LinuxQuestions.org
Latest LQ Deal: Complete CCNA, CCNP & Red Hat Certification Training Bundle
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 04-21-2009, 02:36 PM   #1
djg09
LQ Newbie
 
Registered: Apr 2009
Posts: 1

Rep: Reputation: 0
Post vsFTPd 426 message driving me crazy


Background: Users will connect to and transfer files between our vsFTPd (ver. 2.0.5). They report their FTP clients will stall on random binary files greater than 300KB; not all of them though.

The configuration file look is as follows:

-----------------
ssl_enable=YES
allow_anon_ssl=NO

force_local_data_ssl=NO
force_local_logins_ssl=NO
ssl_tlsv1=YES
ssl_sslv2=NO
ssl_sslv3=NO

rsa_cert_file=/etc/vsftpd/vsftpd.pem

listen=YES

listen_port=21
pasv_min_port=62222
pasv_max_port=62322

anonymous_enable=NO
local_enable=YES
guest_enable=YES
guest_username=virtual

write_enable=YES
local_umask=022
virtual_use_local_privs=YES
chroot_local_user=YES

user_config_dir=/etc/vsftpd/users

dirmessage_enable=YES
hide_ids=YES
connect_from_port_20=YES

pam_service_name=vsftpd-virtual

xferlog_enable=YES
log_ftp_protocol=YES
setproctitle_enable=YES

use_sendfile=NO
------------------

The Firewall (IPtables) rules set is as follows:
------------------
[dgardner@kcdlftp ~]$ sudo /sbin/iptables -L
Password:
Chain INPUT (policy ACCEPT)
target prot opt source destination
DROP all -- 65.58.243.104 anywhere
DROP all -- 208.81.162.159 anywhere
RH-Firewall-1-INPUT all -- anywhere anywhere

Chain FORWARD (policy ACCEPT)
target prot opt source destination
RH-Firewall-1-INPUT all -- anywhere anywhere

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

Chain RH-Firewall-1-INPUT (2 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT icmp -- anywhere anywhere icmp any
ACCEPT esp -- anywhere anywhere
ACCEPT ah -- anywhere anywhere
ACCEPT udp -- anywhere 224.0.0.251 udp dpt:mdns
ACCEPT udp -- anywhere anywhere udp dpt:ipp
ACCEPT tcp -- anywhere anywhere tcp dpt:ipp
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ftp
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ssh
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ftps
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:https
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:http
ACCEPT tcp -- anywhere anywhere state NEW tcp dptersonal-agent
ACCEPT tcp -- anywhere anywhere state NEW tcp dpts:62222:62322
ACCEPT udp -- anywhere anywhere state NEW udp dptersonal-agent
REJECT all -- anywhere anywhere reject-with icmp-host-prohibited

