[BlueOnyx:09955] Re: FTP failure on BlueOnyx server
Domain Administrator
domains at wetsystems.com
Sat Mar 31 11:03:56 -05 2012
Following up to my earlier post...
It turns out this issue exists on BOTH of my similarly configured BlueOnyx servers, so the proftpd.conf file could be suspect.
On Mar 31, 2012, at 5:28 AM, Domain Administrator wrote:
> Hello gents –
>
> I have a BlueOnyx server (5106R, 2.20110817) on which FTP is failing to start. Active Monitor in the GUI shows "The FTP server is not running and could not be restarted...". Cycling the FTP service from the GUI has no effect, nor does starting, or restarting the proftpd daemon from the console. I've checked localhost DNS. The proftpd.conf file (attached below) is identical to that on a working server.
>
> Has anyone seen this? And does anyone have an idea where to look next?
>
> Thanks for any input.
> Bill Thackrey
>
>
> --------------------
> Installed software list:
> AV-SPAM 5.1.2 Solarspeed.net
> Automated Backup 2.0.1 Solarspeed.net
> BlueOnyx 2.20110817 Project BlueOnyx
> Clam-AV 0.97.3 Solarspeed.net
> Majordomo 1.4.1 Project BlueOnyx
> Mod PHP 5.2.17 Solarspeed.net
> RoundCube 0.40.1 Solarspeed.net
> phpMyadmin 3.1.3 Solarspeed.net
>
> Proftpd version proftpd.i386 0:1.3.3e-1BX2
> --------------------
> Diagnostics and the proftpd.conf file are pasted below.
> --------------------
> [root at tabua init.d]# ./proftpd restart
> Shutting down proftpd: [FAILED]
> Starting proftpd: [FAILED]
> --------------------
> [root at tabua init.d]# ./proftpd reload
> Re-reading proftpd configuration: [FAILED]
> --------------------
> [root at tabua proftpd]# tail -900 /var/log/messages|grep ftp
> Mar 31 00:30:06 tabua cced(smd)[20215]: client 0:[0:20209]: SET 15 . FTP lastChange = 1333179006 currentState = R currentMessage = "[[base-ftp.amNotResponding]]"
> Mar 31 00:45:06 tabua cced(smd)[20710]: client 0:[0:20699]: SET 15 . FTP lastChange = 1333179906 currentState = R currentMessage = "[[base-ftp.amNotResponding]]"
> Mar 31 01:00:05 tabua cced(smd)[21164]: client 0:[0:21155]: SET 15 . FTP lastChange = 1333180805 currentState = R currentMessage = "[[base-ftp.amNotResponding]]"
> Mar 31 01:15:05 tabua cced(smd)[21750]: client 0:[0:21748]: SET 15 . FTP lastChange = 1333181705 currentState = R currentMessage = "[[base-ftp.amNotResponding]]"
> Mar 31 01:30:06 tabua cced(smd)[22252]: client 0:[0:22245]: SET 15 . FTP lastChange = 1333182606 currentState = R currentMessage = "[[base-ftp.amNotResponding]]"
> Mar 31 01:45:06 tabua cced(smd)[22892]: client 0:[0:22891]: SET 15 . FTP lastChange = 1333183506 currentState = R currentMessage = "[[base-ftp.amNotResponding]]"
> Mar 31 02:00:05 tabua cced(smd)[23379]: client 0:[0:23375]: SET 15 . FTP lastChange = 1333184405 currentState = R currentMessage = "[[base-ftp.amNotResponding]]"
> Mar 31 02:15:05 tabua cced(smd)[23926]: client 0:[0:23925]: SET 15 . FTP lastChange = 1333185305 currentState = R currentMessage = "[[base-ftp.amNotResponding]]"
> Mar 31 02:30:06 tabua cced(smd)[24430]: client 0:[0:24428]: SET 15 . FTP lastChange = 1333186206 currentState = R currentMessage = "[[base-ftp.amNotResponding]]"
> Mar 31 02:45:06 tabua cced(smd)[24926]: client 0:[0:24917]: SET 15 . FTP lastChange = 1333187106 currentState = R currentMessage = "[[base-ftp.amNotResponding]]"
> Mar 31 03:00:06 tabua cced(smd)[25428]: client 0:[0:25421]: SET 15 . FTP lastChange = 1333188006 currentState = R currentMessage = "[[base-ftp.amNotResponding]]"
> Mar 31 03:15:06 tabua cced(smd)[26009]: client 0:[0:26008]: SET 15 . FTP lastChange = 1333188906 currentState = R currentMessage = "[[base-ftp.amNotResponding]]"
> Mar 31 03:30:05 tabua cced(smd)[26488]: client 0:[0:26487]: SET 15 . FTP lastChange = 1333189805 currentState = R currentMessage = "[[base-ftp.amNotResponding]]"
> Mar 31 03:45:05 tabua cced(smd)[26967]: client 0:[0:26965]: SET 15 . FTP lastChange = 1333190705 currentState = R currentMessage = "[[base-ftp.amNotResponding]]"
