DSM-G600, DNS-3xx and NSA-220 Hack Forum

xibit · 2008-02-09 17:15:24

Hi all.

Can someone help me to enable fxp in my dns-323 i have tried to edit my ftpaccess file with:

port-allow newclass 0.0.0.0/0
pasv-allow newclass 0.0.0.0/0

but that dont help. With my org fw (1.03) it worked but dont want to go back to that version i got more stable network with 1.04.

Hope someone can help me with this...

Regards: xibit

jules · 2008-02-09 23:34:35

You also need to define that "newclass" as shown not so clearly here: http://help.globalscape.com/help/cuteft … or_fxp.htm

I was searching the same thing for my CH3SNAS that uses pure-ftpd server; in this case only a -w option is needed. In the process list, the ftp server is listed as pure-ftpd (SERVER), so its impossible to know the set of option used in the call at boot using the list.
I've searched for a script (e.g. /etc/rc.sh) with a call to the ftp daemon with no luck... any suggestions?

bodbod · 2008-12-13 14:14:22

There is maybe an option to add in the config file in the /etc/pure-ftpd.conf file

When you edit it, you have the following options already setup depending of what you did via the web interface :

### Pure-ftpd configure ###
Version = "1.00"
Status = "start"
MaxClientsNumber = "4"
MaxIdleTime = "10"
Port = "21"
FlowControl = "0"
FileSystemCharset = "ISO8859-1"
ClientCharset = "ISO8859-1"

if somebody has a clue, you are welcome to help us !

cheers

OneArmedMan · 2008-12-14 04:39:08

this page: http://www.awk-scripting.de/cluster/fxp … on.html#M4

suggests the following "Set "AllowUserFXP" to "yes" in pure-ftpd.conf."
If that option does not exist in your config file, you may need to add it.

this page : http://download.pureftpd.org/pub/pure-ftpd/doc/README

suggests a command line switch of "-w" will enable FXP for authenticated users and "-W" will enable FXP for all users

bodbod · 2008-12-14 19:54:52

Yeah I saw that but even if my new conf file is like above, I still have issues with the fxp

Code:

### Pure-ftpd configure ###
Version = "1.00"
Status = "start"
MaxClientsNumber = "4"
MaxIdleTime = "10"
BrokenClientsCompatibility = "yes"
PassivePortRange = "4000:4010"
ForcePassiveIP = "localIpOfMyDns-323"
AllowUserFXP = "yes" 
Port = "21"
FlowControl = "0"
FileSystemCharset = "ISO8859-1"
ClientCharset = "ISO8859-1"

when i try to fxp, i have this message logged on my ftp client : 501 Sorry, but I won't connect to ports < 1024

Code:

[L] 150 Opening ASCII mode data connection for /bin/ls.
[L] 226 Transfer complete.
[L] List Complete: 242 bytes in 1.01 seconds (0.2 KB/s)
[L] TYPE I
[L] 200 Type set to I.
[R] TYPE I
[R] 200 TYPE is now 8-bit binary
[L] MODE S
[L] 200 MODE S ok.
[L] PASV
[L] 227 Entering Passive Mode (XXX,XXX,XXX,XXX,0,25)
[R] PORT XXX,XXX,XXX,XXX,0,25
[R] 501 Sorry, but I won't connect to ports < 1024
[R] ABOR
[R] 500 ?
[L] ABOR
[L] 226 ABOR command successful.

Then by searching a bit on this issue, I read that I should disable the NAT option in the config of my router, thing I did
Therefore, I have as well routed the passive ports to the ftp server on the router but still.

On this forum, some people are saying that this pure-ftpd.conf file is not read by the soft but is used only for the webinterface of the dns-323 and the ftp should be run by a direct command

I just need to work on it a bit :

the base of the command would be like this :

/usr/bin/pure-ftpd -c <max users> -I <timeout> -P <IP> -p <low passive range:high passive range> -S <Port>

so applied to my case :

/usr/bin/pure-ftpd -w -c 10 -I 15 -P XXX.XXX.XXX.XXX -p 4000:4010 -S 21

here are a bunch of commands you can add :

Code:

-4  --ipv4only
-a  --trustedgid            <gid>
-A  --chrooteveryone    
-b  --brokenclientscompatibility    
-B  --daemonize 
-c  --maxclientsnumber      <number>
-C  --maxclientsperip       <number>
-d  --verboselog    
-D  --displaydotfiles   
-e  --anonymousonly 
-E  --noanonymous   
-f  --syslogfacility        <facility>
-F  --fortunesfile          <file>
-g  --pidfile               <path to pid file>
-G  --norename
-h  --help  
-H  --dontresolve   
-i  --anonymouscantupload
-I  --maxidletime           <time (min)>
-j  --createhomedir
-k  --maxdiskusagepct       <percentage>
-K  --keepallfiles
-l  --login                 <auth> or <auth>:<config file>
-L  --limitrecursion        <number:number>
-m  --maxload               <load>
-M  --anonymouscancreatedirs    
-N  --natmode
-o  --uploadscript
-O  --altlog                <format>:<log file>
-p  --passiveportrange      <minport:maxport>
-P  --forcepassiveip        <ip address>
-q  --anonymousratio        <upload ratio>:<download ratio>
-Q  --userratio             <upload ratio>:<download ratio>
-r  --autorename
-R  --nochmod
-s  --antiwarez 
-S  --bind                  <ip address,port>
-t  --anonymousbandwidth    <bandwidth (Kb/s)>
-T  --userbandwidth         <bandwidth (Kb/s)> or [<up bw>]:[<down bw>]
-u  --minuid                <uid>
-U  --umask                 <mask>
-V  --trustedip             <ip address>
-w  --allowuserfxp  
-W  --allowanonymousfxp
-x  --prohibitdotfileswrite 
-X  --prohibitdotfilesread  
-y  --peruserlimits         <per user max>:<max anonymous sessions>
-z  --allowdotfiles
-Z  --customerproof



