After compiling and installing the OpenVZ flavour of kernel under Ubuntu 10.04, I am unable to browse to certain directories when connecting to the pure-ftpd server.

The clients are dropping into PASSIVE mode, which is fine. This behaviour was happening before the change of kernel, however now when I browse to certain directories the connection just gets dropped. This only happens with a few directories under one login (web in specific), where as with another login it happens as soon as I connect.

I've got the nf_conntrack_ftp kernel module installed (required to keep track of passive FTP connections as I understand, and an alias of the ip_conntrack_ftp module), however this has provided no alleviation of my problem. This module was actually required upon initial setup of my OS to get passive FTP working correctly, however when I compiled the OpenVZ kernel a lot of these modules were missing (iptables, conntrack etc). I recompiled the kernel with the missing modules, but to no effect.

I've turned verbosity for the pure-ftpd server up, and still no clues have been spotted in either syslog or the transfer log. Neither did an strace provide any clues (that I could discern anyway) - although one strange thing is both in the output to the client and in the strace I notice that it does infact probe the directory and return the number of matches - it just fails after that.

One more thing to mention is that if I FTP using the same credentials locally, everything works fine. This suggests that it is in fact an issue with either the conntrack_ftp module not functioning as expected, or a deeper networking issue.

The Kernel was compiled and installed following the instructions at https://help.ubuntu.com/community/OpenVZ - bar the changes to the Kernel configuration (such as add iptables as a module).

Below is an example of the log sent to the data (under FileZilla).

Status: Resolving address of xxxx.co.uk
Status: Connecting to 78.46.xxx.xxx:21...
Status: Connection established, waiting for welcome message...
Response:   220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
Response:   220-You are user number 4 of 10 allowed.
Response:   220-Local time is now 08:52. Server port: 21.
Response:   220-This is a private system - No anonymous login
Response:   220-IPv6 connections are also welcome on this server.
Response:   220 You will be disconnected after 15 minutes of inactivity.
Command:    USER xxx
Response:   331 User xxx OK. Password required
Command:    PASS ********
Response:   230-User xxx has group access to:  client1    sshusers  
Response:   230 OK. Current restricted directory is /
Command:    OPTS UTF8 ON
Response:   200 OK, UTF-8 enabled
Status: Connected
Status: Retrieving directory listing...
Command:    PWD
Response:   257 "/" is your current location
Status: Directory listing successful
Status: Retrieving directory listing...
Command:    CWD /web
Response:   250 OK. Current directory is /web
Command:    TYPE I
Response:   200 TYPE is now 8-bit binary
Command:    PORT 10,0,2,30,14,143
Response:   500 I won't open a connection to 10.0.2.30 (only to 188.220.xxx.xxx)
Command:    PASV
Response:   227 Entering Passive Mode (78,46,79,147,234,110)
Command:    MLSD
Response:   150 Accepted data connection
Response:   226-ASCII
Response:   226-Options: -a -l 
Response:   226 57 matches total
Error:  Could not read from transfer socket: ECONNRESET - Connection reset by peer
Error:  Failed to retrieve directory listing

Any suggestions please? I'm willing to try anything!