WARNING Since the Virtuozzo VPS iptables ip_conntrack_ftp kernel module + csf

WARNING Since the Virtuozzo VPS iptables ip_conntrack_ftp kernel module + csf

Getting the following error while trying to restart csf in my VPS .

root@abc [/etc/csf]# csf -r
WARNING Since the Virtuozzo VPS iptables ip_conntrack_ftp kernel module is currently broken you have to open a PASV port hole in iptables for incoming FTP connections to work correctly. See the csf readme.txt under ‘A note about FTP Connection Issues’ on how to do this if you have not already done so.
root@abc [/etc/csf]#

Solution : IF we dont have node access we need to change the settings in VPS itself

Check if its Pure FTP or Pro FTP and add the following line in the conf file.

vi /etc/pure-ftpd.conf
PassivePortRange 30000 35000

vi /etc/proftpd.conf
PassivePortRange 30000 35000

vi /etc/csf/csf.conf
# Allow incoming TCP ports
TCP_IN = “20,21,22,25,53,80,110,30000:35000″

If you see this error while restarting iptables then in place of csf step use :

iptables -A INPUT -p tcp –dport 30000:35000 -j ACCEPT

Make sure to enable module modprobe ip_conntrack_ftp from Main node
=====================================================

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s