> Mar 31 04:00:06 tabua cced(smd)[27413]: client 0:[0:27412]: SET 15 . FTP lastChange = 1333191606 currentState = R currentMessage = "[[base-ftp.amNotResponding]]"
> --------------------
> [root at tabua proftpd]# cat ban.log
> Mar 30 21:57:57 mod_ban/0.5.5[13231]: obtained shmid 3276811 for BanTable '/var/log/proftpd/ban.tab'
> Mar 30 21:58:01 mod_ban/0.5.5[13241]: obtained shmid 3276811 for BanTable '/var/log/proftpd/ban.tab'
> Mar 30 21:58:56 mod_ban/0.5.5[13260]: obtained shmid 3276811 for BanTable '/var/log/proftpd/ban.tab'
> Mar 31 01:27:17 mod_ban/0.5.5[22183]: obtained shmid 3276811 for BanTable '/var/log/proftpd/ban.tab'
> Mar 31 01:27:20 mod_ban/0.5.5[22193]: obtained shmid 3276811 for BanTable '/var/log/proftpd/ban.tab'
> Mar 31 01:28:53 mod_ban/0.5.5[22214]: obtained shmid 3276811 for BanTable '/var/log/proftpd/ban.tab'
> Mar 31 01:29:15 mod_ban/0.5.5[22224]: obtained shmid 3276811 for BanTable '/var/log/proftpd/ban.tab''
> --------------------
> File ban.tab is empty
> --------------------
> [root at tabua proftpd]# cd /var/log/proftpd
> [root at tabua proftpd]# ls -la
> total 16
> drwxr-x--- 2 root root 4096 Mar 30 21:57 .
> drwxr-xr-x 10 root root 4096 Mar 31 04:30 ..
> -rw-r----- 1 root root 1010 Mar 31 04:44 ban.log
> -rw-r--r-- 1 root root 0 Mar 30 21:57 ban.tab
> --------------------
> [root at tabua proftpd]# nslookup localhost
> Server: 207.xxx.xxx.xxx
> Address: 207.xxx.xxx.xxx#53
>
> Name: localhost
> Address: 127.0.0.1
> --------------------
> [root at tabua etc]# cat proftpd.conf
> # This is the ProFTPD configuration file
> # $Id: proftpd.conf,v 1.1 2004/02/26 17:54:30 thias Exp $
>
> ServerName "ProFTPD server"
> ServerIdent on "FTP Server ready."
> ServerAdmin root at localhost
> #ServerType standalone
> ServerType inetd
> DefaultServer on
> AccessGrantMsg "User %u logged in."
> #DisplayConnect /etc/ftpissue
> #DisplayLogin /etc/ftpmotd
> #DisplayGoAway /etc/ftpgoaway
> DeferWelcome off
> RequireValidShell off
>
> # Use this to excude users from the chroot
> DefaultRoot / wheel
> DefaultRoot / admin-users
> DefaultRoot ~/../../.. site-adm
> DefaultRoot ~ !site-adm
>
> # Use pam to authenticate (default) and be authoritative
> AuthPAMConfig proftpd
> AuthOrder mod_auth_pam.c* mod_auth_unix.c
>
> # Do not perform ident nor DNS lookups (hangs when the port is filtered)
> TimesGMT off
> IdentLookups off
>
> # begin global -- do not delete
> MaxClients 100000
> IdentLookups off
> UseReverseDNS off
> # end global -- do not delete
>
> # Port 21 is the standard FTP port.
> Port 21
>
> # Umask 022 is a good standard umask to prevent new dirs and files
> # from being group and world writable.
> Umask 022
>
> # Default to show dot files in directory listings
> ListOptions "-a"
>
> # See Configuration.html for these (here are the default values)
> #MultilineRFC2228 off
> #RootLogin off
> LoginPasswordPrompt on
> MaxLoginAttempts 3
> #MaxClientsPerHost none
> #AllowForeignAddress off # For FXP
>
> # Allow to resume not only the downloads but the uploads too
> AllowRetrieveRestart on
> AllowStoreRestart on
>
> # To prevent DoS attacks, set the maximum number of child processes
> # to 30. If you need to allow more than 30 concurrent connections
> # at once, simply increase this value. Note that this ONLY works
> # in standalone mode, in inetd mode you should use an inetd server
> # that allows you to limit maximum number of processes per service
> # (such as xinetd)
> MaxInstances 20
>
> # Set the user and group that the server normally runs at.
> User nobody
> Group nobody
>
> # Disable sendfile by default since it breaks displaying the download speeds in
> # ftptop and ftpwho
> UseSendfile no
>
> # This is where we want to put the pid file
> ScoreboardFile /var/run/proftpd.score
>
> # Normally, we want users to do a few things.
