Moderator: Project members
-
emrrfc
- 504 Command not implemented
- Posts: 8
- Joined: 2018-09-24 15:37
- First name: Robert
- Last name: Chapie
421 Could not create socket
#1
Post
by emrrfc » 2018-09-24 16:06
Hello,
We are experiencing occasional 421 Could not create socket notices. This is causing some of our ftp jobs to fail and need to be resent. We are a low volume user, around 40 logins daily transferring 5 files. The files vary in size from 500K to 15-20 meg. The connections are spaced out through the day so they don’t all hit at once. We are using the current version 0.9.60.2. We are using passive mode without specifying a port range since everything is internal, no external connections to the internet, everything is open. Here is a sample of what we are seeing. I have changed the login and ip address. When the PASV command is issued is the could not create socket coming from my FTP server or the client? Should I define a port range for Filezilla to use?
(004272) 9/21/2018 8:45:21 AM — anyftp (11.200.10.245)> 230 Logged on
(004272) 9/21/2018 8:45:21 AM — anyftp (11.200.10.245)> CWD
(004272) 9/21/2018 8:45:21 AM — anyftp (11.200.10.245)> 250 CWD successful. «/» is current directory.
(004272) 9/21/2018 8:45:21 AM — anyftp (11.200.10.245)> TYPE I
(004272) 9/21/2018 8:45:21 AM — anyftp (11.200.10.245)> 200 Type set to I
(004272) 9/21/2018 8:45:21 AM — anyftp (11.200.10.245)> PASV
(004272) 9/21/2018 8:45:21 AM — anyftp (11.200.10.245)> 421 Could not create socket.
(004272) 9/21/2018 8:45:21 AM — anyftp (11.200.10.245)> QUIT
(004272) 9/21/2018 8:45:21 AM — anyftp (11.200.10.245)> 221 Goodbye
(004272) 9/21/2018 8:45:21 AM — anyftp (11.200.10.245)> disconnected.
Thanks
Rob
-
boco
- Contributor
- Posts: 26614
- Joined: 2006-05-01 03:28
- Location: Germany
Re: 421 Could not create socket
#2
Post
by boco » 2018-09-24 17:30
We are using passive mode without specifying a port range since everything is internal, no external connections to the internet, everything is open.
Consider limiting the Passive range to 49152-65535, even if it is internal. The reason is that only the mentioned range is most probably unused (meant for temporary, ephemeral usage). All lower ports might at least be occupied partially by other services. When FileZilla tries to create a passive socket on such an occupied or blocked port, the result is the error 421 as you experienced.
Things to consider:
— Antivirus programs or other security software can block sockets. Sockets can also be occupied by other services.
— The error shown starts with a «4», thus it is of temporary nature. In such situations, your scripts should simply retry the transfer. Aborting the scrips is only correct in case of errors starting with «5» (permanent error).
When the PASV command is issued is the could not create socket coming from my FTP server or the client?
Lines starting with a response code always come from the server.
Btw. you don’t need to obfuscate internal IP addresses (starting with 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16). These are not unique in any way and cannot be used for identification.
### BEGIN SIGNATURE BLOCK ###
No support requests per PM! You will NOT get any reply!!!
FTP connection problems? Please do yourself a favor and read Network Configuration.
FileZilla connection test: https://filezilla-project.org/conntest.php
### END SIGNATURE BLOCK ###
-
botg
- Site Admin
- Posts: 34952
- Joined: 2004-02-23 20:49
- First name: Tim
- Last name: Kosse
- Contact:
Re: 421 Could not create socket
#3
Post
by botg » 2018-09-24 18:51
Consider limiting the Passive range to 49152-65535, even if it is internal. The reason is that only the mentioned range is most probably unused (meant for temporary, ephemeral usage). All lower ports might at least be occupied partially by other services. When FileZilla tries to create a passive socket on such an occupied or blocked port, the result is the error 421 as you experienced.
That’s no longer necessary since version 0.9.51, since then if no range has been manually been configured, 49152 through 65535 is used.
