ProFTPD Plugin for unRAID v6.8.x


SlrG

Recommended Posts

  • 2 weeks later...
  • 2 weeks later...

I have installed the plugin without any problems.
When I establish an unencrypted connection, everything works without problems.

However, when I want to establish a TLS connection, I get an error message.

 

---------------------------
Fehler
---------------------------
Verbindung verloren.
---------------------------
Server sent passive reply with unroutable address 192.168.2.19, using host address instead.
Zeit abgelaufen (Datenverbindung)
Verzeichnisinhalt konnte nicht abgerufen werden
Fehler beim Anzeigen des Verzeichnisses „/Download“.

 

Here is the translation into English

---------------------------
Error
---------------------------
Connection lost.
---------------------------
Server sent passive reply with unroutable address 192.168.2.19, using host address instead.
Time expired (data connection)
Directory content could not be retrieved
Error displaying the directory "/Download".

 

All keys were created correctly and are also in the corresponding directories.
Here is my proftpd.config

 

# Server Settings
ServerName              ProFTPd
ServerType              standalone
DefaultServer           on
PidFile                 /var/run/ProFTPd/ProFTPd.pid

# Port 21 is the standard FTP port. You propably should not connect to the
# internet with this port. Make your router forward another port to
# this one instead.
Port                    21

# Set the user and group under which the server will run.
User                    nobody
Group                   users

# Prevent DoS attacks
MaxInstances            30

# Speedup Login
UseReverseDNS           off

# Control Logging - comment and uncomment as needed
# If logging Directory is world writeable the server won't start!
# If no SystemLog is defined proftpd will log to servers syslog.
#SystemLog               NONE
#SystemLog               /boot/config/plugins/ProFTPd/slog
TransferLog             NONE
#TransferLog             /boot/config/plugins/ProFTPd/xferlog
WtmpLog                 NONE

# As a security precaution prevent root and other users in
# /etc/ftpuser from accessing the FTP server.
UseFtpUsers             on
RootLogin               off

# Umask 022 is a good standard umask to prevent new dirs and files
# from being group and world writable.
Umask 000

# "Jail" FTP-Users into their home directory. (chroot)
# The root directory has to be set in the description field
# when defining an user:
# ftpuser /mnt/cache/FTP
# See README for more information.
DefaultRoot ~

# Shell has to be set when defining an user. As a security precaution
# it is set to "/bin/false" as FTP-Users should not have shell access.
# This setting makes proftpd accept invalid shells.
RequireValidShell       no

# Normally, we want files to be overwriteable.
AllowOverwrite          on

<IfModule mod_tls.c>
    TLSEngine on
    TLSLog /var/log/proftpd.tls.log
    TLSProtocol SSLv23 TLSv1
    TLSOptions NoCertRequest NoSessionReuseRequired 
    TLSRSACertificateFile /boot/config/plugins/proftpd/ssl/ftp.cert.pem
    TLSRSACertificateKeyFile /boot/config/plugins/proftpd/ssl/ftp.key.pem
    TLSVerifyClient off
    TLSRequired on
</IfModule>


# Allow to restart a download 
AllowStoreRestart              on

 

Where could the fault lie.
I am already despairing.

 

Link to comment

@eFrame

You seem to be establishing a connection in passive mode. Please make sure you define a passive port range and make sure the firewall on your router opens the passive ftp port range to your server, too. Also you probably need to set a masquerade address (your dyndns hostname or static external ip).

 

Also my usual "disclaimer". I don't recommend for the unraid server to be directly accessible from the internet. IMHO it is better to create a VPN connection to your home network and then using that to connect to your server. Then the VPN handles the encryption and FTP can be used unencrypted. This works only for your own and family devices, however and not if you need other "clients" to connect., too.

Link to comment
  • 2 weeks later...

@Mr_Jay84

You don't. The functionality is sadly broken since a long time. But you don't really need it anyway.

 

Just use the shell editor of your choice (nano, vi or mc's editor) to edit the proftpd.conf directly.

nano /etc/proftpd.conf

 

Check the changes by running:

/usr/local/SlrG-Common/usr/local/sbin/proftpd -t -c /etc/proftpd.conf

 

Which will look like this, if no errors are found (the mod_lang message can be ignored).

Checking syntax of configuration file
2022-02-09 17:42:39,824 lafiel proftpd[18318] 127.0.0.1: mod_lang/1.1: unable to scan the localised files in '/usr/local/share/locale': No such file or directory

 

Restart the ProFTPd server afterwards in the plugins settings or from the shell for the changes to take effect.

/etc/rc.d/rc.ProFTPd restart

 

Link to comment
  • 2 weeks later...

Hello,

 

Hope someone can help me i installed the package and I created the user I can access it locally but i want to allow access for a friends folder without using vpn so in the conf file i added and also port forward 21 and port range 60000-65535

 

I have also verifed using a port checker that those ports are open

 

it works locally I can login just my friend cant externally 

 

MasqueradeAddress       216.***.**.***
PassivePorts 60000 65535

 

Status:	Connecting to **********:21...
Status:	Connection established, waiting for welcome message...
Status:	Insecure server, it does not support FTP over TLS.
Status:	Logged in
Status:	Retrieving directory listing...
Command:	PWD
Response:	257 "/" is the current directory
Command:	TYPE I
Response:	200 Type set to I
Command:	PASV
Response:	227 Entering Passive Mode (***,***,*,***,253,190).
Command:	MLSD
Error:	The data connection could not be established: ECONNREFUSED - Connection refused by server
Status:	Disconnected from server

 

 

Link to comment
  • 1 month later...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.