Operation Systems

How to set Passive mode in ProFTPd on Red Hat like distributions

This article is going to show you how to set Passive mode in ProFTPd FTP server on Red Hat like distributions.
Note: Red Hat like distributions are Fedora Core and CentOS.

Firstly you will have to edit the ProFTPd configuration file. It’s location is: /etc/proftpd.conf. Use your favourite text editor to edit the file and put PassivePorts 60000 65000 between and .

For example if the file initially looks like this:

DefaultRoot     ~               psacln
AllowOverwrite          on

you have to put one more line “PassivePorts 60000 65000” without the quotes and it will become like this:

DefaultRoot     ~               psacln
AllowOverwrite          on
PassivePorts 60000 65000

Now you will need to restart the FTP server. In order to do so you will need to know how is the ProFTPd started. If it’s started as separate service you will have to restart it using this command:
service proftpd restart

However if the FTP server is started as part of xinetd you will need to restart the whole xinetd service using this command:
service xinetd restart

Now the Passive mode is set but if you have a firewall you will need to unblock the port range for passive mode in the firewall.
You will have to edit the /etc/sysconfig/iptables file and insert a rule unblocking these ports. For example I’ll show you the rule that I use:
-A RH-Firewall-1-INPUT -m state –state NEW -m tcp -p tcp –dport 60000:65000 -j ACCEPT

If you are using different way of setting up the firewall just copy an existing rule that unblocks some port and replace the port with the port range 60000:65000 as it is shown in the example above.
Once you have set the iptables configuration file /etc/sysconfig/iptables you will need to restart the firewall using the following command:
service iptables restart

Now you should have passive mode set for your FTP server.
Enjoy 😉

Leave a Reply