--(switches sorted by ##GNU-style long switches## lexical order)--

-W  --allowanonymousfxp
-z  --allowdotfiles
-w  --allowuserfxp  
-O  --altlog                <format>:<log file>
-t  --anonymousbandwidth    <bandwidth (Kb/s)>
-M  --anonymouscancreatedirs    
-i  --anonymouscantupload
-e  --anonymousonly 
-q  --anonymousratio        <upload ratio>:<download ratio>
-s  --antiwarez 
-r  --autorename

-S  --bind                  <ip address,port>
-b  --brokenclientscompatibility    

-A  --chrooteveryone    
-j  --createhomedir
-Z  --customerproof

-B  --daemonize 
-D  --displaydotfiles   
-H  --dontresolve   

-P  --forcepassiveip        <ip address>
-F  --fortunesfile          <file>

-h  --help  

-4  --ipv4only

-K  --keepallfiles

-l  --login                 <auth> or <auth>:<config file>
-L  --limitrecursion        <number:number>

-c  --maxclientsnumber      <number>
-C  --maxclientsperip       <number>
-k  --maxdiskusagepct       <percentage>
-I  --maxidletime           <time (min)>
-m  --maxload               <load>
-u  --minuid                <uid>

-N  --natmode
-E  --noanonymous   
-R  --nochmod
-G  --norename

-p  --passiveportrange      <minport:maxport>
-y  --peruserlimits         <per user max>:<max anonymous sessions>
-g  --pidfile               <path to pid file>
-X  --prohibitdotfilesread  
-x  --prohibitdotfileswrite 

-f  --syslogfacility        <facility>

-a  --trustedgid            <gid>
-V  --trustedip             <ip address>

-U  --umask                 <mask>
-o  --uploadscript
-T  --userbandwidth         <bandwidth (Kb/s)> or [<up bw>]:[<down bw>]
-Q  --userratio             <upload ratio>:<download ratio>

-d  --verboselog

At the moment, when I try to fxp, it does not work, I can see in my destination directory a temp file called for example : .pureftpd-upload.49455130.15.5db.c480f4b7 but its size is 0k.
If somebody made it working I would appreciate your help, my goal is to do some fxp via my LAN (priority) and for WAN (if possible)

thx

Last edited by bodbod (2008-12-14 20:37:07)

OneArmedMan · 2008-12-15 09:47:06

I have a DNS-343, so slightly different than the 323.
I can successfully FXP *away* from the 343. Uploading a file to a FileZila server running on my PC.
When trying to FXP *TO* the 343 the transfer starts, and then aborts.
I get an error on my FileZilla server "cant open data channel"

I am attempting to compile an updated version of Pure-FTPD, i can get it to compile i will let you know how it goes.

OneArmedMan · 2008-12-15 13:01:38

I have compiled pure-ftpd on my DNS-343
The attached tar.gz file should contain /ffp/etc/pure-ftpd.conf ( config file ) , /ffp/sbin/pure-ftpd ( the FTP server ) and /ffp/start/pure-config.pl ( a perl script to launch the server )
The pure-config.pl file will parse the /ffp/etc/pure-ftpd.conf file for config settings and then start the daemon. you must have perl installed for this to work, but it could probably be done with a bash script also.

the FTP server appears to be running and i have had limited success with FXP.
I think most of the FXP problems i have had are due to the FTP server i am running on my Windows machine.

Attachments:

pure-ftpd.tar.gz, Size: 46,404 bytes, Downloads: 194

DSM-G600, DNS-3xx and NSA-220 Hack Forum

Announcement

#1 2008-02-09 17:15:24

Cant enable FXP in DNS-323

#2 2008-02-09 23:34:35

Re: Cant enable FXP in DNS-323

#3 2008-12-13 14:14:22

Re: Cant enable FXP in DNS-323

#4 2008-12-14 04:39:08

Re: Cant enable FXP in DNS-323

#5 2008-12-14 19:54:52

Re: Cant enable FXP in DNS-323

Code:

Code:

Code:

#6 2008-12-15 09:47:06

Re: Cant enable FXP in DNS-323

#7 2008-12-15 13:01:38

Re: Cant enable FXP in DNS-323

Board footer