verry verry slow directory listung with pure-ftpd

Discussion in 'Installation/Configuration' started by tom, Jun 27, 2009.

  1. tom

    tom Member

    The connection to pure-ftpd works. But hours later the content of the directorys are shown.

    I've tried several ftp clients but each client say hours "working ..."
    I'm using pure-ftpd --without-capabilities for virtuozzo

    Any idea why that is so slow?
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    Most like ly a problem with name resolution. You should disable nameresolution in the pureftpd configuration. The Option is named "DontResolve".
  3. tom

    tom Member

    Where to set this option?

    I can't find pure-ftpd.conf to edit. Does /etc/default/pure-ftpd-common replace /etc/pure-ftpd/pure-ftpd.conf ?
    Where are the pure-ftpd start options been set like "-b -A -u 1000 -E -B"?

    My question arises by reading the pure-ftpd webseite
    Unlike many daemons, Pure-FTPd doesn't read any configuration file (but for
    LDAP and SQL). Instead, it uses command-line options. For instance, the '-H'
    flag is designed to speed up highly loaded servers, by avoiding DNS lookups.
    To enable this, just add it to the server name:
    /usr/local/sbin/pure-ftpd -H
    So I suppose "-H" does the same as "DontResolve"?
    Last edited: Jun 27, 2009
  4. till

    till Super Moderator Staff Member ISPConfig Developer

    Which Linux distribution?
  5. tom

    tom Member

    Debian Lenny
  6. till

    till Super Moderator Staff Member ISPConfig Developer

    Execeute these commands to turn off resolving:

    echo 'yes' > /etc/pure-ftpd/conf/DontResolve
    /etc/init.d/pure-ftpd-mysql restart
  7. tom

    tom Member

    Ok, pure-ftpd works with the -H option now.
    BUT still the directory listing ist verry slow. It seem to me it's only very slow if no files are in the directory which is chosen to list the content.
    Directories with content like web,tmp are fast in listing the files.

    By the way:I'm suppised about the differens
    h1:/etc/pure-ftpd/conf# ls -al
    insgesamt 48
    drwxr-xr-x 2 root root 4096 27. Jun 14:11 .
    drwxr-xr-x 5 root root 4096 27. Jun 13:35 ..
    -rw-r--r-- 1 root root   36  2. Nov 2008  AltLog
    -rw-r--r-- 1 root root    4 27. Jun 11:30 BrokenClientsCompatibility
    -rw-r--r-- 1 root root    4 27. Jun 11:30 ChrootEveryone
    -rw-r--r-- 1 root root    4 27. Jun 14:10 DontResolve
    -rw-r--r-- 1 root root    5  2. Nov 2008  MinUID
    -rw-r--r-- 1 root root   29 25. Jun 21:52 MySQLConfigFile
    -rw-r--r-- 1 root root    4  2. Nov 2008  NoAnonymous
    -rw-r--r-- 1 root root    4  2. Nov 2008  PAMAuthentication
    -rw-r--r-- 1 root root   28  2. Nov 2008  PureDB
    -rw-r--r-- 1 root root    3  2. Nov 2008  UnixAuthentication
    vi /var/lib/dpkg/info/pure-ftpd-common.conffiles
    Should it not be tell the same files?
    Last edited: Jun 27, 2009
  8. tom

    tom Member

    The reason for verry slow directory listing - actually is mean read "working ..." an waitin - is the firewall in together with passiv ftp. Passiv ftp is not possible if the ispconfig default firefall is enabled. Without the firewall passiv ftp is possible. I dont unterstand why, because the ports 21,20 are still oben with the active firewall.

    How to configure firewall to go with passiv ftp?
    Propably iptable should open port from 21-1024 but how to configure with ispconfig? 21-1024 or 21:1024 gives a configuration error.
    Last edited: Jul 2, 2009
  9. Mark_NL

    Mark_NL Member

    To get passive working properly, you need to do a few things:

    - Make up a range between 1025 and 65535 .. (f.e. 3000-4000)
    - Add that range to you firewall, so those ports are open (accepted)
    - Now open the pure-ftpd config file and look for a line that says "PassivePortRange", uncomment this line and change it to: PassivePortRange 3000 4000
    - restart pure-ftpd

    If the ISPConfig filewall script is giving you a hard time use:

    iptables -A INPUT -p tcp -m multiport --dports 3000:4000 -j ACCEPT

    p.s. i would never use port numbers < 1024 for your own usage, since most of them are reserved for other services, which COULD lead to other problems.

Share This Page