I'm having weirdo ftp problems with an ftp server. Whenever the
client tries connecting tot he server there's a MASSIVE freeze
and the connection either times out or then presents a login
prompt. Needless to say this is annoying :) but I cannot find
what the problem is and it's gotten to the stage where it's a bit
above my head.
Below I'll include the tcp dumps I've gotten of his connection
and the relevant section of the proftpd conf. If you need more
info please holler and I'll jump right on it.
Unfortunately I cannot reveal the IPs involved. BLEH.
# cat tcp_sack
1
# cat tcp_timestamps
1
(note that last time I tried this with 0 values in both it still
happened)
# tcpdump -i eth0 host ftp.badftpsite.com.au
14:05:46.004462 sourceipaddress.1040 > ftp.badftpsite.com.au.ftp: S 378189:378189(0) win 8192 <mss 1460,nop,nop,sackOK> (DF)
14:05:46.004506 ftp.badftpsite.com.au.ftp > sourceipaddress.1040: S 507311949:507311949(0) ack 378190 win 32120 <mss 1460,nop,nop,sackOK> (DF)
14:05:46.037936 sourceipaddress.1040 > ftp.badftpsite.com.au.ftp: . ack 1 win 8760 (DF)
<FREEZE>
14:06:46.537071 sourceipaddress.1040 > ftp.badftpsite.com.au.ftp: R 378190:378190(0) win 0 (DF)
<CLOSED>
14:07:09.053138 sourceipaddress.1042 > ftp.badftpsite.com.au.ftp: S 461253:461253(0) win 8192 <mss 1460,nop,nop,sackOK> (DF)
14:07:09.053183 ftp.badftpsite.com.au.ftp > sourceipaddress.1042: S 601986123:601986123(0) ack 461254 win 32120 <mss 1460,nop,nop,sackOK> (DF)
14:07:09.085320 sourceipaddress.1042 > ftp.badftpsite.com.au.ftp: . ack 1 win 8760 (DF)
<FREEZE>
14:08:09.581277 sourceipaddress.1042 > ftp.badftpsite.com.au.ftp: R 461254:461254(0) win 0 (DF)
<CLOSED>
14:11:14.362430 sourceipaddress.1078 > ftp.badftpsite.com.au.ftp: S 706609:706609(0) win 8192 <mss 1460,nop,nop,sackOK> (DF)
14:11:14.362473 ftp.badftpsite.com.au.ftp > sourceipaddress.1078: S 848884529:848884529(0) ack 706610 win 32120 <mss 1460,nop,nop,sackOK> (DF)
14:11:14.393146 sourceipaddress.1078 > ftp.badftpsite.com.au.ftp: . ack 1 win 8760 (DF)
14:11:14.416418 ftp.badftpsite.com.au.ftp > sourceipaddress.1078: P 1:74(73) ack 1 win 32120 (DF)
14:11:14.631087 sourceipaddress.1078 > ftp.badftpsite.com.au.ftp: . ack 74 win 8687 (DF)
<GAVE PROMPT>
14:11:31.503330 sourceipaddress.1100 > ftp.badftpsite.com.au.ftp: S 723752:723752(0) win 8192 <mss 1460,nop,nop,sackOK> (DF)
14:11:31.503383 ftp.badftpsite.com.au.ftp > sourceipaddress.1100: S 884483973:884483973(0) ack 723753 win 32120 <mss 1460,nop,nop,sackOK> (DF)
14:11:31.542779 sourceipaddress.1100 > ftp.badftpsite.com.au.ftp: . ack 1 win 8760 (DF)
<FREEZE>
14:12:32.121054 sourceipaddress.1100 > ftp.badftpsite.com.au.ftp: R 723753:723753(0) win 0 (DF)
<CLOSE>
14:12:43.497488 sourceipaddress.1145 > ftp.badftpsite.com.au.ftp: S 795762:795762(0) win 8192 <mss 1460,nop,nop,sackOK> (DF)
14:12:43.497535 ftp.badftpsite.com.au.ftp > sourceipaddress.1145: S 953020364:953020364(0) ack 795763 win 32120 <mss 1460,nop,nop,sackOK> (DF)
14:12:43.529914 sourceipaddress.1145 > ftp.badftpsite.com.au.ftp: . ack 1 win 8760 (DF)
<FREEZE>
14:13:44.029238 sourceipaddress.1145 > ftp.badftpsite.com.au.ftp: R 795763:795763(0) win 0 (DF)
<CLOSE>
14:16:26.343383 sourceipaddress.1153 > ftp.badftpsite.com.au.ftp: R 984220:984220(0) win 0 (DF)
14:16:28.194612 sourceipaddress.1155 > ftp.badftpsite.com.au.ftp: S 1020502:1020502(0) win 8192 <mss 1460,nop,nop,sackOK> (DF)
14:16:28.194823 ftp.badftpsite.com.au.ftp > sourceipaddress.1155: S 1191526304:1191526304(0) ack 1020503 win 32120 <mss 1460,nop,nop,sackOK> (DF)
14:16:28.227119 sourceipaddress.1155 > ftp.badftpsite.com.au.ftp: . ack 1 win 8760 (DF)
<FREEZE>
14:17:28.725582 sourceipaddress.1155 > ftp.badftpsite.com.au.ftp: R 1020503:1020503(0) win 0 (DF)
<CLOSE>
Here's the short version of the proftpd config file:
# This is a basic ProFTPD configuration file (rename it to
# 'proftpd.conf' for actual use. It establishes a single server
# and a single anonymous login. It assumes that you have a user/group
# "nobody" and "ftp" for normal operation and anon.
ServerName "My FTP Server"
ServerType standalone
DefaultServer on
# Port 21 is the standard FTP port. (uncomment if you change to standalone)
Port 21
# To prevent DoS attacks, set the maximum number of child processes
# to 30. If you need to allow more than 30 concurrent connections
# at once, simply increase this value. Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd)
# MaxInstances 30
TimeoutIdle 900
TimeoutNoTransfer 1800
AuthPAMAuthoritative yes
# Set the user and group that the server normally runs at.
User nobody
Group nobody
<Global>
# Umask 022 is a good standard umask to prevent new dirs and files
# from being group and world writable.
Umask 072
# Normally, we want files to be overwriteable.
AllowOverwrite on
</Global>
<VirtualHost ftp site 1>
</VirtualHost>
<VirtualHost ftp.badftpsite.com.au>
ServerName "badftpsite FTP Server"
User badftp
Group users
AuthAliasOnly on
UserAlias ftp badftp
UserAlias anonymous badftp
IdentLookups off
UseReverseDNS off
<Anonymous /home/badftp/public_ftp/ftp>
AnonRequirePassword off
RequireValidShell off
<Directory *>
<Limit WRITE>
DenyAll
</Limit>
</Directory>
</Anonymous>
</VirtualHost>
<VirtualHost ftp site 2>
</VirtualHost>
<VirtualHost ftp site 3>
</VirtualHost>
<VirtualHost ftp site 4>
</VirtualHost>
<VirtualHost ftp site 5>
</VirtualHost>
-- CaT (cat@zip.com.au) URL: http://www.zip.com.au/dev/null'He had position, but I was determined to score.' -- Worf, DS9, Season 5: 'Let He Who Is Without Sin...'
- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Mon Jan 31 2000 - 21:00:20 EST