FTP Errors on CentOS

February 5, 2015 The Geek Decoder No Comments FTP

AI_NODATA – No address associated with nodename error in your FTP client. Sometimes an EAI_NODATA error is also related to either a EHOSTUNREACH error, or an ECONNABORTED error as well.

Command: MLSDError: Connection timed outError: Failed to retrieve directory listing

Status: Waiting to retry…Status: Disconnected from serverStatus: Resolving address of robertlacylv.comStatus: Connection attempt failed with “EAI_NODATA – No address associated with nodename”.Error: Could not connect to server.

Check iptables:

Make sure firewall is not blocking your access

Run following command to see what iptables rules are setup:


# /sbin/iptables -L -n


# Generated by iptables-save v1.4.7 on Wed Feb  4 23:44:12 2015
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [88:48078]
:acctboth - [0:0]
:cP-Firewall-1-INPUT - [0:0]
-A INPUT -j cP-Firewall-1-INPUT
-A INPUT -j acctboth
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 21 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j cP-Firewall-1-INPUT
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
-A OUTPUT -j acctboth
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 993 -j ACCEPT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 2082 -j ACCEPT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 2078 -j ACCEPT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 53 -j ACCEPT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 2077 -j ACCEPT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 26 -j ACCEPT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 8080 -j ACCEPT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 143 -j ACCEPT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 995 -j ACCEPT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 110 -j ACCEPT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 25 -j ACCEPT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 2086 -j ACCEPT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 2087 -j ACCEPT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 2095 -j ACCEPT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 465 -j ACCEPT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 2096 -j ACCEPT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 3306 -j ACCEPT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 2083 -j ACCEPT
-A cP-Firewall-1-INPUT -p udp -m state --state NEW -m udp --dport 53 -j ACCEPT
COMMIT

Add the passive port range:

-A INPUT -p tcp -m tcp --dport 30000:50000 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 30000:50000

Restart ftp on cpanel

# /usr/local/cpanel/scripts/restartsrv_ftpserver

You can temporary clear all iptables rules so that you can troubleshoot problem. If you are using Red Hat or Fedora Linux type command:


# /etc/init.d/iptables save
# /etc/init.d/iptables stop

If you are using other Linux distribution type following commands:


# iptables -F
# iptables -X
# iptables -t nat -F
# iptables -t nat -X
# iptables -t mangle -F
# iptables -t mangle -X

Source: https://documentation.cpanel.net/display/CKB/How+to+Enable+FTP+Passive+Mode#HowtoEnableFTPPassiveMode-HowdoIenablethepassiveportrangeforPure-FTPd?

Leave a Comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.