vsftpd stopped working: LIST gives 500 Unknown command

sethb · 06-21-2006, 03:09 AM

Up to about 24 hours ago, it worked fine (I downloaded a few hundred gig from my server in the last few weeks). Then it stopped.

Now, connecting to it and changing directory works, but the LIST command returns "500 Unknown command".

I'm running vsftpd.i386 2.0.1-5.EL4.3

I don't think anything got changed when it stopped working, but obviously something did.

Permissions on the directory changed to are 775, the ones above are all 755. The directory changed to is owned by the user logging in to ftp. That directory contains further directories which are all 775. Everything is readable all the way down.

Nothing shows up in the log.

timmeke · 06-21-2006, 03:31 AM

Do you use a chroot jail? Is the "ls" program available? Is the disk almost full?

sethb · 06-21-2006, 11:29 AM

No jail (it's a private server). ls works fine, and the disk is half empty.

And it started working again. I hate nondeterminism I can't control.

timmeke · 06-22-2006, 02:15 AM

Maybe a problem with your FTP control (command) connection.
Please post back if it occurs again.

worldgnat · 06-22-2006, 04:24 PM

I used vsftpd for a website building camp last week. I got a bunch of "User cannot login" errors. Try restarting vsftpd. It took me a few hours of trouble shooting, and when I restarted vsftpd, it worked. I may have done something else, because after two hours of troubleshooting at 9 in the morning I was totally exhausted and really didn't care what I had done to fix it.

-Peter

shorun · 06-22-2006, 06:17 PM

i had this problem 2. check your vsftpd.conf for the following line:
passive_disabled=yes

it gave the same error, and denied some users and some not.
the users denied used a client that MUST have passive connections.
but the server refuses that.

maybe this helps

sethb · 06-24-2006, 04:23 PM

There's nothing in vsftpd.conf about passive. (In fact, iptables won't allow it, until I figure out how to handle it automatically.)

If the problem should recur, any advice on what to look for/log to help figure it out?

timmeke · 06-26-2006, 02:13 AM

Passive FTP requires a connection on a port > 1024.
Your firewall (iptables) will indeed need to allow this.
However, if you don't want to open all ports > 1024 (which is a serious security hazard),
you can limit the port numbers vsftpd uses to a certain range.
Check out the pasv_min_port and pasv_max_port options (man vsftpd.conf).
If you set these options, you only need to open the given range of ports in iptables.

Solaris11 · 10-27-2010, 10:00 PM

I followed the steps outlined here, and it worked for me:
serverfault.com/questions/194190/setting-up-vsftpd-hangs-on-list-command

Basically, I entered in the command:
modprobe nf_conntrack_ftp

Hangdog42 · 10-28-2010, 06:58 AM

Please don't resurrect long-dead threads. This one is over 4 years old.