Issue
On the server with Imunify360 and WHM/cPanel an already running FTP file transfer using the Softaculous import feature is interrupted randomly. In the logs, the following may be captured:
Mar 16 21:10:55 srv kernel: nf_ct_ftp: dropping packet: partial matching of `227 '
IN= OUT= SRC=1.2.3.4 DST=5.6.7.8 LEN=53 TOS=0x10 PREC=0x00 TTL=64 ID=34665 DF PROTO=TCP
SPT=21 DPT=38604 SEQ=3038564760 ACK=2531387923 WINDOW=29200 RES=0x00 ACK PSH FIN URGP=0
Environment
- Imunify360
- pure-ftpd
- Softaculous
- WHM/cPanel
- Any supported OS
Solution
It is highly probable that the problem may be related to port availability when running FTP in passive mode. It is necessary to make sure that the port range for FTP operation is open in the firewall settings, that it is not used by any other service on the server.
- It is necessary to check that the port range required for passive FTP mode was opened in the CSF settings (if it is installed on the server).
- It is necessary to check that the port range required for passive FTP mode was opened in Imunify360, in case the mode "All close, except specified" is used.
- It is worth checking whether there is a firewall running in front of the server (cloud firewall provided by the hoster, for example).
Additional measures for troubleshooting. The following commands can be used to investigate and troubleshoot the problem:
# echo "PassivePortRange: 35817 52199" >> /var/cpanel/conf/pureftpd/local
# /usr/local/cpanel/scripts/setupftpserver pure-ftpd --force
# echo '52220-52239' > /proc/sys/net/ipv4/ip_local_reserved_ports
# systemctl restart pure-ftpd
# systemctl restart imunify360
Also, if the server is running with an old kernel, and the previous steps have not helped, it is possible to try to update the kernel and boot the server with it.
Useful links
Comments
0 comments
Please sign in to leave a comment.