consider using max_clients in vsftpd default configuration
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
vsftpd (Ubuntu) |
Triaged
|
Wishlist
|
Unassigned |
Bug Description
Binary package hint: vsftpd
The default configuration file for vsftpd does not have any max_clients or max_per_ip limits. Earlier today my server hit the TCP/IP connection limit and had to be rebooted remotely when one user unintentionally spawned way too many FTP connections.
I'm not entirely sure that no limits are in place or even if the cause is as I've described, but I'll provide some idea of what went on at that time with a few logs.
vsftpd.log shows mostly connection attempts, the occasional GET and mostly the same line:
Fri Jun 4 17:52:03 2010 [pid 2] CONNECT: Client "99.239.180.252", "Connection refused: too many sessions for this address."
/var/log/messages and /var/log/kern.log show many page allocation errors, I'll attach a sample.
The following message also flooded the terminal: (copied from kern.log)
Jun 4 17:57:59 ubuntu kernel: [2837865.728645] INFO: task vsftpd:24138 blocked for more than 120 seconds.
The server was rebooted at 19:36 and a few minutes later, I noticed many (more than usual) vsftpd processes being spawned. I killed them and added the following lines to my vsftpd.conf:
max_clients=20
max_per_ip=10
and everything looks normal again-- although the user has disconnected.
I apologize if I haven't provided enough (or the right) information; please let me know and I'll attach any additional logs as necessary. Thanks.
Other:
Description: Ubuntu 10.04 LTS
Release: 10.04
vsftpd:
Installed: 2.2.2-3ubuntu6
Candidate: 2.2.2-3ubuntu6
Version table:
*** 2.2.2-3ubuntu6 0
500 http://
100 /var/lib/
Linux ubuntu 2.6.32-21-server #32-Ubuntu SMP Fri Apr 16 09:17:34 UTC 2010 x86_64 GNU/Linux
ProblemType: Bug
DistroRelease: Ubuntu 10.04
Package: vsftpd 2.2.2-3ubuntu6
ProcVersionSign
Uname: Linux 2.6.32-21-server x86_64
Architecture: amd64
Date: Sat Jun 5 01:06:46 2010
ProcEnviron:
PATH=(custom, no user)
LANG=en_US.UTF-8
SHELL=/bin/bash
SourcePackage: vsftpd
visibility: | private → public |
Changed in vsftpd (Ubuntu): | |
assignee: | Canonical Server Team (canonical-server) → nobody |
Ill revisit this in maverick.
chuck