Passive connections in ProFTPD

Q. I have installed ProFTPD ftp server but some of my clients cannot be connected to my site since they are behind a proxy or firewall. What can I do about it?

A. passive ftp connections are very common when set behind a proxy or firewall. In a passive ftp connection, the client sends the PASV command to the server and is the server who selects a port at random and sends it to the client. We must configure directive PassivePorts in ProFTPD.


Open the ProFTPD configuration file

vim /etc/proftpd.conf

Add the directive

PassivePorts 62000 64000

Save changes in VIM

Esc  :x

Restart ProFTPD

# service restart proftpd

Then we add the following rule to our Firewall (iptables)

# iptables -A INPUT -p TCP -s 0/0 --destination-port 62000:64000 -j ACCEPT

Leave a Comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.