FileZilla Server allocates ports in a manner that automatically prevents reuse of ports within the mandatory TIME_WAIT interval (see TCP RFCs). In case a port is selected that is already used by a program other than FileZilla Server, it retries up to 15 times to find an alternative before giving up.
-
emrrfc
- 504 Command not implemented
- Posts: 8
- Joined: 2018-09-24 15:37
- First name: Robert
- Last name: Chapie
Re: 421 Could not create socket
#5
Post
by emrrfc » 2018-09-25 14:26
Thanks for the replies. We are using Symantec Endpoint Protection. Can I put in an exclusion for ports 49152 through 65535?
-
botg
- Site Admin
- Posts: 34952
- Joined: 2004-02-23 20:49
- First name: Tim
- Last name: Kosse
- Contact:
Re: 421 Could not create socket
#6
Post
by botg » 2018-09-25 19:21
Worth a try.
-
emrrfc
- 504 Command not implemented
- Posts: 8
- Joined: 2018-09-24 15:37
- First name: Robert
- Last name: Chapie
Re: 421 Could not create socket
#7
Post
by emrrfc » 2019-01-18 16:23
I was able to get Symantec turned off and I am still getting random 421 Could not create socket errors. Next thing to try is putting in a custom port range of 52,000 to 53,000. My other thought is to go to a slightly older release. Any other suggestions?
Thanks
Rob
-
boco
- Contributor
- Posts: 26614
- Joined: 2006-05-01 03:28
- Location: Germany
Re: 421 Could not create socket
#8
Post
by boco » 2019-01-20 23:51
Older releases are not supported, so, we cannot recommend nor help with that.
### BEGIN SIGNATURE BLOCK ###
No support requests per PM! You will NOT get any reply!!!
FTP connection problems? Please do yourself a favor and read Network Configuration.
FileZilla connection test: https://filezilla-project.org/conntest.php
### END SIGNATURE BLOCK ###
-
emrrfc
- 504 Command not implemented
- Posts: 8
- Joined: 2018-09-24 15:37
- First name: Robert
- Last name: Chapie
Re: 421 Could not create socket
#9
Post
by emrrfc » 2019-01-31 16:00
Hi,
I’m going to close the loop on this issue. I disabled Symantec and I still received the 421 socket error. I then set the passive range to 52,000 — 53,000. No 421 socket errors for almost 2 weeks.
Rob
I’m installing through brew.
The error message(s):
When I call
postgres
I receive the error
LOG: could not bind IPv6 socket: Address already in use
HINT: Is another postmaster already running on port 5432? If not, wait a few seconds and retry.
LOG: could not bind IPv4 socket: Address already in use
HINT: Is another postmaster already running on port 5432? If not, wait a few seconds and retry.
LOG: could not bind IPv6 socket: Address already in use
HINT: Is another postmaster already running on port 5432? If not, wait a few seconds and retry.
WARNING: could not create listen socket for "localhost"
FATAL: could not create any TCP/IP sockets
Running
postgres -D /usr/local/var/postgres
Creates the same error
createdb
prompts me for my password twice, then says,
createdb: could not connect to database template1: FATAL: password authentication failed for user "thomasmurphy"
What I’ve tried
* Uninstalling and reinstalling the pg gem, uninstalling and reinstalling postgres
* Updating command line tools
* Satisying all of brew doctor’s needs
* editing pg_hba.conf’s permissions
* editing .bash_profile to be sure it includes the above directories
I have Postgres running perfectly on my work computer, also on Mavericks, so this strikes me as somewhat of an edge case. What other vectors can I poke at to try to solve this?
Cristik
30.7k25 gold badges91 silver badges127 bronze badges
asked Nov 25, 2013 at 16:35
Thomas MurphyThomas Murphy
1,3144 gold badges14 silver badges41 bronze badges
5
The error you got is because your host is broken. Check your /etc/hosts file.
Put 127.0.0.1 localhost at the first line of hosts.
elixir
7521 gold badge7 silver badges25 bronze badges
answered May 16, 2015 at 11:29
3
The errors you are getting are because PostgreSQL is running. How do I know? Because it is rejecting your password. That’s pretty clear.
