ProFTP -> Port XXX refused (address mismatch)

ProFTP -> Port XXX refused (address mismatch)

Post by Joerg Morbitze » Thu, 14 Dec 2000 22:33:54



Hi,

I am running ProFTP 1.2.0rc2 on my Linux box.
When doing a ftp from a machine with a static ip
address or from localhost I have no problem at all.
When doing a ftp through a NAT or masquerading
box to my ftp server I get these error messages:

Dec 13 13:18:30 ns proftpd[25840]: ns.mydomain.com \
        (mail.ftpclient.com[162.96.203.154]) - Refused \
         PORT 192,168,3,40,145,163 (address mismatch).

What does "adress mismatch" mean and how can
I solve this problem ? Any ideas ??

Thanks, Joerg.

 
 
 

ProFTP -> Port XXX refused (address mismatch)

Post by <jos.. » Fri, 15 Dec 2000 01:36:27


Quote:>PORT 192,168,3,40,145,163 (address mismatch).

The outside computer ( Ftp server ) sees only the NAT computer's external ip
. Your computer( internal) sends the PORT command, specifying the port on
which to receive data, as well as it's IP ( internal ip address ) .

You need to run an ftp proxy or an ftp masquerading module on the NAT, to
intercept your ftp PORT commands and rewrite it.
Assuming you are using linux with a 2.2.x kernel,

you have to load the masq module for ftp ,
I think it is called ftp_masq.o or something.

look in the /lib/modules/<kernel version>/ , and further down.

modprobe ftp_masq.o should do it.

hth

 
 
 

ProFTP -> Port XXX refused (address mismatch)

Post by Joerg Morbitze » Fri, 15 Dec 2000 01:51:27



Quote:

> >PORT 192,168,3,40,145,163 (address mismatch).

> The outside computer ( Ftp server ) sees only the NAT computer's external ip
> . Your computer( internal) sends the PORT command, specifying the port on
> which to receive data, as well as it's IP ( internal ip address ) .

> You need to run an ftp proxy or an ftp masquerading module on the NAT, to
> intercept your ftp PORT commands and rewrite it.
> Assuming you are using linux with a 2.2.x kernel,

> you have to load the masq module for ftp ,
> I think it is called ftp_masq.o or something.

> look in the /lib/modules/<kernel version>/ , and further down.

> modprobe ftp_masq.o should do it.

> hth

It's me who is running the ftp server, some of my customers want
to connect to this ftp server to do some uploads. I think you
mean that these clients have to use the masq module for ftp,
not me on my ftp server? Is that right ?

        Thanks, Joerg.

 
 
 

1. question: Who is xxx.xxx.xxx.xxx tell xxx.yyy.yyy.zzz

This morning I noticed the activity LED on my cable modem has been going
nuts with loads of network traffic. I'm just sitting there not doing
anything. I'm using a Mandrake 7.2 box with IPCHAINS and Portsentry.

I checked my log files and Portsentry mail and see lots of DENY stuff.

I then fired up ethereal and start capturing. I see page after page of
messages such as:

Who has 24.177.63.127 Tell 65.112.55.123

The numbers are not accurate (I can post them if needed), but the messages
are all the same with differing IP numbers on both sides.

What does this mean? I called my broadband provider and they said they had
no idea.

Has my system been hacked?

Thanks,
Paul Nixon

2. all

3. ypmatch xxx hosts & nslookup xxx mismatch

4. Stealth 32 PCI - when if ever ?

5. Arpresolve error: can't allocate llinfo for xxx.xxx.xxx.xxx

6. Linux in the press

7. These "ICMP redirect from xxx.xxx.xxx.xxx" errors

8. 2Mx32 60ns $34.00

9. Installation freezing at "Add default route xxx.xxx.xxx.xxx" with NE2000 card

10. kernel: ICMP: xxx.xxx.xxx.xxx: Source route failed

11. Telnet xxx.xxx.xxx.xxx 25

12. Arpresolve error: can't allocate llinfo for xxx.xxx.xxx.xxx

13. Netstat returns IP= xxx.xxx.xxx.xxx.blackjack what's up?