------------------

The following is an example of a failure in the log file (usernames and IPs altered to prtect true identity):
------------------
Tue Apr 21 15:28:19 2009 [pid 2303] [jsmith] FTP response: Client "172.30.49.50", "230 Login successful."
Tue Apr 21 15:28:19 2009 [pid 2303] [jsmith] FTP command: Client "172.30.49.50", "SYST"
Tue Apr 21 15:28:19 2009 [pid 2303] [jsmith] FTP response: Client "172.30.49.50", "215 UNIX Type: L8"
Tue Apr 21 15:28:19 2009 [pid 2303] [jsmith] FTP command: Client "172.30.49.50", "PWD"
Tue Apr 21 15:28:19 2009 [pid 2303] [jsmith] FTP response: Client "172.30.49.50", "257 "/""
Tue Apr 21 15:28:20 2009 [pid 2303] [jsmith] FTP command: Client "172.30.49.50", "PASV"
Tue Apr 21 15:28:20 2009 [pid 2303] [jsmith] FTP response: Client "172.30.49.50", "227 Entering Passive Mode (190,146,4,5,243,25)"
Tue Apr 21 15:28:20 2009 [pid 2303] [jsmith] FTP command: Client "172.30.49.50", "LIST"
Tue Apr 21 15:28:20 2009 [pid 2303] [jsmith] FTP response: Client "172.30.49.50", "150 Here comes the directory listing."
Tue Apr 21 15:28:20 2009 [pid 2303] [jsmith] FTP response: Client "172.30.49.50", "226 Directory send OK."
Tue Apr 21 15:28:32 2009 [pid 2303] [jsmith] FTP command: Client "172.30.49.50", "CWD /Unit_01"
Tue Apr 21 15:28:32 2009 [pid 2303] [jsmith] FTP response: Client "172.30.49.50", "250 Directory successfully changed."
Tue Apr 21 15:28:32 2009 [pid 2303] [jsmith] FTP command: Client "172.30.49.50", "PASV"
Tue Apr 21 15:28:32 2009 [pid 2303] [jsmith] FTP response: Client "172.30.49.50", "227 Entering Passive Mode (190,146,4,5,243,82)"
Tue Apr 21 15:28:32 2009 [pid 2303] [jsmith] FTP command: Client "172.30.49.50", "LIST"
Tue Apr 21 15:28:32 2009 [pid 2303] [jsmith] FTP response: Client "172.30.49.50", "150 Here comes the directory listing."
Tue Apr 21 15:28:32 2009 [pid 2303] [jsmith] FTP response: Client "172.30.49.50", "226 Directory send OK."
Tue Apr 21 15:28:33 2009 [pid 2303] [jsmith] FTP command: Client "172.30.49.50", "CWD /Unit_01/flash/"
Tue Apr 21 15:28:33 2009 [pid 2303] [jsmith] FTP response: Client "172.30.49.50", "250 Directory successfully changed."
Tue Apr 21 15:28:33 2009 [pid 2303] [jsmith] FTP command: Client "172.30.49.50", "PASV"
Tue Apr 21 15:28:33 2009 [pid 2303] [jsmith] FTP response: Client "172.30.49.50", "227 Entering Passive Mode (190,146,4,5,243,57)"
Tue Apr 21 15:28:33 2009 [pid 2303] [jsmith] FTP command: Client "172.30.49.50", "LIST"
Tue Apr 21 15:28:34 2009 [pid 2303] [jsmith] FTP response: Client "172.30.49.50", "150 Here comes the directory listing."
Tue Apr 21 15:28:34 2009 [pid 2303] [jsmith] FTP response: Client "172.30.49.50", "226 Directory send OK."
Tue Apr 21 15:28:36 2009 [pid 2303] [jsmith] FTP command: Client "172.30.49.50", "CWD /Unit_01/flash/Geo_landscape/"
Tue Apr 21 15:28:36 2009 [pid 2303] [jsmith] FTP response: Client "172.30.49.50", "250 Directory successfully changed."
Tue Apr 21 15:28:36 2009 [pid 2303] [jsmith] FTP command: Client "172.30.49.50", "PASV"
Tue Apr 21 15:28:36 2009 [pid 2303] [jsmith] FTP response: Client "172.30.49.50", "227 Entering Passive Mode (190,146,4,5,243,84)"
Tue Apr 21 15:28:36 2009 [pid 2303] [jsmith] FTP command: Client "172.30.49.50", "LIST"
Tue Apr 21 15:28:36 2009 [pid 2303] [jsmith] FTP response: Client "172.30.49.50", "150 Here comes the directory listing."
Tue Apr 21 15:28:36 2009 [pid 2303] [jsmith] FTP response: Client "172.30.49.50", "226 Directory send OK."
Tue Apr 21 15:28:40 2009 [pid 2303] [jsmith] FTP command: Client "172.30.49.50", "TYPE I"
Tue Apr 21 15:28:40 2009 [pid 2303] [jsmith] FTP response: Client "172.30.49.50", "200 Switching to Binary mode."
Tue Apr 21 15:28:40 2009 [pid 2303] [jsmith] FTP command: Client "172.30.49.50", "PASV"
Tue Apr 21 15:28:40 2009 [pid 2303] [jsmith] FTP response: Client "172.30.49.50", "227 Entering Passive Mode (190,146,4,5,243,52)"
Tue Apr 21 15:28:40 2009 [pid 2303] [jsmith] FTP command: Client "172.30.49.50", "RETR Geo_1.1.6landscape.swf"
Tue Apr 21 15:28:40 2009 [pid 2303] [jsmith] FTP response: Client "172.30.49.50", "150 Opening BINARY mode data connection for Geo_1.1.6landscape.swf (660963 bytes)."
