weird tcp problems with ftp. please help. :/

CaT cat en zip.com.au
Vie Ene 28 02:25:15 CST 2000


I'm having weirdo ftp problems with an ftp server. Whenever the
client tries connecting tot he server there's a MASSIVE freeze
and the connection either times out or then presents a login
prompt. Needless to say this is annoying :) but I cannot find
what the problem is and it's gotten to the stage where it's a bit
above my head.

Below I'll include the tcp dumps I've gotten of his connection
and the relevant section of the proftpd conf. If you need more
info please holler and I'll jump right on it.

Unfortunately I cannot reveal the IPs involved. BLEH.

# cat tcp_sack
1
# cat tcp_timestamps
1

(note that last time I tried this with 0 values in both it still
happened)

# tcpdump -i eth0 host ftp.badftpsite.com.au

14:05:46.004462 sourceipaddress.1040 > ftp.badftpsite.com.au.ftp: S 378189:378189(0) win 8192 <mss 1460,nop,nop,sackOK> (DF)
14:05:46.004506 ftp.badftpsite.com.au.ftp > sourceipaddress.1040: S 507311949:507311949(0) ack 378190 win 32120 <mss 1460,nop,nop,sackOK> (DF)
14:05:46.037936 sourceipaddress.1040 > ftp.badftpsite.com.au.ftp: . ack 1 win 8760 (DF)
<FREEZE>
14:06:46.537071 sourceipaddress.1040 > ftp.badftpsite.com.au.ftp: R 378190:378190(0) win 0 (DF)
<CLOSED>

14:07:09.053138 sourceipaddress.1042 > ftp.badftpsite.com.au.ftp: S 461253:461253(0) win 8192 <mss 1460,nop,nop,sackOK> (DF)
14:07:09.053183 ftp.badftpsite.com.au.ftp > sourceipaddress.1042: S 601986123:601986123(0) ack 461254 win 32120 <mss 1460,nop,nop,sackOK> (DF)
14:07:09.085320 sourceipaddress.1042 > ftp.badftpsite.com.au.ftp: . ack 1 win 8760 (DF)
<FREEZE>
14:08:09.581277 sourceipaddress.1042 > ftp.badftpsite.com.au.ftp: R 461254:461254(0) win 0 (DF)
<CLOSED>

14:11:14.362430 sourceipaddress.1078 > ftp.badftpsite.com.au.ftp: S 706609:706609(0) win 8192 <mss 1460,nop,nop,sackOK> (DF)
14:11:14.362473 ftp.badftpsite.com.au.ftp > sourceipaddress.1078: S 848884529:848884529(0) ack 706610 win 32120 <mss 1460,nop,nop,sackOK> (DF)
14:11:14.393146 sourceipaddress.1078 > ftp.badftpsite.com.au.ftp: . ack 1 win 8760 (DF)
14:11:14.416418 ftp.badftpsite.com.au.ftp > sourceipaddress.1078: P 1:74(73) ack 1 win 32120 (DF)
14:11:14.631087 sourceipaddress.1078 > ftp.badftpsite.com.au.ftp: . ack 74 win 8687 (DF)
<GAVE PROMPT>

14:11:31.503330 sourceipaddress.1100 > ftp.badftpsite.com.au.ftp: S 723752:723752(0) win 8192 <mss 1460,nop,nop,sackOK> (DF)
14:11:31.503383 ftp.badftpsite.com.au.ftp > sourceipaddress.1100: S 884483973:884483973(0) ack 723753 win 32120 <mss 1460,nop,nop,sackOK> (DF)
14:11:31.542779 sourceipaddress.1100 > ftp.badftpsite.com.au.ftp: . ack 1 win 8760 (DF)
<FREEZE>
14:12:32.121054 sourceipaddress.1100 > ftp.badftpsite.com.au.ftp: R 723753:723753(0) win 0 (DF)
<CLOSE>

14:12:43.497488 sourceipaddress.1145 > ftp.badftpsite.com.au.ftp: S 795762:795762(0) win 8192 <mss 1460,nop,nop,sackOK> (DF)
14:12:43.497535 ftp.badftpsite.com.au.ftp > sourceipaddress.1145: S 953020364:953020364(0) ack 795763 win 32120 <mss 1460,nop,nop,sackOK> (DF)
14:12:43.529914 sourceipaddress.1145 > ftp.badftpsite.com.au.ftp: . ack 1 win 8760 (DF)
<FREEZE>
14:13:44.029238 sourceipaddress.1145 > ftp.badftpsite.com.au.ftp: R 795763:795763(0) win 0 (DF)
<CLOSE>

14:16:26.343383 sourceipaddress.1153 > ftp.badftpsite.com.au.ftp: R 984220:984220(0) win 0 (DF)
14:16:28.194612 sourceipaddress.1155 > ftp.badftpsite.com.au.ftp: S 1020502:1020502(0) win 8192 <mss 1460,nop,nop,sackOK> (DF)
14:16:28.194823 ftp.badftpsite.com.au.ftp > sourceipaddress.1155: S 1191526304:1191526304(0) ack 1020503 win 32120 <mss 1460,nop,nop,sackOK> (DF)
14:16:28.227119 sourceipaddress.1155 > ftp.badftpsite.com.au.ftp: . ack 1 win 8760 (DF)
<FREEZE>
14:17:28.725582 sourceipaddress.1155 > ftp.badftpsite.com.au.ftp: R 1020503:1020503(0) win 0 (DF)
<CLOSE>

Here's the short version of the proftpd config file:

# This is a basic ProFTPD configuration file (rename it to
# 'proftpd.conf' for actual use.  It establishes a single server
# and a single anonymous login.  It assumes that you have a user/group
# "nobody" and "ftp" for normal operation and anon.

ServerName                      "My FTP Server"
ServerType                      standalone

DefaultServer                   on

# Port 21 is the standard FTP port. (uncomment if you change to standalone)
Port                            21

# To prevent DoS attacks, set the maximum number of child processes
# to 30.  If you need to allow more than 30 concurrent connections
# at once, simply increase this value.  Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd)
# MaxInstances                  30

TimeoutIdle                     900
TimeoutNoTransfer               1800

AuthPAMAuthoritative            yes

# Set the user and group that the server normally runs at.
User                            nobody
Group                           nobody

<Global>
        # Umask 022 is a good standard umask to prevent new dirs and files
        # from being group and world writable.
        Umask                   072

        # Normally, we want files to be overwriteable.
        AllowOverwrite          on
</Global>

<VirtualHost ftp site 1>
</VirtualHost>

<VirtualHost ftp.badftpsite.com.au>
        ServerName              "badftpsite FTP Server"
        User                    badftp
        Group                   users
        AuthAliasOnly           on
        UserAlias               ftp             badftp
        UserAlias               anonymous       badftp
        IdentLookups            off
        UseReverseDNS           off
        <Anonymous /home/badftp/public_ftp/ftp>
                AnonRequirePassword     off
                RequireValidShell       off
                <Directory *>
                        <Limit WRITE>
                                DenyAll
                        </Limit>
                </Directory>
        </Anonymous>
</VirtualHost>

<VirtualHost ftp site 2>
</VirtualHost>

<VirtualHost ftp site 3>
</VirtualHost>

<VirtualHost ftp site 4>
</VirtualHost>

<VirtualHost ftp site 5>
</VirtualHost>

-- 
CaT (cat en zip.com.au)                       URL: http://www.zip.com.au/dev/null

	'He had position, but I was determined to score.'
		-- Worf, DS9, Season 5: 'Let He Who Is Without Sin...'

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo en vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/



Más información sobre la lista de distribución Ayuda