HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Installation/Configuration (http://www.howtoforge.com/forums/forumdisplay.php?f=16)
-   -   Im thinking about throwing proftpd to the trashcan (http://www.howtoforge.com/forums/showthread.php?t=1792)

danf.1979 23rd December 2005 00:08

Im thinking about throwing proftpd to the trashcan
 
Im thinking about throwing proftpd to the trashcan.
I have Ubuntu breezy and proftpd version 1.2.10-22. Symptoms are like follows: after some time my pc has been online I suddenly get an "Offline" status in ISPConfig "Services" tab for proftpd. At this exact time, navigating through the "Administration" menu, submenu "Server" is extremely slow, but I get normal speed navigating through other parts of ISPConfig. If I want to check "Settings", "Status" or "Services" in the "Server" submenu, I'll have to whait some time for the page to load. At this time, If I have not seen the "Offline" status for proftpd, I already know it is dead, just for experience. Everytime is the same story.

When everything is correct (proftpd online) I check running processes at "System Monitor" (breezy top-gui-like program) and I see the following:
Code:

proftpd: (accepting conections) State: Sleeping
I also can go and browse /var/run/proftpd containing two files: proftpd.delay, proftpd.scoreboard.
If i do a syntax check everything seems ok.
Code:

dan@alcon:~$ sudo proftpd -td5
Password:
Checking syntax of configuration file
 - mod_tls/2.0.7: using OpenSSL 0.9.7g 11 Apr 2005
 - parsing '/etc/proftpd.conf' configuration
 - Compiling deny regex '\*.*/'.
 - Allocated deny regex at location 0x814dd20.
 - parsing '/etc/proftpd_ispconfig.conf' configuration
 - <Directory *>: adding section for resolved path '*'
 - <Directory /var/www/web8/ftp/incoming>: adding section for resolved path '/var/www/web8/ftp/incoming'
localhost.localdomain -
localhost.localdomain - Config for Debian:
localhost.localdomain - DeferWelcome
localhost.localdomain - DefaultServer
localhost.localdomain - ShowSymlinks
localhost.localdomain - TimeoutNoTransfer
localhost.localdomain - TimeoutStalled
localhost.localdomain - TimeoutIdle
localhost.localdomain - DisplayLogin
localhost.localdomain - DisplayFirstChdir
localhost.localdomain - ListOptions
localhost.localdomain - DenyFilter
localhost.localdomain - UserID
localhost.localdomain - UserName
localhost.localdomain - GroupID
localhost.localdomain - GroupName
localhost.localdomain - Umask
localhost.localdomain - DirUmask
localhost.localdomain - AllowOverwrite
localhost.localdomain - DefaultRoot
localhost.localdomain -
localhost.localdomain - Config for Debian:
localhost.localdomain - /var/www/web8/ftp/
localhost.localdomain -  Limit
localhost.localdomain -  DenyAll
localhost.localdomain -  /var/www/web8/ftp/incoming
localhost.localdomain -  Limit
localhost.localdomain -    DenyAll
localhost.localdomain -  Limit
localhost.localdomain -    AllowAll
localhost.localdomain -  Umask
localhost.localdomain -  MaxClients
localhost.localdomain -  AllowOverwrite
localhost.localdomain -  UserName
localhost.localdomain -  GroupName
localhost.localdomain -  UserAlias
localhost.localdomain -  UserAlias
localhost.localdomain -  MaxClients
localhost.localdomain -  AllowOverwrite
localhost.localdomain -  Umask
localhost.localdomain - DefaultRoot
localhost.localdomain - AllowOverwrite
localhost.localdomain - Umask
Syntax check complete.
dan@alcon:~$


When the server gets offline, in System Monitor i see:
Code:

proftpd: (accepting conections) State: Uninterruptable
/ect/init.d/proftpd start

If I go to /var/run/proftpd/, I can't see a thing. Mouse Icon keeps telling me to whait, and nothing ever gets load on *that* directory only (havent check with "ls", I'll do that). Also System Monitor tells me there is a load of 100% CPU, but no process has a high load (strange). Top tells me CPU load is at 10-13% (not 100%), but anyway the system feels slower.
I can't kill neither proftpd, nor /etc/init.d/proftpd start
Under this conditions, the syntax check with: sudo proftpd -td5, NEVER completes. If I close the terminal, the process become a zombie, but it is not terminated. The only way I can get proftpd online again is rebooting, and ofcourse this is not nice.

This is my /etc/proftpd.conf
Code:

#
# /etc/proftpd.conf -- This is a basic ProFTPD configuration file.
# To really apply changes reload proftpd after modifications.
#

ServerName                        "Debian"
ServerType                        standalone
DeferWelcome                        off

MultilineRFC2228                on
DefaultServer                        on
ShowSymlinks                        on

TimeoutNoTransfer                600
TimeoutStalled                        600
TimeoutIdle                        1200

DisplayLogin                    welcome.msg
DisplayFirstChdir              .message
ListOptions                        "-l"

DenyFilter                        \*.*/

# Uncomment this if you are using NIS or LDAP to retrieve passwords:
#PersistentPasswd                off

# Uncomment this if you would use TLS module:
#TLSEngine                        on

# Uncomment this if you would use quota module:
#Quotas                                on

# Uncomment this if you would use ratio module:
#Ratios                                on

# Port 21 is the standard FTP port.
Port                                21

# To prevent DoS attacks, set the maximum number of child processes
# to 30.  If you need to allow more than 30 concurrent connections
# at once, simply increase this value.  Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd)
MaxInstances                        30