Tue Apr 21 15:28:47 2009 [pid 2303] [jsmith] FTP response: Client "172.30.49.50", "426 Failure writing network stream."
Tue Apr 21 15:28:47 2009 [pid 2303] [jsmith] FAIL DOWNLOAD: Client "172.30.49.50", "/Unit_01/flash/Geo_landscape/Geo_1.1.6landscape.swf", 0.00Kbyte/sec
Tue Apr 21 15:28:49 2009 [pid 2303] [jsmith] FTP command: Client "172.30.49.50", "PWD"
Tue Apr 21 15:28:49 2009 [pid 2303] [jsmith] FTP response: Client "172.30.49.50", "257 "/Unit_01/flash/Geo_landscape""
Tue Apr 21 15:28:49 2009 [pid 2303] [jsmith] FTP command: Client "172.30.49.50", "MDTM Geo_1.1.6landscape.fla"
Tue Apr 21 15:28:49 2009 [pid 2303] [jsmith] FTP response: Client "172.30.49.50", "213 20090420181129"
Tue Apr 21 15:28:50 2009 [pid 2303] [jsmith] FTP command: Client "172.30.49.50", "TYPE I"
Tue Apr 21 15:28:50 2009 [pid 2303] [jsmith] FTP response: Client "172.30.49.50", "200 Switching to Binary mode."
Tue Apr 21 15:28:50 2009 [pid 2303] [jsmith] FTP command: Client "172.30.49.50", "PASV"
Tue Apr 21 15:28:50 2009 [pid 2303] [jsmith] FTP response: Client "172.30.49.50", "227 Entering Passive Mode (190,146,4,5,243,61)"
Tue Apr 21 15:28:50 2009 [pid 2303] [jsmith] FTP command: Client "172.30.49.50", "STOR Geo_1.1.6landscape.fla"
Tue Apr 21 15:28:50 2009 [pid 2303] [jsmith] FTP response: Client "172.30.49.50", "150 Ok to send data."
Tue Apr 21 15:28:56 2009 [pid 2303] [jsmith] OK UPLOAD: Client "172.30.49.50", "/Unit_01/flash/Geo_landscape/Geo_1.1.6landscape.fla", 203378 bytes, 35.32Kbyte/sec
Tue Apr 21 15:28:56 2009 [pid 2303] [jsmith] FTP response: Client "172.30.49.50", "226 File receive OK."
Tue Apr 21 15:28:56 2009 [pid 2303] [jsmith] FTP command: Client "172.30.49.50", "MDTM Geo_1.1.6landscape.swf"
Tue Apr 21 15:28:56 2009 [pid 2303] [jsmith] FTP response: Client "172.30.49.50", "213 20090420181125"
Tue Apr 21 15:28:56 2009 [pid 2303] [jsmith] FTP command: Client "172.30.49.50", "TYPE I"
Tue Apr 21 15:28:56 2009 [pid 2303] [jsmith] FTP response: Client "172.30.49.50", "200 Switching to Binary mode."
Tue Apr 21 15:28:56 2009 [pid 2303] [jsmith] FTP command: Client "172.30.49.50", "PASV"
Tue Apr 21 15:28:56 2009 [pid 2303] [jsmith] FTP response: Client "172.30.49.50", "227 Entering Passive Mode (190,146,4,5,243,89)"
Tue Apr 21 15:28:56 2009 [pid 2303] [jsmith] FTP command: Client "172.30.49.50", "PASV"
Tue Apr 21 15:28:56 2009 [pid 2303] [jsmith] FTP response: Client "172.30.49.50", "227 Entering Passive Mode (190,146,4,5,243,67)"
Tue Apr 21 15:28:56 2009 [pid 2303] [jsmith] FTP command: Client "172.30.49.50", "LIST"
Tue Apr 21 15:29:56 2009 [pid 2303] [jsmith] FTP response: Client "172.30.49.50", "425 Failed to establish connection."
Tue Apr 21 15:29:56 2009 [pid 2303] [jsmith] FTP command: Client "172.30.49.50", "CWD"
Tue Apr 21 15:29:56 2009 [pid 2303] [jsmith] FTP response: Client "172.30.49.50", "550 Failed to change directory."
------------------

As best I can tell, the firewall should be correctly configured to allow PASV FTP XFER always. The [purported] stalled files seem to make the trip intact. Is there anything I can do to resolve this issue, it's been driving me crazy for weeks now.
 
Old 05-03-2009, 06:28 AM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,361
Blog Entries: 55

Rep: Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547
There have been reported problems with CIFFS or FAT mounts and then the remedy would be to use "use_sendfile=NO". As you clearly already use that maybe upgrade to recent (vsftpd-2.1.0) and else file a bug report with Chris Evans (scarybeasts@gmail.com)?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Driving me crazy!!! fusion1275 Programming 3 10-15-2008 06:19 PM
Aaahhhggggg this message is driving me crazy!!!! aikidoist72 Linux - Networking 4 06-23-2006 02:52 PM
vsftpd +SSL trouble (driving me crazy) Ratclaws Linux - Software 3 02-08-2006 02:42 PM
[ ] @ are driving me crazy FireInTheDark Linux - Software 1 11-28-2004 10:42 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 07:49 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration