Test FTP Access Remotely on CentOS

This section provides a tutorial example on how to update firewall on the vsftpd server (and its firewall gateway if it is served in the cloud) to open ports 21 and 30000-31000 for inbound connections.

To allow users to upload and download files remotely, I need to open the firewall to allow users to upload and download files remotely using the vsftpd server on my CentOS computer.

1. Find the active zone of the firewall:

herong$ sudo firewall-cmd --get-active-zones

public
  interfaces: eno1

2. Add predefined "ftp" settings in the active zone "public" to receive incoming FTP connections.

herong$ sudo firewall-cmd --zone=public --add-service=ftp
success

3. Open a range of ports in the active zone to receive incoming FTP passive connections.

herong$ sudo firewall-cmd --zone=public --add-port=30000-31000/tcp
success

4. List all settings in the active zone "public":

herong$ sudo firewall-cmd --zone=public --list-all
public (active)
  target: default
  icmp-block-inversion: no
  interfaces: eno1
  sources:
  services: cockpit dhcpv6-client ftp http ssh
  ports: 80/tcp 3306/tcp 30000-31000/tcp
  protocols:
  masquerade: no
  forward-ports:
  source-ports:
  icmp-blocks:
  ...

5. Persist firewall changes to configuration files.

herong$ sudo firewall-cmd --runtime-to-permanent

6. Verify remote access by running an FTP client program on another computer on the same network, assuming that 192.168.1.3 is the IP address of vsftpd server computer.

herong$ ftp 192.168.1.3
Connected to 192.168.1.3.
220 (vsFTPd 3.0.3)
Name (192.168.1.3:herong): herong
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.

ftp> dir
229 Entering Extended Passive Mode (|||30445|)
150 Here comes the directory listing.
drwxr-xr-x    2 1000     1000           22 Jul 11 10:03 files
226 Directory send OK.

ftp> cd files
250 Directory successfully changed.

ftp> dir
229 Entering Extended Passive Mode (|||30768|)
150 Here comes the directory listing.
-rw-r--r--    1 1000     1000          637 Jul 11 10:03 test.txt
226 Directory send OK.

ftp> get test.txt
local: test.txt remote: test.txt
229 Entering Extended Passive Mode (|||30673|)
150 Opening BINARY mode data connection for test.txt (637 bytes).
100% |*********************************|   637    3.41 MiB/s    00:00 ETA
226 Transfer complete.
637 bytes received in 00:00 (1.08 MiB/s)

ftp> exit
221 Goodbye.

Very good. Remote FTP access is ready!

Note that if your server provided by an service provider in the cloud, you need open port 21 and 30000-31000 for inbound connections on the firewall gateway that protects your server.

Table of Contents

 About This Book

 Introduction to Linux Systems

 Cockpit - Web Portal for Administrator

 Process Management

 Memory Management

 Files and Directories

 Users and Groups

 File Systems

 Block Devices and Partitions

 LVM (Logical Volume Manager)

 Installing CentOS

 SELinux - Security-Enhanced Linux

 Network Connection on CentOS

 Internet Networking Tools

 SSH Protocol and ssh/scp Commands

 Software Package Manager on CentOS - DNF and YUM

vsftpd - Very Secure FTP Daemon

 Install vsftpd on CentOS

 vsftpd Server Configuration

 Setup FTP Sub-Directory for Local Users

 Test FTP Access Locally on CentOS

Test FTP Access Remotely on CentOS

 Support FTP Over TLS on CentOS

 Disable SSH Access for FTP Users

 LDAP (Lightweight Directory Access Protocol)

 Administrative Tasks

 References

 Full Version in PDF/EPUB