General NAS-Central Forums

Welcome to the NAS community
It is currently Thu Nov 23, 2017 7:43 am

All times are UTC




Post new topic Reply to topic  [ 39 posts ]  Go to page Previous  1, 2, 3  Next
Author Message
PostPosted: Sun Dec 30, 2012 8:41 pm 
Offline

Joined: Mon Jun 16, 2008 10:45 am
Posts: 6074
nathanas wrote:
I managed to connect through Internet and transferred a movie with 3.5MB/s which means its using my internal IP for data. Somehow it sees that its a device connected to my router.
Not really. You are accessing the FTP server via your public IP address. But this router supports 'nat loopback', which means it just 'injects' the data to it's WAN port, where it's handled normally.
The lower speed is because the data passes the router twice (from LAN to WAN, and back), and the router is not the fastest one around. (Well, it does it's job, and it can handle a 20Mbps connection, but it has not enough juice to handle nat loopback on 15MB/sec (=300Mbps))


Top
 Profile  
 
PostPosted: Tue Feb 12, 2013 9:51 am 
Offline

Joined: Mon Feb 11, 2013 6:26 pm
Posts: 16
If someone could help me plz.... I've made the above script with vi and my current ip (which is not static, but it won't change as long as I don't restart my connection, which means it'll be the same for months) , I've put it in the correct dir and made it executable ok, named it ftpserver.sh . Port forwarding seems to be working for every other program I've setup so it's unlikely that's the root of the problem. Now, I've seen that I've no /var/zyxel/pure-ftpd.arg file here. The problem right now is that I can still connect to the ftp server locally but it can't be reached from outside at all. So, I assume that the script is not doing anything for me atm for some reason. Any help is appreciated, thx!


Top
 Profile  
 
PostPosted: Tue Feb 12, 2013 10:39 am 
Offline

Joined: Mon Jun 16, 2008 10:45 am
Posts: 6074
Quote:
I've seen that I've no /var/zyxel/pure-ftpd.arg file here.
In that case this fix cannot work of course. Which firmware are you running? What is the output of
Code:
ps | grep ftp


Top
 Profile  
 
PostPosted: Tue Feb 12, 2013 3:49 pm 
Offline

Joined: Mon Feb 11, 2013 6:26 pm
Posts: 16
I'm on fw V4.40(AFD.1). I get no output at all from that command, just returns to command prompt - thx for helping me btw :)

edit: just saw that there's 4.40(afd.2) available, is it important that I upgrade to it?


Last edited by nicklarry on Tue Feb 12, 2013 6:52 pm, edited 2 times in total.

Top
 Profile  
 
PostPosted: Tue Feb 12, 2013 5:48 pm 
Offline

Joined: Mon Jun 16, 2008 10:45 am
Posts: 6074
nicklarry wrote:
I'm on fw V4.40(AFD.1). I get no output at all from that command, just returns to command prompt
In that case I suppose you are running FFP? Try
Code:
ps -A | grep ftp

Quote:
edit: just saw that there's 4.40(afd.2) available, is it important that I upgrade to it?
Don't think so. There is not much difference between that two. Only some bugfixes and minor updates. But it seems you are running a different FTP server.


Top
 Profile  
 
PostPosted: Tue Feb 12, 2013 6:53 pm 
Offline

Joined: Mon Feb 11, 2013 6:26 pm
Posts: 16
I issued "ps -A | grep ftp" and returned "16799 ? 00:00:01 pure-ftpd" , yes ffp is running. But I'm just using the built-in ftp server, does ffp change anything silently about ftp?


Top
 Profile  
 
PostPosted: Tue Feb 12, 2013 8:06 pm 
Offline

Joined: Mon Jun 16, 2008 10:45 am
Posts: 6074
No, FFP leaves the firmware functions alone.

So your box is running pure-ftpd, which is the one for which that script is intended. Did you create your FFP stick before you updated the firmware to 4.40? In that case you might be running it chrooted, which could mean that /var/zyxel is not the same one which is seen by the firmware.


Top
 Profile  
 
PostPosted: Wed Feb 13, 2013 5:29 am 
Offline

Joined: Mon Feb 11, 2013 6:26 pm
Posts: 16
I installed ffp via the built-in package method not by stick (dunno if that's important, I suppose not) and it was after the firmware update, I haven't put another fw since.


Top
 Profile  
 
PostPosted: Wed Feb 13, 2013 9:02 am 
Offline

Joined: Mon Jun 16, 2008 10:45 am
Posts: 6074
nicklarry wrote:
(dunno if that's important, I suppose not)
Indeed. AFAICS it not relevant.

But that means your box should just work as the others. What is the contents of your /usr/local/sbin/vsftpd_start_silent.sh?


Top
 Profile  
 
PostPosted: Wed Feb 13, 2013 12:23 pm 
Offline

Joined: Mon Feb 11, 2013 6:26 pm
Posts: 16
the content is:

#!/bin/sh

# zylogger
# source 17: built-in service
# priority 5: notice
# facility 17: built-in service
#
# Detailed information is in zylog-1.0/zylog.h

# This script may be called from ZySH watchdog and
# may not check if FTPd is already running, so
# FTPd should be killed here.

