ftpserverlib icon indicating copy to clipboard operation
ftpserverlib copied to clipboard

Published 20 hours ago verified publisher icon fclairamb

protocol not available, Unable to open transfer

Open hhhyang opened this issue 2 years ago • 2 comments

hi,i run into a problem while put/get files to/from ftp server using ftpserverlib as core

enviroment: linux kernel version: 2.6.32_1-18-0-0 linux distribution version: CentOS release 6.3 (Final) fclairamb/ftpserver version: 0.11.0 fclairamb/ftpserverlib version: 0.18.0

steps to producing this problem: 1)start fclairamb/ftpserver,listening on port 21

# ./ftpserver-linux-amd64 --conf=ftpserver.json
# cat ftpserver.json

{
   "version": 1,
   "listen_address": "0.0.0.0:21",
   "max_clients": 1000,
   "passive_transfer_port_range": {
      "start": 50000,
      "end": 65534
   },
   "accesses": [
      {
         "user": "test",
         "pass": "test",
         "fs": "os",
         "params": {
            "basePath": "/home/work/ftpserver/ftp"
         }
      }
   ]
}
  1. use any ftp client to connect to ftpserver , login in
  2. send get/put command, then command execution fails, the log prints the follow message
level=debug ts=2022-08-26T04:21:29.886763146Z caller=server.go:295 component=server clientId=1 clientIp=x.x.x.x:62900 event="Client connected"
level=info ts=2022-08-26T04:21:29.886882034Z caller=server.go:90 component=driver clientId=1 remoteAddr=x.x.x.x:62900 nbClients=1 event="Client connected"
level=warn ts=2022-08-26T04:21:29.890954195Z caller=client_handler.go:585 component=server clientId=1 error="could not establish active connection: dial tcp :20->x.x.x.x:62921: protocol not available" event="Unable to open transfer"
level=info ts=2022-08-26T04:21:30.239068319Z caller=server.go:111 component=driver clientId=1 remoteAddr=x.x.x.x:62900 nbClients=0 event="Client disconnected"
level=debug ts=2022-08-26T04:21:30.239121523Z caller=server.go:300 component=server clientId=1 clientIp=x.x.x.x:62900 event="Client disconnected"

hhhyang avatar Sep 12 '22 02:09 hhhyang

Hi @hhhyang,

This looks like a low-level security measure enforced on your system side. I guess that on your OS initiating TCP connections on a port below 1024 is forbidden for non-root users. But it's a wild guess.

I can create a version of the server that allows disabling this behavior. The library already supports it.

fclairamb avatar Sep 17 '22 21:09 fclairamb

@fclairamb thanks for your answer. but i have some more questions:

1、what is your test linux kernel version ? is it also 2.6.32 ? I tested it on some linux machine with version 2.6.32 and version more than 3.10, i found that machines with version 2.6.32 all had this problem, machines with version more than 3.10 worked successfully.

2、the user initiating TCP connections is the connecting ftp client user or the user starting the program ? I start ftpserver using root user

hhhyang avatar Sep 18 '22 05:09 hhhyang

I tested ftpserver 0.12.1 and it works for me

CentOS release 6.7 (Final)
kernel: 2.6.32-573.el6.x86_64

drakkan avatar Oct 19 '22 17:10 drakkan