Pure-FTPD - ECONNRESET - Connection reset by peer

Hello,

I've a problem with connection with Pure-FTPD.
My NAT rules:
Code:
IP_PUB="37.187.97.151"
IP_JAIL="192.168.0.1"
NET_JAIL="192.168.0.0/24"
PORT_JAIL="{21,80,113,6667,5555,30000:50000}"


{...}

# pass in

 block drop out log (all) quick on $ext_if from any to $martians

 pass in on $ext_if proto tcp from any to any port 22   $tcpstate $stossh

# pass for jail ports
 pass in on $ext_if proto tcp from any to $IP_JAIL port 5555 $tcpstate $stossh
 pass in on $ext_if proto tcp from any to $IP_JAIL port 80 $tcpstate $stowww
 pass in on $ext_if proto tcp from any to $IP_JAIL port {20,21,113,6667,30000:50000} $tcpstate
 pass in on $ext_if proto udp from any to $IP_JAIL port 9987 $udpstate

Code:
Status:   Łączenie z 37.187.97.151:21...
Status:   Połączenie nawiązanie, oczekiwanie na wiadomość powitalną...
Odpowiedź   220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
Odpowiedź   220-You are user number 1 of 50 allowed.
Odpowiedź   220-Local time is now 09:10. Server port: 21.
Odpowiedź   220 You will be disconnected after 15 minutes of inactivity.
Polecenie:   USER bryn1u
Odpowiedź   331 User bryn1u OK. Password required
Polecenie:   PASS ************
Odpowiedź   230 OK. Current restricted directory is /
Polecenie:   SYST
Odpowiedź   215 UNIX Type: L8
Polecenie:   FEAT
Odpowiedź   211-Extensions supported:
Odpowiedź    EPRT
Odpowiedź    IDLE
Odpowiedź    MDTM
Odpowiedź    SIZE
Odpowiedź    MFMT
Odpowiedź    REST STREAM
Odpowiedź    MLST type*;size*;sizd*;modify*;UNIX.mode*;UNIX.uid*;UNIX.gid*;unique*;
Odpowiedź    MLSD
Odpowiedź    AUTH TLS
Odpowiedź    PBSZ
Odpowiedź    PROT
Odpowiedź    UTF8
Odpowiedź    ESTA
Odpowiedź    PASV
Odpowiedź    EPSV
Odpowiedź    SPSV
Odpowiedź   211 End.
Polecenie:   OPTS UTF8 ON
Odpowiedź   200 OK, UTF-8 enabled
Status:   Połączono
Status:   Uzyskiwanie listy katalogów...
Polecenie:   PWD
Odpowiedź   257 "/" is your current location
Polecenie:   TYPE I
Odpowiedź   200 TYPE is now 8-bit binary
Polecenie:   PASV
Error:   Can't read from socket: ECONNRESET - Connection reset by peer
Error:   Disconnected from server
Error:   Couldn't get list directory

And don't know what to do. I was looking for same solutions but found nothing.

Regards,
 
Ehh, i was reading your link. I think i have done everything good. If i good remember this configuration worked before. I have opened passive range ports, redirection and pure-ftpd is configured well. Still don't know why it's not working :(

Code:
# Port range for passive connections replies. - for firewalling.

 PassivePortRange          30000 50000



# Force an IP address in PASV/EPSV/SPSV replies. - for NAT.
# Symbolic host names are also accepted for gateways with dynamic IP
# addresses.

 ForcePassiveIP                192.168.0.1



# Upload/download ratio for anonymous users.

# AnonymousRatio                1 10



# Upload/download ratio for all users.
# This directive superscedes the previous one.

# UserRatio                 1 10



# Disallow downloading of files owned by "ftp", ie.
# files that were uploaded but not validated by a local admin.

AntiWarez                   yes



# IP address/port to listen to (default=all IP and port 21).

 Bind                      127.0.0.1,21
 
I'm not familiar with your FTP daemon, and perhaps this is a very basic tip, but does your firewall returns some error messages that could give you a hint? The rules need to be set in a specific way so error messages can be generated. Also, can the system run with the firewall turned off? This may help you isolate the problem, daemon or firewall related.
 
Back
Top