Now your real problem is probably that you need to restart PostgreSQL after modifying the pg_hba.conf to give you trust access. Then you can:
ALTER USER foo WITH PASSWORD 'bar';
In terms of starting and restarting PostgreSQL, please see this question: How to start PostgreSQL server on Mac OS X?
answered Dec 13, 2013 at 13:36
Chris TraversChris Travers
25.2k6 gold badges63 silver badges181 bronze badges
1
Linux: Make sure that your loopback interface is up by running the ifconfig at the command line. If it’s not up, you can use /sbin/ifconfig lo 127.0.0.1 to bring it up.
answered Aug 16, 2017 at 17:32
kazoukazou
414 bronze badges
2
A machine reboot resolved the error for me.
answered Jun 11, 2021 at 2:23
user3405291user3405291
6,9396 gold badges62 silver badges140 bronze badges
1
It may not be that your /etc/hosts is broken. It could be something else breaking DNS lookup of localhost, even if the correct line is in /etc/hosts.
Check nslookup localhost and see if you get 127.0.0.1 as a result. Also check with getent hosts localhost. Check these also as the user Postgres runs as.
answered Dec 15, 2017 at 2:10
WildcardWildcard
1,2832 gold badges20 silver badges42 bronze badges
1
There are multiple scenarios and places to check in this case. Got lost once because of this.
A usual default hosts file should look like one below:
[root@localmachine ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
To confirm localhost is able to resolve, test using ping:
[root@localmachine ~]# ping localhost
Check cat /etc/nsswitch.conf|grep hosts and confirm files is there:
# hosts: files dns
# hosts: files dns # from user file
#hosts: db files nisplus nis dns
hosts: files mdns4_minimal [NOTFOUND=return] dns myhostname
Check permissions of /etc/hosts file, it should be 644 ( readable for all processes/users` ):
[root@localmachine ~]# ls -al /etc/hosts
-rw-r--r--. 1 root root 240 Aug 14 08:04 /etc/hosts
For those who have enough time, I’ve created a detailed blog post here:
https://coffeewithbytes.com/blog/postgres-hostsfile-permissions/
I’ve mentioned how I checked and came to a conclusion.
answered Aug 16, 2019 at 2:58
AntoAnto
3,0081 gold badge18 silver badges20 bronze badges
Did you installed another version of Postgres previously? In my case, I was trying to execute:
sudo systemctl restart postgresql
that was incorrect!! finally I found the correct one is:
sudo systemctl restart postgresql-12
I had two versions of Postgres…
answered Jul 18, 2020 at 13:21
Could not create TCP/IP connection or could not connect to localhost
A TCP/IP reset helps solve the problem after a full day of several different techniques. It turned out that the problem was with my PC due to bad TCP/IP configuration.
I used the following commands to achieve the reset.
- Reset the Windows Socket Catalog (winsock). You could read more on winsock
netsh winsock reset catalog
- Reset the TCP/IP:
netsh int ip reset
You will then restart your PC/system so that the configuration reset can work.
If you couldn’t understand this, watch the video explanation on Landon Johnson’s channel
answered May 25, 2022 at 9:59
1
I know its quite an old issue but I wanted to post what worked for me first I ended every postgres task on task manager.
Secondly I purged and reinstalled postgressql again using these method below
First remove the installed postgres:
sudo apt-get purge postgr*
sudo apt-get autoremove
Then install ‘synaptic’:
sudo apt-get install synaptic
sudo apt-get update
Then install Postgres
sudo apt-get install postgresql postgresql-contrib
Wallah it works. Warning it may affect your other projects who may be running on port 5432.Beware.
answered Aug 29, 2021 at 17:13
1
-
-
Rox169
Member
- Posts: 347
- Joined: Sat Sep 04, 2021 1:47 am
wireguard1: Could not create IPv4 socket
Tue Mar 22, 2022 8:15 pm
Hi,
what does mean wireguard1: Could not create IPv4 socket?
Thank you
-
-
holvoetn
Forum Guru
- Posts: 2701
- Joined: Tue Apr 13, 2021 2:14 am
- Location: Belgium
Re: wireguard1: Could not create IPv4 socket
Tue Mar 22, 2022 8:21 pm
Are you using a port which is already been used by another service ?
-
-
Rox169
Member
- Posts: 347
- Joined: Sat Sep 04, 2021 1:47 am
Topic Author
Re: wireguard1: Could not create IPv4 socket
Tue Mar 22, 2022 8:29 pm
probably yes, im trying to find the non blockek port by ISP. Do you suggest any port?
Thank you
-
-
holvoetn
Forum Guru
- Posts: 2701
- Joined: Tue Apr 13, 2021 2:14 am
- Location: Belgium
Re: wireguard1: Could not create IPv4 socket
Tue Mar 22, 2022 8:33 pm
It’s not a blocked port. Because then nothing would happen
It is really a port already in use.
See what other ports you can use.
12321 is default Mikrotik in Help pages, I think.
Anything from 10000 to 65535 can be used.
But it needs to be open, as in: not used by anything else.
Obviously it needs to pass whatever firewall is in between…
Display posts from previous:
Sort by
Users browsing this forum: No registered users and 2 guests
Здравствуйте!
У меня на компе установлен Apache MySql а так же File Zilla Server
В настройках роутера открыл forwarding port-ы:
HTTP:80
HTTPS:443
FTP:21
И вбил внутренний IP: 192.168.1.4 который указан в свойствах моей сети IPv4
В Брандмауере создал правило для 80, 21, 433 протов TCP протокола
Запускаю Apache и File Zilla Server
File Zilla Server:
____________________________________________________________
FileZilla Server version 0.9.50 beta
Copyright 2001-2015 by Tim Kosse (tim.kosse@filezilla-project.org)
https://filezilla-project.org/
Connecting to server 127.0.0.1:14147…
Connected, waiting for authentication
Logged on
____________________________________________________________
Захожу по локальному адресу: http://localhost через браузер (без каких либо Proxy)
Страница серевера открывается, все отлично!
Пробую еще с 80-тым портом: http://localhost:80
Тоже все отлично работает!
теперь определяю свой внешний IP, через сервис 2ip
и теперь пробую перейти на веб страницу своего Web сервера через внешний IP — Все тоже отлично! страница открывается!
Запускаю Ftp клиент: File Zilla Ftp Client (Ранее я создал на FTP Server-e два пользователя, один анонимный второй обычный. В сервере прописан порт 21, максимальное кол. польз. неогр.,)
Захожу по FTP по локалке анонимно, по принципу ftp://localhost:21
FTP Client:
_________________________________________________
Статус: Определение IP-адреса для localhost
Статус: Соединяюсь с [::1]:21…
Статус: Соединение установлено, ожидание приглашения…
Статус: Небезопасный сервер, не поддерживает FTP через TLS.
Статус: Соединение установлено
Статус: Получение списка каталогов…
Статус: Список каталогов «/» извлечен
__________________________________________________
FTP Server:
__________________________________________________
(000006)30.03.2015 18:33:51 — (not logged in) (::1)> Connected on port 21, sending welcome message…
(000006)30.03.2015 18:33:51 — (not logged in) (::1)> 220-FileZilla Server version 0.9.50 beta
(000006)30.03.2015 18:33:51 — (not logged in) (::1)> 220-written by Tim Kosse (tim.kosse@filezilla-project.org)
(000006)30.03.2015 18:33:51 — (not logged in) (::1)> 220 Please visit https://filezilla-project.org/
(000006)30.03.2015 18:33:51 — (not logged in) (::1)> AUTH TLS
(000006)30.03.2015 18:33:51 — (not logged in) (::1)> 502 SSL/TLS authentication not allowed
(000006)30.03.2015 18:33:51 — (not logged in) (::1)> AUTH SSL
(000006)30.03.2015 18:33:51 — (not logged in) (::1)> 502 SSL/TLS authentication not allowed
(000006)30.03.2015 18:33:51 — (not logged in) (::1)> USER anonymous
(000006)30.03.2015 18:33:51 — (not logged in) (::1)> 331 Password required for anonymous
(000006)30.03.2015 18:33:51 — (not logged in) (::1)> PASS **************
(000006)30.03.2015 18:33:51 — anonymous (::1)> 230 Logged on
___________________________________________________
Все отлично работает!
