Hi list,
I've got a site running proftpd that only serves files through FTP-TLS. The setup works correctly for most cases, with two notable exceptions: -- a collegue of mine has complained that he cannot login if the Kerio net-sharing tool is active. He claimed that no filtering rule was in effect. OS: W2k -- one of our customers has difficulties too: his network is behind a microwave-modem gateway. Each box in the internal network has an IP address from the 192.168.x.x/16 range, so I suppose the modem must perform some kind of network address translating or transparent proxying. OS: W98 The clients were CuteFTP Lite 1.2 in both cases, the communication mode was AUTH-TLS, passive FTP. There's neither server nor client certificate checking. When they tried to connect, the process aborted just before the program would ask for the user name and the password, but after the TLS negotiation. On the server side, I see only a "QUIT" command from the clients, nothing else. These are the relevant lines from proftpd.conf: # Network options Bind dargor SocketBindTight yes #PassivePorts 65500 65534 Port 21 PassivePorts 6000 6008 # Daemon security MaxInstances 30 User proftpd Group proftpd CapabilitiesEngine On CapabilitiesSet -CAP_CHOWN # TLS settings TLSEngine on TLSCACertificatePath /etc/ssl/certs TLSRSACertificateFile /etc/proftpd/proftpd.cert TLSRSACertificateKeyFile /etc/proftpd/proftpd.key # Protocol settings MultilineRFC2228 on DefaultTransferMode binary # Timeouts TimeoutNoTransfer 600 TimeoutStalled 600 TimeoutIdle 1200 # Authentication TLSRequired yes UseFTPUsers no AuthPAM no # Protocol security ServerName "dargor's ftp gate" ServerIdent off DeferWelcome on #DenyFilter \*.*/ AllowOverwrite on # Service options PersistentPasswd off Package: proftpd Version: 1.2.8-15.backports.org.1 Has anyone experienced similar phenomena, or does anyone have random ideas, anything? I'd really appreciate even a little hint. bit, adam -- Am I a cleric? | 1024D/37B8D989 Or maybe a sinner? | 954B 998A E5F5 BA2A 3622 Unbeliever? | 82DD 54C2 843D 37B8 D989 Renegade? | http://sks.dnsalias.net