Vsftpd 227 Entering Passive Mode ftp: connect: Connection refused

zjose088 · June 9, 2024, 4:51pm

Hello, I have a problem that seems strange to me because I cannot connect to FTP using linux commands, nor can I connect using PHP, but it works normally from Windows with FileZilla.

1.- Since php connects correctly with the user data, it correctly activates passive mode and then does not show the files, giving the following error:

Warning: ftp_nlist(): php_connect_nonb() failed: Operation now in progress (115).

2.- From the linux commands:

ftp -p test.test.com 21
Connected to test.test.com
220 Welcome! Please note that all activity is logged.
Name (test.test.com:root): test
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> ls
227 Entering Passive Mode (xxx,xxx,xxx,176,47,67).
ftp: connect: Connection refused.

Hello, I had this problem but I had not paid attention to it. Since yesterday I have wanted to solve it and I still can’t, for this example I rented a vps server from hetzner (ubuntu 22.04) and made a new, clean installation with the following command:

sudo bash hst-install.sh --apache no --phpfpm yes --multiphp no --vsftpd yes --proftpd no --named yes --mysql yes --mysql-classic no --postgresql no --exim no - -dovecot no --sieve no --clamav no --spamassassin no --iptables yes --fail2ban yes --quota no --api yes --interactive yes --with-debs no --port ‘8083’ --hostname ‘test.test.com’ --email '[email protected] --password ‘asdaseregeasd’ --lang ‘en’

It seems like a firewall problem but the IP addresses are on the white list of both servers, the default installation has everything related to the correct functioning of FTP in passive mode active. So I don’t understand why it could be blocking me. Because from Filezilla everything works fine.

I have to try using proftpd instead of vsftpd and see if something is different.

sahsanu · June 9, 2024, 4:58pm

Hi @zjose088,

Could you please show the output of these commands?

v-list-firewall
v-list-firewall-ban
iptables -S

zjose088 · June 9, 2024, 5:49pm

Hi, of course.

root@test:~# v-list-firewall
RULE  ACTION  PROTO  PORT            IP         SPND  DATE
----  ------  -----  ----            --         ----  ----
1     ACCEPT  ICMP   0               0.0.0.0/0  no    2014-09-16
2     ACCEPT  TCP    8083            0.0.0.0/0  no    2014-05-25
6     ACCEPT  TCP    53              0.0.0.0/0  no    2014-05-25
7     ACCEPT  UDP    53              0.0.0.0/0  no    2014-05-25
8     ACCEPT  TCP    21,12000-12100  0.0.0.0/0  no    2014-05-25
9     ACCEPT  TCP    80,443          0.0.0.0/0  no    2014-09-24
10    ACCEPT  TCP    22              0.0.0.0/0  no    2014-09-16

root@test:~# v-list-firewall-ban
cat: /usr/local/hestia/data/firewall/banlist.conf: No such file or directory
IP  CHAIN  TIME  DATE
--  -----  ----  ----

sahsanu · June 9, 2024, 8:14pm

I see no problem. Are you sure there are no rules blocking outbound ports from 12000 to 12100 from those machines were you are performing the connection to your server?

zjose088 · June 11, 2024, 6:41pm

Yes, the ports are open, I tried with the firewalls disabled, I tried removing the Hetzner firewall, I don’t know why it happens, I’m going to try, creating 2 new and clean hestiascp installations, and I will try to connect them together ftp / php.

I want to know where the problem is.

sahsanu · June 11, 2024, 7:58pm

If you give me access to your ftp (you could send me a private message with the details), I could try to connect from my side.