# Set the user and group that the server normally runs at.
User                                nobody
Group                                nogroup

# Umask 022 is a good standard umask to prevent new files and dirs
# (second parm) from being group and world writable.
Umask                                022  022
# Normally, we want files to be overwriteable.
AllowOverwrite                        on

# Delay engine reduces impact of the so-called Timing Attack described in
# http://security.lss.hr/index.php?page=details&ID=LSS-2004-10-02
# It is on by default.
#DelayEngine                        off

# A basic anonymous configuration, no upload directories.

# <Anonymous ~ftp>
#  User                                ftp
#  Group                                nogroup
#  # We want clients to be able to login with "anonymous" as well as "ftp"
#  UserAlias                        anonymous ftp
#  # Cosmetic changes, all files belongs to ftp user
#  DirFakeUser        on ftp
#  DirFakeGroup on ftp
#
#  RequireValidShell                off
#
#  # Limit the maximum number of anonymous logins
#  MaxClients                        10
#
#  # We want 'welcome.msg' displayed at login, and '.message' displayed
#  # in each newly chdired directory.
#  DisplayLogin                        welcome.msg
#  DisplayFirstChdir                .message
#
#  # Limit WRITE everywhere in the anonymous chroot
#  <Directory *>
#    <Limit WRITE>
#      DenyAll
#    </Limit>
#  </Directory>
#
#  # Uncomment this if you're brave.
#  # <Directory incoming>
#  #  # Umask 022 is a good standard umask to prevent new files and dirs
#  #  # (second parm) from being group and world writable.
#  #  Umask                                022  022
#  #            <Limit READ WRITE>
#  #            DenyAll
#  #            </Limit>
#  #            <Limit STOR>
#  #            AllowAll
#  #            </Limit>
#  # </Directory>
#
# </Anonymous>

DefaultRoot ~

Include /etc/proftpd_ispconfig.conf

And my /etc/proftpd_ispconfig.conf
Code:

###################################
#
# ISPConfig proftpd Configuration File
#        Version 1.0
#
###################################
<VirtualHost 200.104.78.7>
        DefaultRoot            ~
        AllowOverwrite          on
        Umask                  002
</VirtualHost>

The syslog only has stuff like this:
Code:

Dec 21 12:00:02 localhost proftpd[3806]: localhost.localdomain (localhost.localdomain[127.0.0.1]) - FTP session opened.
Dec 21 12:00:02 localhost proftpd[3806]: localhost.localdomain (localhost.localdomain[127.0.0.1]) - FTP session closed.
Dec 21 12:30:02 localhost proftpd[4936]: localhost.localdomain (localhost.localdomain[127.0.0.1]) - FTP session opened.
Dec 21 12:00:02 localhost proftpd[3806]: localhost.localdomain (localhost.localdomain[127.0.0.1]) - FTP session closed.
.
.
Dec 21 00:56:47 localhost proftpd[10707]: localhost.localdomain (localhost.localdomain[127.0.0.1]) - mod_delay/0.4: delaying for 14 usecs
Dec 21 00:56:47 localhost proftpd[10707]: localhost.localdomain (localhost.localdomain[127.0.0.1]) - mod_delay/0.4: delaying for 55 usecs
.
.
Dec 22 19:57:11 localhost proftpd[10122]: localhost.localdomain - ProFTPD killed (signal 15)
Dec 22 19:57:11 localhost proftpd[10122]: localhost.localdomain - ProFTPD 1.2.10 standalone mode SHUTDOWN
Dec 22 19:57:11 localhost proftpd[10122]: localhost.localdomain - deleting existing scoreboard '/var/run/proftpd/proftpd.scoreboard'
Dec 22 19:57:13 localhost proftpd[11419]: localhost.localdomain - ProFTPD 1.2.10 (stable) (built do mrt 22 18:28:32 CET 2001) standalone mode STARTUP

And this could be of some importance, also in the syslog:
Code:

Dec 22 20:00:01 localhost proftpd[11595]: localhost.localdomain (localhost.localdomain[127.0.0.1]) - FTP session requested from unknown class
.
.
Dec 21 13:11:40 localhost proftpd[6969]: localhost.localdomain - Fatal: unable to open incoming connection: Transport endpoint is not connected


Any clues? Is there any more info i could provide?

Tommie 23rd December 2005 03:45

maybe bad Interface
 
Hi

Please post your output of 'ifconfig' for your existing interfaces.

And ist the ftp really listen on the "right" interface ? Seems to be only
on your loopback. Try 'netstat -anp | grep :21' so see this.

Maybe could could try the Option "Defaultserver on" ist your proftpd.conf
Like this:

ServerName "YOURSERVERNAME"
Defaultserver on
ServerType standalone
...

Sometimes, wenn this option is missing, the daemon couldn't bind on
all/external interface. Your .conf seems to be ok, IMHO. After making
this change, you have to restart the daemon.

hth TOMmie

danf.1979 23rd December 2005 09:27

This is the netstat output:
Code:

dan@alcon:~$ netstat -anp | grep :21
(Not all processes could be identified, non-owned process info
 will not be shown, you would have to be root to see it all.)
tcp        0      0 0.0.0.0:21              0.0.0.0:*              LISTEN    -

Is this Ok?
DefaultServer option was already on
Code:

.
.
ServerName                        "Debian"
ServerType                        standalone
DeferWelcome                        off

MultilineRFC2228                on
DefaultServer                        on
.
.

Thanks for your reply.


All times are GMT +2. The time now is 18:05.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.