Enable ftp port

sai_2507 · April 24, 2012, 1:20am

Hi Experts,

Need your help in enabling the ftp port in HP-UX box.

Is there any command/config file that needs to be changed?

Also is it possible to open it only for few selected IPs only?

haczyk · April 24, 2012, 6:16am

I think on hpu-ux there is ipfilter:
source

Currently I dont have access to hpux, but here example commands

vbe · April 25, 2012, 4:13am

Very first thing: Is it commented out in /etc/inetd.conf ? (Here uncommented...)

#       ARPA/Berkeley services
#
##
ftp          stream tcp nowait root /usr/lbin/ftpd      ftpd -l
telnet       stream tcp nowait root /usr/lbin/telnetd  telnetd
#
.

sai_2507 · April 25, 2012, 4:16am

Hi Vbe

Thanks for the reply

No it is not not commented as shown in below code.

 
$ more /etc/inetd.conf |grep ftp
ftp          stream tcp nowait root /usr/lbin/ftpd      ftpd -l -a -u 002
# Before uncommenting the "tftp" entry below, please make sure
# that you have a "tftp" user in /etc/passwd. If you don't
# have one, please consult the tftpd(1M) manual entry for
$

methyl · April 25, 2012, 6:51am

You have the -a switch set in ftpd which enables the ftpaccess file. See man 4 ftpaccess .

What is your actual problem? What computer Operating System are you trying to run the ftp client on? What have you tried, and what happens?

vbe · April 25, 2012, 8:17am

Do you have a /var/adm/inetd.sec file? I no, now worries if yes, what is the content?

sai_2507 · April 25, 2012, 10:26pm

Hi Vbe,

No,/var/adm/inetd.sec is not installed.

Hi Methyl,

My actual problem is I want to enable ftp in one of HP-UX box.
I wanted to know the steps required for the same, i.e if I need to change any config file to enable ftp service or open the port to which ftp listens.

Moreover in future we want to restrict the ftp acces to few IPs only.

Thanks to both of u for reply.

vbe · April 26, 2012, 4:37am

The simplest would be to use inetd.sec

# @(#)B.11.11_LRinetd.sec $Revision: 1.10.214.1 $ $Date: 96/10/08 13:20:06 $
#
#
# The lines in the file contain a service name, permission field and
# the Internet addresses or names of the hosts and/or networks 
# allowed to use that service in the local machine.
# The form for each entry in this file is:
#
# <service name>   <allow/deny>  <host/network addresses, host/network names>
#
# For example:
# 
# login         allow   10.3-5 192.34.56.5 ahost anetwork
#
# The above entry allows the following hosts to attempt to access your system 
# using rlogin: 
#               hosts in subnets 3 through 5 in network 10, 
#               the host with Internet Address of 192.34.56.5,
#               the host by the name of "ahost",
#               all the hosts in the network "anetwork"
#
# mountd      deny    192.23.4.3
#
# The mountd entry  denies host  192.23.4.3  access to the NFS  rpc.mountd
# server.
#
# Hosts and network names must be official names, not aliases.
# See the inetd.sec(4) manual page for more information.
dtspc   allow   127.0.0.1       loopback 
shell   deny    0.0.*
ftp     allow    host1 host2 host3
#etc...

sai_2507 · April 26, 2012, 10:26pm

Hi vbe,

Thanks for the reply.

However file /var/adm/inetd.sec is not available on my HP-UX box.

Can I manually create the file using above mentioned format?

Do I need to restart the inted daemon after creating the file?

vbe · April 27, 2012, 7:36am

It is an optional file, in other words you have to create one that is why I gave you an extract to copy if needed...
Yes after you force inetd to to read the configs by typing:

inetd -c