> <Global>
> AllowOverwrite yes
> <Limit ALL SITE_CHMOD>
> AllowAll
> </Limit>
> # Restrict the range of ports from which the server will select when sent the
> # PASV command from a client. Use IANA-registered ephemeral port range of
> # 49152-65534
> PassivePorts 49152 65534
> IdentLookups off
> </Global>
>
> # Define the log formats
> LogFormat default "%h %l %u %t \"%r\" %s %b"
> LogFormat auth "%v [%P] %h %t \"%r\" %s"
>
> # TLS
> <IfModule mod_tls.c>
> TLSEngine on
> TLSLog /var/log/proftpd/tls.log
> TLSRequired off
> TLSRSACertificateFile /etc/pki/dovecot/certs/dovecot.pem
> TLSRSACertificateKeyFile /etc/pki/dovecot/private/dovecot.pem
> TLSVerifyClient off
> TLSOptions NoCertRequest
> TLSRenegotiate required off
> </IfModule>
>
> # Explained at http://www.castaglia.org/proftpd/modules/mod_tls.html
> #TLSEngine on
> #TLSRequired on
> #TLSRSACertificateFile /etc/pki/tls/certs/proftpd.pem
> #TLSRSACertificateKeyFile /etc/pki/tls/certs/proftpd.pem
> #TLSCipherSuite ALL:!ADH:!DES
> #TLSOptions NoCertRequest
> #TLSVerifyClient off
> #TLSRenegotiate ctrl 3600 data 512000 required off timeout 300
> #TLSLog /var/log/proftpd/tls.log
>
> # SQL authentication Dynamic Shared Object (DSO) loading
> # See README.DSO and howto/DSO.html for more details.
> #<IfModule mod_dso.c>
> # LoadModule mod_sql.c
> # LoadModule mod_sql_mysql.c
> # LoadModule mod_sql_postgres.c
> #</IfModule>
>
> # A basic anonymous configuration, with an upload directory.
> #<Anonymous ~ftp>
> # User ftp
> # Group ftp
> # AccessGrantMsg "Anonymous login ok, restrictions apply."
> #
> # # We want clients to be able to login with "anonymous" as well as "ftp"
> # UserAlias anonymous ftp
> #
> # # Limit the maximum number of anonymous logins
> # MaxClients 10 "Sorry, max %m users -- try again later"
> #
> # # Put the user into /pub right after login
> # #DefaultChdir /pub
> #
> # # We want 'welcome.msg' displayed at login, '.message' displayed in
> # # each newly chdired directory and tell users to read README* files.
> # DisplayLogin /welcome.msg
> # DisplayFirstChdir .message
> # DisplayReadme README*
> #
> # # Some more cosmetic and not vital stuff
> # DirFakeUser on ftp
> # DirFakeGroup on ftp
> #
> # # Limit WRITE everywhere in the anonymous chroot
> # <Limit WRITE SITE_CHMOD>
> # DenyAll
> # </Limit>
> #
> # # An upload directory that allows storing files but not retrieving
> # # or creating directories.
> # <Directory uploads/*>
> # AllowOverwrite no
> # <Limit READ>
> # DenyAll
> # </Limit>
> #
> # <Limit STOR>
> # AllowAll
> # </Limit>
> # </Directory>
> #
> # # Don't write anonymous accesses to the system wtmp file (good idea!)
> # WtmpLog off
> #
> # # Logging for the anonymous transfers
> # ExtendedLog /var/log/proftpd/access.log WRITE,READ default
> # ExtendedLog /var/log/proftpd/auth.log AUTH auth
> #
> #</Anonymous>
>
> # mod_ban configuration:
> <IfModule mod_ban.c>
> BanEngine on
> BanLog /var/log/proftpd/ban.log
> BanTable /var/log/proftpd/ban.tab
>
> # If the same client reaches the MaxLoginAttempts limit 30 times
> # within 10 minutes, automatically add a ban for that client that
> # will expire after 30 minutes.
> BanOnEvent MaxLoginAttempts 30/00:10:00 00:30:00
>
> # Configure a rule to automatically ban scripts looking for anonymous
> # servers to which they can upload
> #BanOnEvent AnonRejectPasswords 1/01:00:00 01:00:00
>
> # Ban clients which connect too frequently. This rule bans clients
> # which connect more than 30 times within one minute. Include a special
> # message just for them and keep them out for one hour.
> BanOnEvent ClientConnectRate 30/00:01:00 01:00:00 "Stop connecting so frequently!"
>
> # Allow the FTP admin to manually add/remove bans
> BanControlsACLs all allow group wheel
> </IfModule>
> _______________________________________________
> Blueonyx mailing list
> Blueonyx at mail.blueonyx.it
> http://mail.blueonyx.it/mailman/listinfo/blueonyx
More information about the Blueonyx
mailing list