audric
10-05-2011, 01:07 AM
I have 2 dedicated servers. Each run the same configuration: a debian host OS and a debian guest OS (virtual machine). Both are setup so that their 10021 host port is forwarded to 21 guest port. I changed ips and names in the following log so that my 1st is 1.2.3.4.com (user1234, guest vm ip 192.168.12.11) and my 2nd is 5.6.7.8 (user5678, guest vm ip 192.168.56.11).
What do I do wrong please?
Summary :
Box 1 :
PI public ip : 1.2.3.4
HI host ip : 192.168.12.1
VI vm ip : 192.168.12.11
Net flow comes PI:10021 (or 20 or 50000-60000 ports range) and goes to VI:21 (or 20 or 50000-60000 ports range) through HI.
Box 2 :
PI public ip : 5.6.7.8
HI host ip : 192.168.56.1
VI vm ip : 192.168.56.11
Net flow comes PI:10021 (or 20 or 50000-60000 ports range) and goes to VI:21 (or 20 or 50000-60000 ports range) through HI.
I think I allowed all tcp connections between box1 and box2 either sides.
[07:24:39] [L] Connecting to 1234.com -> DNS=1234.com IP=1.2.3.4 PORT=10021
[07:24:39] [L] Connected to 1234.com
[07:24:39] [L] 220 Welcome to my VerySecureFTPD
[07:24:39] [L] AUTH TLS
[07:24:39] [L] 234 Proceed with negotiation.
[07:24:39] [L] Connected. Negotiating TLSv1 session
[07:24:39] [L] TLSv1 negotiation successful...
[07:24:39] [L] TLSv1 encrypted session using cipher DES-CBC3-SHA (168 bits)
[07:24:39] [L] PBSZ 0
[07:24:39] [L] 200 PBSZ set to 0.
[07:24:39] [L] USER user1234
[07:24:39] [L] 331 Please specify the password.
[07:24:39] [L] PASS (hidden)
[07:24:39] [L] 230 Login successful.
[07:24:39] [L] SYST
[07:24:39] [L] 215 UNIX Type: L8
[07:24:39] [L] FEAT
[07:24:39] [L] 211-Features:
[07:24:39] [L] AUTH SSL
[07:24:39] [L] AUTH TLS
[07:24:39] [L] EPRT
[07:24:39] [L] EPSV
[07:24:39] [L] MDTM
[07:24:39] [L] PASV
[07:24:39] [L] PBSZ
[07:24:39] [L] PROT
[07:24:39] [L] REST STREAM
[07:24:39] [L] SIZE
[07:24:39] [L] TVFS
[07:24:39] [L] UTF8
[07:24:39] [L] 211 End
[07:24:39] [L] PWD
[07:24:39] [L] 257 "/"
[07:25:04] [R] Connecting to 5678.com -> DNS=5678.com IP=5.6.7.8 PORT=10021
[07:25:04] [R] Connected to 5678.com
[07:25:04] [R] 220 Welcome to my VerySecureFTPD
[07:25:04] [R] AUTH TLS
[07:25:04] [R] 234 Proceed with negotiation.
[07:25:04] [R] Connected. Negotiating TLSv1 session
[07:25:04] [R] TLSv1 negotiation successful...
[07:25:04] [R] TLSv1 encrypted session using cipher DES-CBC3-SHA (168 bits)
[07:25:04] [R] PBSZ 0
[07:25:05] [R] 200 PBSZ set to 0.
[07:25:05] [R] USER user5678
[07:25:05] [R] 331 Please specify the password.
[07:25:05] [R] PASS (hidden)
[07:25:05] [R] 230 Login successful.
[07:25:05] [R] SYST
[07:25:05] [R] 215 UNIX Type: L8
[07:25:05] [R] FEAT
[07:25:05] [R] 211-Features:
[07:25:05] [R] AUTH SSL
[07:25:05] [R] AUTH TLS
[07:25:05] [R] EPRT
[07:25:05] [R] EPSV
[07:25:05] [R] MDTM
[07:25:05] [R] PASV
[07:25:05] [R] PBSZ
[07:25:05] [R] PROT
[07:25:05] [R] REST STREAM
[07:25:05] [R] SIZE
[07:25:05] [R] TVFS
[07:25:05] [R] UTF8
[07:25:05] [R] 211 End
[07:25:05] [R] PWD
[07:25:05] [R] 257 "/"
[07:25:15] [L] CWD /admin
[07:25:15] [L] 250 Directory successfully changed.
[07:25:15] [L] PWD
[07:25:15] [L] 257 "/admin"
[07:25:15] [L] TYPE A
[07:25:15] [L] 200 Switching to ASCII mode.
[07:25:15] [L] SIZE phpinfo.php
[07:25:15] [L] 213 21
[07:25:15] [L] MDTM phpinfo.php
[07:25:15] [L] 213 20081212190451
[07:25:15] [R] TYPE A
[07:25:15] [R] 200 Switching to ASCII mode.