Захожу теперь через внешний IP через клиент:
FTP Client:
___________________________________________________
Статус: Соединяюсь с XX.XX.XX.XX:21…
Статус: Соединение установлено, ожидание приглашения…
Статус: Небезопасный сервер, не поддерживает FTP через TLS.
Статус: Соединение установлено
Статус: Получение списка каталогов…
Команда: PWD
Ответ: 257 «/» is current directory.
Команда: TYPE I
Ответ: 200 Type set to I
Команда: PASV
Ответ: 421 Could not create socket, unable to query socket for used port.
Ошибка: Не удалось получить список каталогов
____________________________________________________
FTP Server:
____________________________________________________
(000010)30.03.2015 18:37:56 — (not logged in) (XX.XX.XX.XX)> Connected on port 21, sending welcome message…
(000010)30.03.2015 18:37:56 — (not logged in) (XX.XX.XX.XX)> 220-FileZilla Server version 0.9.50 beta
(000010)30.03.2015 18:37:56 — (not logged in) (XX.XX.XX.XX)> 220-written by Tim Kosse (tim.kosse@filezilla-project.org)
(000010)30.03.2015 18:37:56 — (not logged in) (XX.XX.XX.XX)> 220 Please visit https://filezilla-project.org/
(000010)30.03.2015 18:37:56 — (not logged in) (XX.XX.XX.XX)> AUTH TLS
(000010)30.03.2015 18:37:56 — (not logged in) (XX.XX.XX.XX)> 502 SSL/TLS authentication not allowed
(000010)30.03.2015 18:37:56 — (not logged in) (XX.XX.XX.XX)> AUTH SSL
(000010)30.03.2015 18:37:56 — (not logged in) (XX.XX.XX.XX)> 502 SSL/TLS authentication not allowed
(000010)30.03.2015 18:37:57 — (not logged in) (XX.XX.XX.XX)> USER anonymous
(000010)30.03.2015 18:37:57 — (not logged in) (XX.XX.XX.XX)> 331 Password required for anonymous
(000010)30.03.2015 18:37:57 — (not logged in) (XX.XX.XX.XX)> PASS **************
(000010)30.03.2015 18:37:57 — anonymous (XX.XX.XX.XX)> 230 Logged on
(000010)30.03.2015 18:37:57 — anonymous (XX.XX.XX.XX)> CWD /
(000010)30.03.2015 18:37:57 — anonymous (XX.XX.XX.XX)> 250 CWD successful. «/» is current directory.
(000010)30.03.2015 18:37:57 — anonymous (XX.XX.XX.XX)> PWD
(000010)30.03.2015 18:37:57 — anonymous (XX.XX.XX.XX)> 257 «/» is current directory.
(000010)30.03.2015 18:37:57 — anonymous (XX.XX.XX.XX)> TYPE I
(000010)30.03.2015 18:37:57 — anonymous (XX.XX.XX.XX)> 200 Type set to I
(000010)30.03.2015 18:37:57 — anonymous (XX.XX.XX.XX)> PASV
(000010)30.03.2015 18:37:57 — anonymous (XX.XX.XX.XX)> 421 Could not create socket, unable to query socket for used port.
____________________________________________________
Почему по внешнему IP я немогу попасть на FTP сервер?
Прослушал порты 80 и 21 с 2ip и приложения PFPortChecker, все работает, порты открыты
В чем же может быть проблема? Помогите плиз
Пробовал отключать Брандмауэр, но никако разницы…
Добавлено через 1 час 6 минут
Проблема была решена после удаления программы WideCap — Proxy Socket 5
-
-
March 12 2007, 19:43
Postgres не стартует =(
в логи пишет:
LOG: не получилось создать сокет IPv6: Семейство адресов не поддерживается протоколом
WARNING: could not create listen socket for «localhost»
FATAL: could not create any TCP/IP sockets
Куда копать не знаю =(
fedora 6
postgresql-8.2.1-1PGDG.i686