/bin/killall -9 pure-ftpd

PS=`/bin/ps | /bin/grep pure-ftpd | /bin/grep -v grep`

# test if "$PS" is non-null
while [ -n "$PS" ]
do
sleep 1
PS=`/bin/ps | /bin/grep pure-ftpd | /bin/grep -v grep`
done

EDIT:

restarted the NAS and checked again /var/zyxel/ and pure-ftpd.arg is there (?!?) - here's what it contains:

#!/bin/sh

# zylogger
# source 17: built-in service
# priority 5: notice
# facility 17: built-in service
#
# Detailed information is in zylog-1.0/zylog.h

# This script may be called from ZySH watchdog and
# may not check if FTPd is already running, so
# FTPd should be killed here.

/bin/killall -9 pure-ftpd

PS=`/bin/ps | /bin/grep pure-ftpd | /bin/grep -v grep`

# test if "$PS" is non-null
while [ -n "$PS" ]
do
sleep 1
PS=`/bin/ps | /bin/grep pure-ftpd | /bin/grep -v grep`
done
sh-4.1# ls /var/zyxel/
myzone_rule pure-ftpd.arg vsftpd.conf zysh
sh-4.1# vi /var/zyxel/pure-ftpd.arg
-A -B -b -D -H -M -l pam -R -U 000:000 -S 9059 -L 200000:5 -8 utf-8 -9 utf-8 -c
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~


I tried again to connect , but no luck, local connection works - the same as before really. Any ideas? Again thx :)


Top
 Profile  
 
PostPosted: Wed Feb 13, 2013 1:30 pm 
Offline

Joined: Mon Jun 16, 2008 10:45 am
Posts: 6074
I miss some lines in your vsftpd_start_silent.sh:
Code:
if [ -x /usr/local/sbin/pure-ftpd ] ; then
  /bin/nice -n 20 /usr/local/sbin/pure-ftpd `cat /var/zyxel/pure-ftpd.arg`
fi
This is the actual startline, the rest is the killing of a currently running ftp server. Here the contents of /var/zyxel/pure-ftpd.arg is used as commandline arg for pure-ftpd.

Code:
sh-4.1# vi /var/zyxel/pure-ftpd.arg
 -A -B -b -D -H -M -l pam -R -U 000:000 -S 9059 -L 200000:5 -8 utf-8 -9 utf-8 -c
You can just use 'cat' or 'less' to list files. vi is a bit overpowered.

Anyway, I don't see a '-P <PUBLICIP>' in this line, so either the script didn't run, or there is a bug in it. Wat happens if your do
Code:
cat /var/zyxel/pure-ftpd.arg
/usr/local/zy-pkgs/etc/init.d/ftpserver.sh
cat /var/zyxel/pure-ftpd.arg


Top
 Profile  
 
PostPosted: Wed Feb 13, 2013 4:04 pm 
Offline

Joined: Mon Feb 11, 2013 6:26 pm
Posts: 16
"cat /var/zyxel/pure-ftpd.arg" gives:
-A -B -b -D -H -M -l pam -R -U 000:000 -S 9059 -L 200000:5 -8 utf-8 -9 utf-8 -c 5 -C 5 -I 15 -p 9060:9069

"/usr/local/zy-pkgs/etc/init.d/ftpserver.sh" returns nothing - back to prompt and entering "cat /var/zyxel/pure-ftpd.arg" again returns the very same output as before. Here's what "cat /usr/local/zy-pkgs/etc/init.d/ftpserver.sh" returns

#!/bin/sh
#This script disables all LAN FTP connections & enables only Internet ones
#NAS isn't configured to address the public ip but only internal.
#That's why I use this script, so I can access the FTP from everywhere.

# Change in your public IP, or dyndns domain
PUBLICIP=*.*.*.*
Background()
{
sleep 60

# Add public ip to the line
local CURARGS=` cat /var/zyxel/pure-ftpd.arg `
if echo $CURARGS | grep "\"-P $PUBLICIP\""
then
exit 0
fi

echo $CURARGS -P $PUBLICIP >/var/zyxel/pure-ftpd.arg

# restart pure-ftpd
/usr/local/sbin/vsftpd_start_silent.sh
}

Background &

EDIT:

deleted and recreated ftpserver.sh restarted the ftp service, ran ftpservice.sh by hand and after a few seconds the output of "cat /var/zyxel/pure-ftpd.arg" is:
-A -B -b -D -H -M -l pam -R -U 000:000 -S 9059 -L 200000:5 -8 utf-8 -9 utf-8 -c 5 -C 5 -I 15 -p 9060:9069 -P *.*.*.*

tried to connect, but the behaviour is the same - ok for local, no good from internet. Disabling/reenabling the ftp server resets "pure-ftpd.arg" to

-A -B -b -D -H -M -l pam -R -U 000:000 -S 9059 -L 200000:5 -8 utf-8 -9 utf-8 -c 5 -C 5 -I 15

which I think is normal

ls -l ftpserver.sh returns:

-rwxr-xr-x 1 root root 618 Feb 13 16:01 /usr/local/zy-pkgs/etc/init.d/ftpserver.sh

which I think is ok for executable, but it really won't start at startup or for some reason it doesn't modify "pure-ftpd.arg" as it should until I run it by hand.


