Applicable to:
- Plesk Onyx for Linux
Symptoms
- Passive FTP connection (plain, non-SSL/TLS) does not work after enabling Plesk Firewall Tools & Settings > Firewall > Enable
- Cannot list directory when connecting in passive mode:
# ftp> dir
227 Entering Passive Mode (192,0,2,2,176,121).
ftp: connect: Connection timed out - The following errors appear in
/var/log/messages:
CONFIG_TEXT: xinetd[2457]: START: ftp pid=4513 from=::ffff:203.0.113.2
proftpd[4513]: processing configuration directory '/etc/proftpd.d'
proftpd[4513]: FTP session opened.
named[3167]: error (network unreachable) resolving - The following errors appear in
/var/log/secure:
CONFIG_TEXT: proftpd: pam_listfile(proftpd:auth): Couldn't open /etc/ftpusers
proftpd[4513]: (203.0.113.2) - USER username: Login successful. - nf_conntrack_ftp module is not loaded:
# lsmod | grep conntrack_ftp
#
Cause
The described behavior is expected if nf_conntrack_ftp module is not loaded.
This is Plesk bug with ID # PPPM-6187: the notification in Plesk UI will be added in future Plesk updates.
Resolution
As a workaround, configure passive ports and load required module as described in the article How to configure a passive ports range for ProFTPd on a server behind a firewall
Comments
4 comments
This worked for us. It should be noted in the release notes.
@Tomas As soon as bug with ID # PPPM-6187 will be fixed it will be noted in release notes
Half year later and this bug is not fixed? Wow...
@Dudebaker, work on bugs is performed in accordance with their priority and impact.
Plesk Development Team does its best to resolve the issue in upcoming updates.
Please sign in to leave a comment.