Debian FTP server hangs on list

Posted March 30th, 2009 in Linux/Unix/BSD

I've recently moved from a CentOS web server to Debian and was able to succesfully use an iptables firewall script that I'd used on CentOS previously, but as with an earlier experience with CentOS my firewall settings were preventing directory listings etc when connecting to an FTP server (VSFTPD in my case). This post looks at the change that is needed to get FTP access working correctly through the firewall on Debian to prevent the FTP connection from hanging.

When I tried to connect to the FTP server it hung on the LIST command when getting a directory listing. I had this issue when using both a Linux command line FTP client and also a Windows GUI FTP client whether using passive FTP or not.

To enable the FTP connections through the firewall on Debian (and Debian derived distros such as Ubuntu etc) run the following command either as the root user or using sudo:

modprobe ip_conntrack_ftp

This should fix the issue where the connection hangs and you should now be able to get a directory listing and transfer files etc.

On reboot, the module will not be loaded so you'll be back to the same issue. To make the module load the next time the server reboots add the following line to /etc/modules: