# pure-ftpd and my nat router

## simcop2387

ok i cant seem to let anyone get to my ftp server (pure-ftpd) to work outside the network.  i did an ftp to it and got this, and keep this in mind its from a completely different computer not the server itself

```

bash-2.05a# ftp 24.158.33.143 5122

Connected to 24.158.33.143.

220 ProFTPD 1.2.5 Server (24.158.33.143) [24.158.33.143]

Name (24.158.33.143:root): anonymous

331 Anonymous login ok, send your complete email address as your password.

Password:

230 Anonymous access granted, restrictions apply.

Remote system type is UNIX.

Using binary mode to transfer files.

ftp> ls

500 Illegal PORT command.

ftp: bind: Address already in use

ftp> ls

500 Illegal PORT command.

ftp> ls

500 Illegal PORT command.

ftp> 

```

go ahead and confirm my findings, i'm thinking its my router (a linksys, dont remember the exact model number at the moment) thats not letting it work properly, any ideas?

[/code]

----------

## S_aIN_t

pure-ftpd has a switch for NAT mode.. try starting the server with that switch

```

-N     NAT mode. Force active mode. If your FTP server  is

              behind  a  NAT box that doesn't support applicative

              FTP proxying, or if you use port redirection  with-

              out  a transparent FTP proxy, use this. Well... the

              previous sentence isn't very clear. Okay:  if  your

              network looks like this:

              FTP--NAT.gateway/router--Internet

              and  if you want people coming from the internet to

              have access to your FTP server, please try  without

              this  option first. If Netscape clients can connect

              without any problem, your  NAT  gateway  rulez.  If

              Netscape  doesn't  display directory listings, your

              NAT gateway sucks. Use -N as a workaround.

```

the above is from the man page.

----------

## simcop2387

well the problem is that with or without the -N flag it gives people the outside the same error, my only guess is that i need to forward ports from my router to the server, and i'd like to know what port range if possible i havent had a chance to check out the pure-ftpd homepage yet or even read the docs (though i never do), i'll check them out now.

UPDATE:

ok, just went and read the docs and it tells you how to fix this exact problem, this is why mods get mad at people they dont read docs.  :Cool: 

----------

## simcop2387

ok i got another problem, new one this time but i think its still  related.

```

Connected to 24.158.33.143.

220-=(<*>)=-.:. (( Welcome to PureFTPd 1.0.11 )) .:.-=(<*>)=-

220-You are user number 1 of 30 allowed

220-Local time is now 19:06 and the load is 0.06. Server port: 5122.

220 You will be disconnected after 15 minutes of inactivity.

Name (24.158.33.143:root): anonymous

230 Anonymous user logged in

Remote system type is UNIX.

Using binary mode to transfer files.

ftp> ls

500 I won't open a connection to 192.168.10.6 (only to 192.168.10.1)

ftp: bind: Address already in use

ftp> 

```

i dont know what this means, the same thing happens outside the localnetwork too so i'm not sure what is happening.

oh and heres the /etc/conf.d/pure-ftpd

```

# Config file for /etc/init.d/pure-ftpd

##Comment variables out to disable its features, or change the values in it... ##

## This variable must be uncommented in order for the server to start ##

IS_CONFIGURED="yes"

## FTP Server,Port (separated by comma) ##

SERVER="-S 192.168.10.6,5122"

## Number of simultaneous connections in total, and per ip ##

MAX_CONN="-c 30"

MAX_CONN_IP="-C 10"

## Start daemonized in background ##

DAEMON="-B"

## Don't allow uploads if the partition is more full then this var ##

DISK_FULL="-k 90%"

## If your FTP server is behind a NAT box, uncomment this ##

# USE_NAT="-N"

## Authentication (others are 'pam', ...)##

AUTH="-l unix"

## Misc. Others ##

MISC_OTHER="-A -i -R -p 50000:50400"

#

# Use these inside $MISC_OTHER

# More can be found on "http://pureftpd.sourceforge.net/README"

#

# -A [ chroot() everyone, but root ]

# -e [ Only allow anonymous users ]

# -E [ Only allow authenticated users. Anonymous logins are prohibited. ]

# -i [ Disallow upload for anonymous users, whatever directory perms are ]

# -j [ If the home directory of a user doesn't exist, auto-create it ]

# -M [ Allow anonymous users to create directories. ]

# -R [ Disallow users (even non-anonymous ones) usage of the CHMOD command ]

# -x [ Authenticated users can read/write files beginning with a dot ('.') 

#       Anonymous users can't, for security reasons ]

# -X [ Users can't write/read files and directories starting with a dot ('.') ]

```

----------

## simcop2387

i've tried everything i can think of (i bet i've missed alot though), i've tried proftpd, no luck either, anyone with any suggestions please feel free

----------

## frippz

I encountered this problem myself just recently and I have no idea how to solve it. Says nothing about it in the docs as far as I can see at least.  :Confused: 

----------

## frippz

Just fixed my problem by commenting out the USE_NAT="-N" part.

Works like a charm now!  :Smile: 

----------

