Getting following error after configuring CSF firewall on a cPanel VPS.
Quote:
*WARNING* Since the Virtuozzo VPS iptables ip_conntrack_ftp kernel module is currently broken you have to open a PASV port hole in iptables for incoming FTP connections to work correctly. See the csf readme.txt under 'A note about FTP Connection Issues' on how to do this if you have not already done so. |
How to allow ports in pure-ftpd.conf.
Open the file "/etc/pure-ftpd.conf" and search for "PassivePortRange" and remove the "#" in front of the line.
Quote:
# Port range for passive connections replies. - for firewalling. PassivePortRange 30000 50000 |
Quote:
-bash-3.2# /scripts/restartsrv pureftpd |
How to add port in "csf.conf".
Open the file "/etc/csf/csf.conf" and search for "TCP_IN" and add the port range which you have allowed in the ftp configuration file i.e "30000:50000"
Quote:
# Allow incoming TCP ports TCP_IN = "20,21,22,25,53,80,110,143,443,465,587,993,995,207 7,2078,2082,2083,2086,2087,2095,2096,30000:50000" |
Save the changes and restart CSF service.
Quote:
-bash-3.2# csf -r |
Leave a comment: