[BlueOnyx:16369] Re: FTP knock on problems

[Michael Stauber]

Hi George,

> Since ProFTPd is running as an inetd function, it's not actually running
> until there's an access tried to inetd that starts it.

Actually the Active Monitor component that probes FTP does a "telnet
localhost 21" and checks if it gets a response that contains "Connected to".

Then it waits for the "220" line that comes next. And finally it sends a
"Quit" and waits to receive the expected "221" message from ProFTPd.

If it doesn't get the expected three responses, it'll restart xinetd and
try again. If that still fails, it'll mark the service FTP as "red".

So it actually probes FTP to see if FTP is up and responds to commands
with the expected responses.

See:
http://devel.blueonyx.it/trac/browser/BlueOnyx/5207R/ui/base-ftp.mod/src/base-ftp-am/am_ftp.exp

That file is the same for all BlueOnyx versions.

> I'm wondering if this might have something to do with there being
> 2 config files and sometimes monitor probes or startup connections
> get the 'wrong' flavor of ftpd.

That is actually spot on. I played the entire day with a new build of
ProFTPd to tackle the pending issues. The new config file
/etc/proftds.conf stupidly had two "Port" directives in it: One for port
21 and one in the TLS section for Port 990.

Removing the "port 21" line from /etc/proftpds.conf stops that the two
xinetd instances of FTP fight over possession of port 21. We've had this
issue since we actually activated TLS way back and running them off
different config files allows us to get past that nuisance. But during
the split config file setup I missed the chance to actually remove the
"port 21" setting from /etc/proftpds.conf

I just published the rebuild proftpd to the YUM repositories. It fixed
that and (hopefully) also a couple of other issues. I suspect it won't
be the final update, but it should work a bit better than the last one.

-- 
With best regards

Michael Stauber