Thread: ioFTPD v7.5.9 Released (Beta)
View Single Post
Old 08-11-2010, 08:57 AM  
opcode
Junior Member
 
Join Date: Aug 2009
Posts: 21
Default
Quote:
opcode: You can always use "site ioversion" to get the current FTP server version. Also, be careful with your "site who" alias. The command info displayed by site who is designed to be viewed by normal users and thus doesn't display any command arguments so they'll just see things like "PORT", "site stats", etc. This prevents normal users from seeing the entire "site adduser" line which could be a bad thing... "Site swho" (and "site swho <cid>") are SiteOp functions and don't scrub anything but the PASS command so best keep that for your usage...
Yeah i have "swho" set to 1A and "who" actually commented out in the [FTP_SITE_Permissions] section, so i guess noone should be able to use them besides me.

Quote:
It sounds like you might have a couple of configuration problems though... I don't remember seeing the exact error you mentioned with failed transfers (could you double check the error message?) but one common problem is having a very small PASV port range and/or using a single fixed outgoing port. This is particularly apparent when 2 such servers try to FXP to each other.
This is actually true, i only have "Ports = 23,24,443,80" in the .ini This used to be the old BBB.se trick (e.g. BBB.se had a cap on all outbound connections besides those on these ports, so it was the only way to dl something from these boxes with more then 5k/s. Not sure if it's still true these days though). But still, if i only have two transfers running, shouldn't it be able to use one of the other two ports if one of the transfers fails and needs to reset (i guess it can't immediately use the same port due to some technical circumstances)? Is the port for an upcomming connection selected randomly or does the ftpd know which ports are currently in use/free ?

Quote:
Using any local port prevents PORT commands from having a destIP/srcIP/DestPort/SrcPort tuple collision too often which is not allowed by TCP. To solve the reverse problem where the other server is configured to use only 1 outgoing port you'll need a PASV port range that is large enough that you can allocate 1 port per file/listing used in a 30 second window. 30 seconds is the default/min TCP TIME_WAIT setting for windows. Try increasing the "Ports" range setting to see if that makes a difference. Remember to forward/allow the extra ports as well!
I have "Out_Ports = 0", i don't think it's the other servers, because i assume these are rather default glftpd installations which usually don't severely limit the number of ports being used.

Quote:
Regarding the ident lookup issue. Try adjusting the 'Ident_Timeout' setting in the .ini file. If you have a slow/lagged line the round trip query might be taking longer than you think and because the failure is cached for a while it will fail if you retry immediately. You can also try setting the cache time lower. Also, try enabling the 'Show_HostMask_Error' feature in the .ini file as well. As of v7.0 it will display 'Your user ident response did not match' instead of 'Your IP/hostname is not authorized' if just the ident is incorrect. That change resulted in a lot fewer hostmask update requests as people could see what was going on...
I will try that. Weird that it only fails right after i start ioFTPD and never again once it works for the first time. I know that it's indeed just the ident failing because i see *@added.ip in the logfiles instead of ident@added.ip

Quote:
NOTE: There are a number of 3rd party DLL's which are poorly written, or have issues with the way ioFTPD uses winsock. The most annoying one is nVidia's Firewall that was distributed with lots of BIOS/install disks by OEMs. Older versions of NetLimiter also had issues. Comodo's defense+ component breaks some debugging stuff and possibly could be responsible for runtime errors as well. NVidia and NetLimiter exhibit behavior similar to what you reported: reasonably light load but would die every few hours... You can see what dll's are in use by downloading the free Microsoft Process Explorer which is much nicer than Task Manager. Check to see what 3rd party modules are in use by ioFTPD as this sounds like a really likely source of your problem.
Will do that aswell :-)
opcode is offline   Reply With Quote