[07:25:15] [R] SIZE phpinfo.php
[07:25:15] [R] 550 Could not get file size.
[07:25:15] [R] PROT P
[07:25:15] [R] 200 PROT now Private.
[07:25:15] [L] PROT P
[07:25:16] [L] 200 PROT now Private.
[07:25:16] [L] CPSV
[07:25:16] [L] 500 Unknown command.
[07:25:16] [L] SSCN ON
[07:25:16] [L] 500 Unknown command.
[07:25:16] [L] PASV
[07:25:16] [L] 227 Entering Passive Mode (192,168,12,11,218,129).
[07:25:16] [R] PORT 192,168,12,11,218,129
[07:25:16] [R] 200 PORT command successful. Consider using PASV.
[07:25:16] [R] STOR phpinfo.php
[07:25:16] [R] 553 Could not create file.
[07:25:16] [R] Transfer Failed!
[07:25:16] [L] PASV
[07:25:16] [L] 227 Entering Passive Mode (192,168,12,11,218,152).
[07:25:16] [L] Opening data connection IP: 1.2.3.4 PORT: 55960
[07:25:16] [L] LIST -al
[07:25:16] [L] Connected. Negotiating TLSv1 session
[07:25:16] [L] TLSv1 negotiation successful...
[07:25:16] [L] TLSv1 encrypted session using cipher DES-CBC3-SHA (168 bits)
[07:25:16] [L] 150 Here comes the directory listing.
[07:25:16] [L] 226 Directory send OK.
[07:25:16] [L] List Complete: 313 bytes in 0,36 seconds (0,3 KB/s)
[07:25:16] [R] PASV
[07:25:16] [R] 227 Entering Passive Mode (192,168,56,11,197,199).
[07:25:16] [R] Opening data connection IP: 5.6.7.8 PORT: 55631
[07:25:16] [R] LIST -al
[07:25:16] [R] Connected. Negotiating TLSv1 session
[07:25:16] [R] TLSv1 negotiation successful...
[07:25:16] [R] TLSv1 encrypted session using cipher DES-CBC3-SHA (168 bits)
[07:25:16] [R] 150 Here comes the directory listing.
[07:25:16] [R] 226 Directory send OK.
[07:25:16] [R] List Complete: 245 bytes in 0,38 seconds (0,2 KB/s)
[07:25:16] Transfer queue completed
[07:25:16] Transferred 0 Files (0 bytes) in 1 seconds (0,0 KB/s)
[07:25:16] 1 File Failed
What do I do wrong please?
Summary :
Box 1 :
PI public ip : 1.2.3.4
HI host ip : 192.168.12.1
VI vm ip : 192.168.12.11
Net flow comes PI:10021 (or 20 or 50000-60000 ports range) and goes to VI:21 (or 20 or 50000-60000 ports range) through HI.
Box 2 :
PI public ip : 5.6.7.8
HI host ip : 192.168.56.1
VI vm ip : 192.168.56.11
Net flow comes PI:10021 (or 20 or 50000-60000 ports range) and goes to VI:21 (or 20 or 50000-60000 ports range) through HI.
I think I allowed all tcp connections between box1 and box2 either sides.
[07:24:39] [L] Connecting to 1234.com -> DNS=1234.com IP=1.2.3.4 PORT=10021
[07:24:39] [L] Connected to 1234.com
[07:24:39] [L] 220 Welcome to my VerySecureFTPD
[07:24:39] [L] AUTH TLS
[07:24:39] [L] 234 Proceed with negotiation.
[07:24:39] [L] Connected. Negotiating TLSv1 session
[07:24:39] [L] TLSv1 negotiation successful...
[07:24:39] [L] TLSv1 encrypted session using cipher DES-CBC3-SHA (168 bits)
[07:24:39] [L] PBSZ 0
[07:24:39] [L] 200 PBSZ set to 0.
[07:24:39] [L] USER user1234
[07:24:39] [L] 331 Please specify the password.
[07:24:39] [L] PASS (hidden)
[07:24:39] [L] 230 Login successful.
[07:24:39] [L] SYST
[07:24:39] [L] 215 UNIX Type: L8
[07:24:39] [L] FEAT
[07:24:39] [L] 211-Features:
[07:24:39] [L] AUTH SSL
[07:24:39] [L] AUTH TLS
[07:24:39] [L] EPRT
[07:24:39] [L] EPSV
[07:24:39] [L] MDTM
[07:24:39] [L] PASV
[07:24:39] [L] PBSZ
[07:24:39] [L] PROT
[07:24:39] [L] REST STREAM
[07:24:39] [L] SIZE
[07:24:39] [L] TVFS
[07:24:39] [L] UTF8
[07:24:39] [L] 211 End
[07:24:39] [L] PWD
[07:24:39] [L] 257 "/"
[07:25:04] [R] Connecting to 5678.com -> DNS=5678.com IP=5.6.7.8 PORT=10021
[07:25:04] [R] Connected to 5678.com
[07:25:04] [R] 220 Welcome to my VerySecureFTPD
[07:25:04] [R] AUTH TLS
[07:25:04] [R] 234 Proceed with negotiation.
