old-www/LDP/LG/issue37/tag/6.html

<!--startcut ======================================================= -->
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<html>
<head>
<META NAME="generator" CONTENT="lgazmail v1.1H.i">
<TITLE>The Answer Guy 37: Getting my new linux box to run the ftp server</TITLE>
</HEAD><BODY BGCOLOR="#FFFFFF" TEXT="#000000"
	LINK="#3366FF" VLINK="#A000A0">
<!-- ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -->
<H4>"The Linux Gazette...<I>making Linux just a little more fun!</I>"</H4>
<P> <hr> <P>
<!-- ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -->
<center>
<H1><A NAME="answer">
	<img src="../../gx/dennis/qbubble.gif" alt="(?)" 
		border="0" align="middle">
	<font color="#B03060">The Answer Guy</font>
	<img src="../../gx/dennis/bbubble.gif" alt="(!)" 
		border="0" align="middle">
</A></H1> 
<BR>
<H4>By James T. Dennis,
	<a href="mailto:linux-questions-only@ssc.com">linux-questions-only@ssc.com</a><BR>
	Starshine Technical Services,
	<A HREF="http://www.starshine.org/">http://www.starshine.org/</A> 
</H4>
</center>

<p><hr><p>
<!--  endcut ======================================================= -->
<!-- begin 6 -->
<H3 align="left"><img src="../../gx/dennis/qbubble.gif" 
	height="50" width="60" alt="(?) " border="0"
	>Getting my new linux box to run the ftp server</H3>


<p><strong>From Clay Harmon  on Wed, 30 Dec 1998  
</strong></p>
<P><STRONG>
I have just added an Intel Pentium Linux (Redhat 5.1) box to a
heterogeneous network consisting of 2 Sun Solaris 2.5.1 workstations and 4
Win95 PCs. Everything has gone pretty much OK, only I can't establish an
ftp connection from outside to my Linux box.  If I try to ftp into the
Linux box from the Sun stations, I get a "421 Service not available, remote
server has closed connection" message.  I have looked at the usual
culprits, i.e. <TT>/etc/hosts.allow</TT>, and have enabled access to 
the ftp server
for ALL.  What is truly strange is that inetd "superdaemon" seems to work
just fine for the finger, telnet AND rlogin services - I can access the
Linux box from outside just fine using any  of these, but the ftp server
does not appear to be up.  The only other piece of network weirdness I have
noticed is that when the Linux station boots, I get an error on one of the
Sysv init scripts:
</STRONG></P>
<Pre><STRONG>
Executing: /etc/rc.d/rc3.d/S10network reload
</STRONG></Pre>
<Pre><STRONG>
* route: netmask doesn't match route address
* Usage: route [-nNvee] [-FC] [Address_families] List kernel routing tables
</STRONG></Pre>
<P><STRONG>
* ....... and so on
and then
</STRONG></P>
<Pre><STRONG>
Executing: /etc/rc.d/rc3.d/S50inet restart
</STRONG></Pre>
<BLOCKQUOTE><IMG SRC="../../gx/dennis/bbub.gif" ALT="(!)"
	HEIGHT="28" WIDTH="50" BORDER="0"
	>
That probably is unrelated --- though you should
check to make sure your routing tables are right.  Are you
running 'routed' or 'gated' to get your route dynamically?
</BLOCKQUOTE>
<BLOCKQUOTE>
The reasons that I don't believe this symptom is related
to your FTP problem is that it's complaining about routing
and you clearly are getting packets to and from the
box (otherwise you wouldn't get the service unavailable
message --- and finger/telnet and rlogin wouldn't work.
</BLOCKQUOTE>
<BLOCKQUOTE>
It also sounds like this probably isn't a TCP Wrappers
problem --- since you presumably have all you services
wrapped.  However, you should check to make sure that your
forward and reverse DNS zones are consistent --- since this
classically can cause TCP wrappers to deny connections that
would otherwise be allowed.  (Normally tcpd is compiled with
<tt>-DPARANOID</tt> enabled --- though 
<A HREF="http://www.redhat.com/">Red Hat</A> ships with it off, so
you can explicitly use the PARANOID directive if you want --
but you don't get it unless you ask for it).
</BLOCKQUOTE>
<BLOCKQUOTE>
In any event it seems that the most likely case is that you
have a problem in your inetd.conf file --- probably a path
referring to non-existent in.ftpd.  Did you install in.ftpd,
WU ftpd or ProFTPd?  You have to install some FTP daemon
in order for the dispatche (inetd) to execute it.
</BLOCKQUOTE>
<BLOCKQUOTE>
So, make sure the package is installed.  Make sure that the
path listed in the <TT>/etc/inetd.conf</TT> is correct.  Finally,
look in <TT>/var/log/messages</TT> for any errors that inetd, tcpd,
and/or in.ftpd (or its ilk) are reporting.
</BLOCKQUOTE>
<BLOCKQUOTE>
If all of that is O.K and things still don't work ---
I'd look for something weird with one of the routers
(some sort of packet filtering, network address
translations or IP masquerading or something like that).
</BLOCKQUOTE>
<BLOCKQUOTE>
Incidentally, you mentioned "from outside" --- I hope
you don't mean that your organization is allowing direct
routable IP from the outside world (open Internet) all the
way into your desktop workstations.  If that's the case I'd
highly reoommend a review of your security policies and an
assets evaluation and risk assessment.
</BLOCKQUOTE>
<BLOCKQUOTE>
Your company can provide reasonably safe and secure remote
access to it's employees without leaving itself wide open to
every cracker that want another attack launch point and
portscanning slave.
</BLOCKQUOTE>
<P><STRONG><IMG SRC="../../gx/dennis/qbub.gif" ALT="(?)"
	HEIGHT="28" WIDTH="50" BORDER="0"
	>
This may or may not be related to my problem.
</STRONG></P>
<P><STRONG>
I'm stumped.  Everything else seems to work just fine - I can get out
through our ISDN router to the net, Netscape works fine, and all of the
other services seem to work just fine. I can use the ftp utility to access
the Sun stations, and "get" files, but I would really like to be able to
ftp from our PC's into the Linux box, without having to go through the
complicated path of ftp'ing from PC to Solaris(put) and then from Linux to
Solaris(get) to just transfer a simple file.  I don't have the option
currently of ftp'ing from Linux to PC, because Win95 does not have an ftp
server as a standard option, so I would like to be able to ftp from PC to
the Linux (put). I  have the feeling there is something simple that I'm
doing or not doing that would fix this problem.
</STRONG></P>
<P><STRONG>
Thanks for your help
</STRONG></P>
<BLOCKQUOTE><IMG SRC="../../gx/dennis/bbub.gif" ALT="(!)"
	HEIGHT="28" WIDTH="50" BORDER="0"
	>
Look for your ftpd program.  There are several to choose
from.  I think Red Hat 5.1 uses 'in.ftpd' as re-ported from
the <A HREF="http://www.openbsd.org/">OpenBSD</A> sources.  Most Linux distributions default to
the Washington University (St. Louis) WU-FTPD.  I've
recommended others (such as ProFTPD, BeroFTPD, and ncftpd)
in previous columns.
</BLOCKQUOTE>
<!-- sig -->

