Question

6

vsftpd - Illegal PORT command

rated 0 times [ 6] [ 0] / answers: 1 / hits: 33747 / 3 Years ago, mon, november 1, 2021, 6:22:56

I'm using a Ubuntu Server on a VirtualBox machine. Apache and SSH are working, but FTP after successfully connect to the server and login, it sends a error message:

 - Command: PORT 127,0,0,1,180,221 

 - Response: 500 Illegal PORT command.

 - Error: Failed to retrieve directory listing



Port Forwarding:

TCP | Host Port 2100 | Guest Port 21

My vstpd.conf file:

listen=YES

pasv_enable=YES

pasv_min_port=2005

pasv_max_port=2010

port_enable=YES

anonymous_enable=YES

local_enable=YES

write_enable=YES

anon_upload_enable=YES

anon_mkdir_write_enable=YES

dirmessage_enable=YES

use_localtime=YES

xferlog_enable=YES

connect_from_port_20=NO

ftpd_banner=Welcome.

chroot_local_user=NO

chroot_list_enable=YES

chroot_list_file=/etc/vsftpd.chroot_list

secure_chroot_dir=/var/run/vsftpd/empty

pam_service_name=vsftpd

rsa_cert_file=/etc/ssl/private/vsftpd.pem

Answers

Only authorized users can answer the question. Please sign in first, or register a free account.

anxietunnel

Add To Favorites

Follow

Total Points: 66

Total Questions: 120

Total Answers: 115

Location: Norway

Member since Sat, Mar 4, 2023

1 Year ago

answered 3 Years ago terose · Accepted Answer

jackbenny is close...

I am running on AWS with Ubuntu here is what I did to make vsftpd behave correctly:

seccomp_sandbox=NO

allow_writeable_chroot=YES

pasv_address=<(public ip) or (AWS public domain or DNS)>

pasv_enable=Yes

pasv_min_port=30000

pasv_max_port=30100

port_enable=YES

Then you have to make sure you are allowing ports, 20,21,30000-30100 through. Keep in mind that the port choices 30000-30100 are completely arbitrary and can be whatever you want. Although, I would stick to ports above 10000 and a range of 100 or more.