I’m having troubles connecting to a virtualhost with FTP.
The FTP client (tried wWINscp, filezilla, windows explorer and CurlFtpFS) does connect;
and the log confirms it:
> > Fri Oct 7 18:02:19 2016 [pid 10612] CONNECT: Client "10.0.0.xxx"
> > Fri Oct 7 18:02:19 2016 [pid 10611] [repo] OK LOGIN: Client "10.0.0.xxx"
> > Fri Oct 7 18:02:39 2016 [pid 10615] CONNECT: Client "10.0.0.85"
> > Fri Oct 7 18:02:39 2016 [pid 10614] [repo] OK LOGIN: Client "10.0.0.xxx"
In general the FTP client complains about retrieving a file list, Filezilla’s client log:
Status: Resolving address of repo.xxxxxxx.lan
Status: Connecting to 10.0.0.xxx:21...
Status: Connection established, waiting for welcome message...
Status: Logged in
Status: Retrieving directory listing...
Command: PWD
Response: 257 "/"
Command: TYPE I
Response: 200 Switching to Binary mode.
Command: PASV
Response: 227 Entering Passive Mode (10,0,0,36,120,220).
Command: LIST
Error: The data connection could not be established: ECONNREFUSED - Connection refused by server
Error: Connection timed out after 20 seconds of inactivity
Error: Failed to retrieve directory listing
Thinking about this: how does the FTP sever know which virtual host should connected to?
Does it only serve (like web-dav) the files granted access to by user/password?
Reproduced.
Passive ftp do not work, the firewall blocks the incoming connection.
Workaround: use active ftp.
I’ll continue to investigate and let you know.
EDIT: It seems that we need to define the ftp helper. I added the following line to /etc/shorewall/rules to enable passive mode ftp: FTP(HELPER) loc -
Source: http://www.shorewall.org/FTP.html