For some reason couldn’t connect to vsftp from “out side”. Today something happened on new software and my workmate must go back to office. That’s a bad idea. But finally, I just solved and figured out why it’s happened. Just because of iptables problems.
In .conf file of vsftpd. There’re some configuration lines must be careful.
they are look like:
pasv_enable=YES pasv_min_port=xxxxx pasv_max_port=yyyyy
When you active PASV MODE. you MUST accept bits enter or exit via those ports. if not VSFTP will say illegal ports. or 500 error to you.
So. you should allow those ports in.
iptables -A INPUT -p tcp --dport xxxxx:yyyyy -j ACCEPT
Particular IP such as aaa.bbb.ccc.ddd
iptables -A INPUT -s aaa.bb.ccc.ddd -p tcp --dport xxxxx:yyyyy -j ACCEPT