For few days I have a strange problem with FTP. I believe it’s after an update (but not sure). I use FileZilla to connect to FTP, but now it stops on the MLSD command:
Response: 200 PORT command successful
Error: Connection timed out
Error: Failed to retrieve directory listing
I tried to switch to passive / active and binary / ASCII mode. I also tried to connect using gftp and bareftp, but they both have similar problem - they stop at LIST -aL command and wait forever. The firewalls are OK.
So I believe it’s proftpd problem, but I don’t know where to start with solving this problem. Please help.
When control connection works and data connection does not, it’s most likely indeed a router/firewall related problem. What’s your setup, does the client/server sit behind a router? What forwardings are in place? What ports does ProFTPD use for passive range?
Another thing to try that’s sometimes a “quick fix” is to load the nf_conntrack_ftp kernel module. It assists with FTP connection tracking, and in some cases is able to resolve the issue you’re seeing.
To load it, run this command as root from the command line:
As far as I understand nf_conntrack_ftp, from my quick browsing what that stuff does, it performs FTP protocol inspection and marks packets belonging to data connections as “related”, so that - with the appropriate iptables rules in place - the FTP passive mode port range does not need to be explicitly allowed in iptables… Is thar correct?