[07:25:04] [R] Connected. Negotiating TLSv1 session
[07:25:04] [R] TLSv1 negotiation successful...
[07:25:04] [R] TLSv1 encrypted session using cipher DES-CBC3-SHA (168 bits)
[07:25:04] [R] PBSZ 0
[07:25:05] [R] 200 PBSZ set to 0.
[07:25:05] [R] USER user5678
[07:25:05] [R] 331 Please specify the password.
[07:25:05] [R] PASS (hidden)
[07:25:05] [R] 230 Login successful.
[07:25:05] [R] SYST
[07:25:05] [R] 215 UNIX Type: L8
[07:25:05] [R] FEAT
[07:25:05] [R] 211-Features:
[07:25:05] [R] AUTH SSL
[07:25:05] [R] AUTH TLS
[07:25:05] [R] EPRT
[07:25:05] [R] EPSV
[07:25:05] [R] MDTM
[07:25:05] [R] PASV
[07:25:05] [R] PBSZ
[07:25:05] [R] PROT
[07:25:05] [R] REST STREAM
[07:25:05] [R] SIZE
[07:25:05] [R] TVFS
[07:25:05] [R] UTF8
[07:25:05] [R] 211 End
[07:25:05] [R] PWD
[07:25:05] [R] 257 "/"
[07:25:15] [L] CWD /admin
[07:25:15] [L] 250 Directory successfully changed.
[07:25:15] [L] PWD
[07:25:15] [L] 257 "/admin"
[07:25:15] [L] TYPE A
[07:25:15] [L] 200 Switching to ASCII mode.
[07:25:15] [L] SIZE phpinfo.php
[07:25:15] [L] 213 21
[07:25:15] [L] MDTM phpinfo.php
[07:25:15] [L] 213 20081212190451
[07:25:15] [R] TYPE A
[07:25:15] [R] 200 Switching to ASCII mode.
[07:25:15] [R] SIZE phpinfo.php
[07:25:15] [R] 550 Could not get file size.
[07:25:15] [R] PROT P
[07:25:15] [R] 200 PROT now Private.
[07:25:15] [L] PROT P
[07:25:16] [L] 200 PROT now Private.
[07:25:16] [L] CPSV
[07:25:16] [L] 500 Unknown command.
[07:25:16] [L] SSCN ON
[07:25:16] [L] 500 Unknown command.
[07:25:16] [L] PASV
[07:25:16] [L] 227 Entering Passive Mode (192,168,12,11,218,129).
[07:25:16] [R] PORT 192,168,12,11,218,129
[07:25:16] [R] 200 PORT command successful. Consider using PASV.
[07:25:16] [R] STOR phpinfo.php
[07:25:16] [R] 553 Could not create file.
[07:25:16] [R] Transfer Failed!
[07:25:16] [L] PASV
[07:25:16] [L] 227 Entering Passive Mode (192,168,12,11,218,152).
[07:25:16] [L] Opening data connection IP: 1.2.3.4 PORT: 55960
[07:25:16] [L] LIST -al
[07:25:16] [L] Connected. Negotiating TLSv1 session
[07:25:16] [L] TLSv1 negotiation successful...
[07:25:16] [L] TLSv1 encrypted session using cipher DES-CBC3-SHA (168 bits)
[07:25:16] [L] 150 Here comes the directory listing.
[07:25:16] [L] 226 Directory send OK.
[07:25:16] [L] List Complete: 313 bytes in 0,36 seconds (0,3 KB/s)
[07:25:16] [R] PASV
[07:25:16] [R] 227 Entering Passive Mode (192,168,56,11,197,199).
[07:25:16] [R] Opening data connection IP: 5.6.7.8 PORT: 55631
[07:25:16] [R] LIST -al
[07:25:16] [R] Connected. Negotiating TLSv1 session
[07:25:16] [R] TLSv1 negotiation successful...
[07:25:16] [R] TLSv1 encrypted session using cipher DES-CBC3-SHA (168 bits)
[07:25:16] [R] 150 Here comes the directory listing.
[07:25:16] [R] 226 Directory send OK.
[07:25:16] [R] List Complete: 245 bytes in 0,38 seconds (0,2 KB/s)
[07:25:16] Transfer queue completed
[07:25:16] Transferred 0 Files (0 bytes) in 1 seconds (0,0 KB/s)
[07:25:16] 1 File Failed