Last edited by nicklarry on Wed Feb 13, 2013 6:55 pm, edited 2 times in total.

Top
 Profile  
 
PostPosted: Wed Feb 13, 2013 6:27 pm 
Offline

Joined: Mon Jun 16, 2008 10:45 am
Posts: 6074
Quote:
-A -B -b -D -H -M -l pam -R -U 000:000 -S 9059 -L 200000:5 -8 utf-8 -9 utf-8 -c 5 -C 5 -I 15 -p 9060:9069 -P a.b.c.d
Looks as it should
Quote:
tried to connect, but the behaviour is the same - ok for local, no good from internet
Do you have a log from that?
Quote:
Disabling/reenabling the ftp server resets "pure-ftpd.arg"
Yeah. I think I have a fix for that, but let's first find out why the base doesn't work for you.
Quote:
it really won't start at startup or for some reason it doesn't modify "pure-ftpd.arg"
You can add a line
Code:
echo "$0 runs" >/tmp/ftpfix
to see if it really doesn't run.

BTW, you might want to hide your public IP address in your post.


Top
 Profile  
 
PostPosted: Wed Feb 13, 2013 6:32 pm 
Offline

Joined: Mon Feb 11, 2013 6:26 pm
Posts: 16
ftp log - trying to connect from outside:

Status: Connecting to *.*.*.*:9059...
Error: Connection timed out
Error: Could not connect to server
Status: Waiting to retry...
Status: Connecting to *.*.*.*:9059...
Error: Connection timed out
Error: Could not connect to server

local ftp is successfully connected, but I can't get the dir listing which didn't happen before all those changes. Here's the log:

Status: Connecting to *.*.*.*:9059...
Status: Connection established, waiting for welcome message...
Response: 220---------- Welcome to Pure-FTPd [TLS] ----------
Response: 220-You are user number 1 of 5 allowed.
Response: 220-Local time is now 20:35. Server port: 9059.
Response: 220 You will be disconnected after 15 minutes of inactivity.
Command: USER anonymous
Response: 331 Any password will work
Command: PASS **************
Response: 230 Any password will work
Command: SYST
Response: 215 UNIX Type: L8
Command: FEAT
Response: 211-Extensions supported:
Response: EPRT
Response: IDLE
Response: MDTM
Response: SIZE
Response: REST STREAM
Response: MLST type*;size*;sizd*;modify*;UNIX.mode*;UNIX.uid*;UNIX.gid*;unique*;
Response: MLSD
Response: TVFS
Response: ESTP
Response: PASV
Response: EPSV
Response: SPSV
Response: 211 End.
Status: Server does not support non-ASCII characters.
Status: Connected
Status: Retrieving directory listing...
Command: PWD
Response: 257 "/" is your current location
Command: TYPE I
Response: 200 TYPE is now 8-bit binary
Command: PASV
Response: 227 Entering Passive Mode (*,*,*,*,35,100)
Command: MLSD
Error: Connection timed out
Error: Failed to retrieve directory listing



Where should I add the ftpfix line? Should I just issue it in the command line? I tried that and just returned to prompt, but I guess I should be adding it somewhere instead?

Thx for pointing out my ip is visible - ouch! :)


Top
 Profile  
 
PostPosted: Wed Feb 13, 2013 6:45 pm 
Offline

Joined: Mon Jun 16, 2008 10:45 am
Posts: 6074
Quote:
ftp log - trying to connect from outside:
Is that really from the outside? In that case port forwarding has failed. Or are you accessing from inside on your outside ip address? In that case your router doesn't support NAT loopback (or it isn't enabled).
Quote:
Where should I add the ftpfix line?
Somewhere in your script. For instance below the "Background &" line. It will create a file in /tmp/, so you can check if the script has run on boot.
Quote:
Thx for pointing out my ip is visible - ouch!
It's still visible.

Edit:
Quote:
local ftp is successfully connected, but I can't get the dir listing which didn't happen before all those changes.
That's normal it is a side effect of the fix. The opens a port for a data connection, and tells the client to access it on the public IP address. But that address isn't accessible from the inside.

Edit2: Your outside connection works better than your log shows:
Code:
ftp *.*.*.* 9059
Connected to *.*.*.*.
220---------- Welcome to Pure-FTPd [TLS] ----------
220-You are user number 4 of 5 allowed.
220-Local time is now 20:48. Server port: 9059.
220 You will be disconnected after 15 minutes of inactivity.
500 This security scheme is not implemented
Name (*.*.*.*:user)
:


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 39 posts ]  Go to page Previous  1, 2, 3  Next

All times are UTC


Who is online

Users browsing this forum: No registered users and 7 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group