<!-- end 6 -->
<!--startcut ======================================================= -->
<P> <hr> <P>
<H5 align="center"><a href="http://www.linuxgazette.com/copying.html"
	>Copyright &copy;</a> 1999, James T. Dennis 
<BR>Published in <I>The Linux Gazette</I> Issue 37 February 1999</H5>
<P> <hr> <P>
<!-- ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -->
<P align="center">
<table width="98%"><tr valign="center" align="center">
<td rowspan="3" colspan="4"><A HREF="../lg_answer37.html"><IMG
        SRC="../../gx/dennis/answernew.gif"
        ALT="[ Answer Guy Index ]"></A></td>
  <TD width="8%"><A HREF="./1.html">1</A></TD>
  <TD width="8%"><A HREF="./2.html">2</A></TD>
  <TD width="8%"><A HREF="./3.html">3</A></TD>
  <TD width="8%"><A HREF="./4.html">4</A></TD>
  <TD width="8%"><A HREF="./5.html">5</A></TD>
  <TD width="8%"><A HREF="./6.html">6</A></TD>
  <TD width="8%"><A HREF="./7.html">7</A></TD>
  <TD width="8%"><A HREF="./8.html">8</A></TD>
  <TD width="8%"><A HREF="./9.html">9</A></TD>
  <TD width="8%"><A HREF="./10.html">10</A></TD>

</tr><tr valign="center" align="center">
  <TD><A HREF="./11.html">11</A></TD>
  <TD><A HREF="./12.html">12</A></TD>
  <TD><A HREF="./14.html">14</A></TD>
  <TD><A HREF="./15.html">15</A></TD>
  <TD><A HREF="./16.html">16</A></TD>
  <TD><A HREF="./17.html">17</A></TD>
  <TD><A HREF="./18.html">18</A></TD>
  <TD><A HREF="./19.html">19</A></TD>
  <TD><A HREF="./21.html">21</A></TD>
  <TD><A HREF="./22.html">22</A></TD>

</tr><tr valign="center" align="center">
  <TD><A HREF="./23.html">23</A></TD>
  <TD><A HREF="./28.html">28</A></TD>
  <TD><A HREF="./29.html">29</A></TD>
  <TD><A HREF="./30.html">30</A></TD>
  <TD><A HREF="./31.html">31</A></TD>
  <TD><A HREF="./32.html">32</A></TD>
  <TD><A HREF="./33.html">33</A></TD>
  <TD><A HREF="./34.html">34</A></TD>
  <TD><A HREF="./37.html">37</A></TD>
  <TD><A HREF="./38.html">38</A></TD>

</tr><tr valign="center" align="center">
  <TD><A HREF="./39.html">39</A></TD>
  <TD><A HREF="./41.html">41</A></TD>
  <TD><A HREF="./42.html">42</A></TD>
  <TD><A HREF="./43.html">43</A></TD>
  <TD><A HREF="./44.html">44</A></TD>
  <TD><A HREF="./45.html">45</A></TD>
  <TD><A HREF="./46.html">46</A></TD>
  <TD><A HREF="./47.html">47</A></TD>
  <TD><A HREF="./48.html">48</A></TD>
  <TD><A HREF="./49.html">49</A></TD>

</tr></table>
	</P>
<P> <hr> <P>
<!-- ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -->
<P> <hr> <P>
<!-- begin lgnav ::::::::::::::::::::::::::::::::::::::::::::::::::: -->
<A HREF="../index.html"
	><IMG SRC="../../gx/indexnew.gif" ALT="[ Table Of Contents ]"></A>
<A HREF="../../index.html"
	><IMG SRC="../../gx/homenew.gif" ALT="[ Front Page ]"></A>
<A HREF="../lg_bytes37.html"
	><IMG SRC="../../gx/back2.gif" ALT="[ Previous Section ]"></A>
<A HREF="../york.html"
	><IMG SRC="../../gx/fwd.gif" ALT="[ Next Section ]"></A>
<!-- end lgnav ::::::::::::::::::::::::::::::::::::::::::::::::::::: -->
<!-- ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -->
</BODY></HTML>
<!--endcut ========================================================= -->