Yesterday I updated one of centos 6 servers and it also updated proftp from virtualmin repo. Proftp couldnt start after the update because of unknown VRootEngine directives, I fixed this by copying proftpd.conf.rpmnew to proftpd.conf and proftpd started working.
Now it appears that this new version of proftpd provided by Virtualmin is not compatible with centos 6 and users connections are timed out at MLSD ftp command. (No firewall on client or server side). I tried this link but it didn't work :
https://virtualmin.com/documentation/web/faq#FTP_Service_isn-t_working
there is no such module in centos 6 kernel ip_conntrack_ftp
I temporarily fixed this issue by downgrading proftp to v1.3.3 epel.
Here is the exact error that I see when using proftpd 1.3.5d-2.el6 virtualmin :
Command: MLSD
Error: Connection timed out
Error: Failed to retrieve directory listing
however no errors happen when using proftpd 1.3.3g-10.el6 epel :
Command: MLSD
Response: 150 Opening ASCII mode data connection for MLSD
Response: 226 Transfer complete
both using /etc/proftpd.conf provided by 1.3.5d-2.el6 virtualmin package.
Comments
Submitted by andreychek on Wed, 05/24/2017 - 08:52 Comment #1
Hmm, can you try loading the module named "nf_conntrack_ftp"?
After doing that, does the new ProFTPd package work for you?
The module is already loaded:
[root@sv ~]# lsmod | grep -i nf_conntrack_ftpnf_conntrack_ftp 12049 1 nf_nat_ftp
nf_conntrack 79537 11 xt_connlimit,nf_conntrack_ipv6,xt_state,nf_nat_ftp,nf_conntrack_ftp,nf_conntrack_netlink,xt_conntrack,ipt_MASQUERADE,iptable_nat,nf_nat,nf_conntrack_ipv4
and it does not work yet, still the same MLSD connection timeout issue when using proftpd 1.3.5d-2.el6 virtualmin package.