So I am a little confused. We have a bunch of soil moisture stations that submit data to our server via ftp. We can not change this to sftp, or ftps, good old plain ftp :/
I have setup a fresh install of Ubuntu 18.04. I have also installed proftpd and I can successfully connect to the server via FileZilla under both passive and active modes. I have enabled port 21 and a range for passive ports (49152-65534) that are set in the config of proftpd, as well as enabling these in Google VPC Firewall rules.
All seems well.. accept when a station attempts to connect to the server. I get the note stating that a station has connected, but then it fails when attempting to run in passive mode. The fail note is 'Hostname was not found'
I have tried turning off UseReverseDNS
but this seems to do nothing what so ever.
I should also note that we have Proftpd setup and working on an older VPS setup outside of GCP. That is working with no issues, with the same config.
Here is the full log from the station that is attempting to connect
Re-using existing connection! (#0) with host xx.xx.xx.xx
Connected to xx.xx.xx.xx (xx.xx.xx.xx) port 21 (#0)
Request has same path as previous transfer
PASV^M
Connect data stream passively
ftp_perform ends with SECONDARY: 0
227 Entering Passive Mode (10,152,0,20,232,150).^M
Hostname was NOT found in DNS cache
Trying 10.152.0.20...
Connecting to 10.152.0.20 (xx.xx.xx.xx) port 59542
And then the logs from the server running proftpd
[05/Jun/2019:06:07:17 +0000] "PASS (hidden)" 230 -
[05/Jun/2019:06:07:17 +0000] "PWD" 257 -
[05/Jun/2019:06:07:17 +0000] "CWD incoming" 250 -
[05/Jun/2019:06:07:17 +0000] "PASV" 227 -
You can see that it is connecting and able to change into the correct directory, but that is when it fails.
Has anyone come across this or something similar to this before? I am wondering if it has to do with the way Google sets the hostname.
Edit: Note re other vps, port ranges
Ok so to answer this question if anyone does come across it.
In proftpd.conf
I uncommented MasqueradeAddress
and set the IP address to match the server's static IP address; IE MasqueradeAddress xx.xx.xx.xx
where xx.xx.xx.xx
is the static IP of the given server.
I also created my own config and placed this in conf.d
with the following
UseReverseDNS off
IdentLookups off
Without disabling the UseReverseDNS
and IndentLookups
the connection was timing out and the stations where not able to upload.
More information if you are interested