ocumentation for security impact of modifying or removing this rule" -j ACCEPT
-A InstanceServices -d 169.254.169.254/32 -p tcp -m tcp --dport 80 -m comment --                                                comment "See the Oracle-Provided Images section in the Oracle Cloud Infrastructu                                                re documentation for security impact of modifying or removing this rule" -j ACCE                                                PT
-A InstanceServices -d 169.254.169.254/32 -p udp -m udp --dport 67 -m comment --                                                comment "See the Oracle-Provided Images section in the Oracle Cloud Infrastructu                                                re documentation for security impact of modifying or removing this rule" -j ACCE                                                PT
-A InstanceServices -d 169.254.169.254/32 -p udp -m udp --dport 69 -m comment --                                                comment "See the Oracle-Provided Images section in the Oracle Cloud Infrastructu                                                re documentation for security impact of modifying or removing this rule" -j ACCE                                                PT
-A InstanceServices -d 169.254.169.254/32 -p udp -m udp --dport 123 -m comment -                                                -comment "See the Oracle-Provided Images section in the Oracle Cloud Infrastruct                                                ure documentation for security impact of modifying or removing this rule" -j ACC                                                EPT
-A InstanceServices -d 169.254.0.0/16 -p tcp -m tcp -m comment --comment "See th                                                e Oracle-Provided Images section in the Oracle Cloud Infrastructure documentatio                                                n for security impact of modifying or removing this rule" -j REJECT --reject-wit                                                h tcp-reset
-A InstanceServices -d 169.254.0.0/16 -p udp -m udp -m comment --comment "See th                                                e Oracle-Provided Images section in the Oracle Cloud Infrastructure documentatio                                                n for security impact of modifying or removing this rule" -j REJECT --reject-wit                                                h icmp-port-unreachable
-A fail2ban-HESTIA -j RETURN
-A fail2ban-MAIL -s 194.169.175.65/32 -j REJECT --reject-with icmp-port-unreacha                                                ble
-A fail2ban-MAIL -j RETURN
-A fail2ban-RECIDIVE -j RETURN
-A fail2ban-SSH -j RETURN
-A fail2ban-WEB -j RETURN
-P PREROUTING ACCEPT
-P INPUT ACCEPT
-P OUTPUT ACCEPT
-P POSTROUTING ACCEPT
root@hcp:~#

Sorry, my bad, it isn’t log it’s conf.

cat /etc/proftpd/proftpd.conf

But checking the session log, seems it is using the right public ip when entering in passive mode so that means that Oracle is not redirecting ports from 12000 to 12100 to your server and that is the reason for the timeout. I would double check the firewall in Oracle Control Panel.

1 Like

Thanks

Problem Solved, it is from my OCI console.

Now I could connected FTP.

:slightly_smiling_face:

2 Likes