Last week I ran an upgrade to jessie that went horribly wrong - I left it to run and came back find nothing working - rebooted and have been cleaning up ever since.
A key remaining problem is:
--
ftp localhost
ftp: connect: Connection refused
ftp> e
which produces this log record
Sep 27 11:37:48 suni kernel: [ 5747.241087] iptables denied: IN=eth0 OUT= MAC= SRC=96.53.6.178 DST=224.0.0.251 LEN=72 TOS=0x00 PREC=0x00 TTL=255 ID=17232 DF PROTO=UDP SPT=5353 DPT=5353 LEN=52
Sep 27 11:37:49 suni kernel: [ 5748.242291] iptables denied: IN=eth0 OUT= MAC= SRC=96.53.6.178 DST=224.0.0.251 LEN=72 TOS=0x00 PREC=0x00 TTL=255 ID=17320 DF PROTO=UDP SPT=5353 DPT=5353 LEN=52
iptables are set to defaults, mail and http work -everything is open. nsswitch has
hosts: files dns mdns4_minimal [NOTFOUND=return] mdns4
and hosts is the original file from wheezy where everything worked.
I've installed two different ftp servers (pro and vs) with no effect; ftp somewhere.com works fine.
this is undoubtedly (?) a minor error somewhere but I'm baffled on where or what
Does anyone have an iptables ruleset that allows open ftp/http/smtp and nothing else?
Scheduled Maintenance: We are aware of an issue with Google, AOL, and Yahoo services as email providers which are blocking new registrations. We are trying to fix the issue and we have several internal and external support tickets in process to resolve the issue. Please see: viewtopic.php?t=158230
iptables, ftp, 224.0.0.251, and an upgrade gone wrong
-
- Posts: 2
- Joined: 2017-09-27 16:52
-
- Posts: 2
- Joined: 2017-09-27 16:52
Re: iptables, ftp, 224.0.0.251, and an upgrade gone wrong
I deleted and reinstalled proftpd...
Now:
ftp suni
Connected to localhost.
421 Service not available, remote server has closed connection
ftp> e
but:
ps -elf | grep ftp
5 S proftpd 6469 1 0 80 0 - 24554 - 15:59 ? 00:00:00 proftpd: (accepting connections)
and the log still says
Sep 29 16:02:20 suni kernel: [194420.092657] iptables denied: IN=eth0 OUT= MAC= SRC=96.53.6.178 DST=224.0.0.251 LEN=71 TOS=0x00 PREC=0x00 TTL=255 ID=4466 DF PROTO=UDP SPT=5353 DPT=5353 LEN=51
I'm guessing the system is missing a config file somewhere.. but which one and where? my xinetd.d dir is suspiciously empty..
ls
chargen daytime discard echo time
help! (please).
rt %
Now:
ftp suni
Connected to localhost.
421 Service not available, remote server has closed connection
ftp> e
but:
ps -elf | grep ftp
5 S proftpd 6469 1 0 80 0 - 24554 - 15:59 ? 00:00:00 proftpd: (accepting connections)
and the log still says
Sep 29 16:02:20 suni kernel: [194420.092657] iptables denied: IN=eth0 OUT= MAC= SRC=96.53.6.178 DST=224.0.0.251 LEN=71 TOS=0x00 PREC=0x00 TTL=255 ID=4466 DF PROTO=UDP SPT=5353 DPT=5353 LEN=51
I'm guessing the system is missing a config file somewhere.. but which one and where? my xinetd.d dir is suspiciously empty..
ls
chargen daytime discard echo time
help! (please).
rt %
-
- Global Moderator
- Posts: 3049
- Joined: 2017-09-17 07:12
- Has thanked: 5 times
- Been thanked: 132 times
Re: iptables, ftp, 224.0.0.251, and an upgrade gone wrong
These iptables logs have nothing to do with FTP. They are just multicast DNS (mDNS) packets received by your system.
Your problem is with the FTP server configuration.
Your problem is with the FTP server configuration.