3

I am currently struggling with some kind of connection problem with vsftpd.

I am using an arch linux and have vsftpd version 3.0.3 installed.

I don't use iptables or anything. When I connect to my FTP server, I am successfully able to log in and browse directories. I am also able to up- and download files.

The FTP user is chrooted into his home directory, and all subdirectories are owned by the ftp user.

The current structure:

|- home_dir |- dir1 |- dir2 |- dir3 |- dir3 |- dir4 |- ...

I am able to "cd" into dir1, do a "ls" and up / download files. I am also able to "cd" into dir2, but here comes the tricky part:

I can perfectly upload files into dir2, but when I do a "ls", the server is closing the connection saying: "421 Service not available, remote server has closed connection". I figured out, that the cause are several of the subdirectories of "dir2". I figured out, that the existence of 8 of all subdirectories are causing the connection to be closed. Once I remove them, the listing works fine. All names are containing lower letters from a to z, no special chars.

My ftp config:

log_ftp_protocol=YES anonymous_enable=NO userlist_enable=YES userlist_file=/etc/vsftpd.user_list userlist_deny=NO pasv_addr_resolve=YES pasv_address=mydomain.com pasv_enable=Yes pasv_min_port=40020 pasv_max_port=40030 local_enable=YES write_enable=YES local_umask=002 dirmessage_enable=YES xferlog_enable=YES connect_from_port_20=YES chown_uploads=YES chown_username=myuser ftpd_banner=Welcome. chroot_local_user=YES

And that's what the servers FTP-Log says:

Wed Dec 28 13:55:06 2016 [pid 2] CONNECT: Client "<client_ip>" Wed Dec 28 13:55:06 2016 [pid 2] FTP response: Client "<client_ip>", "220 Welcome." Wed Dec 28 13:55:07 2016 [pid 2] FTP command: Client "<client_ip>", "USER myuser" Wed Dec 28 13:55:07 2016 [pid 2] [myuser] FTP response: Client "<client_ip>", "331 Please specify the password." Wed Dec 28 13:55:07 2016 [pid 2] [myuser] FTP command: Client "<client_ip>", "PASS <password>" Wed Dec 28 13:55:07 2016 [pid 1] [myuser] OK LOGIN: Client "<client_ip>" Wed Dec 28 13:55:07 2016 [pid 3] [myuser] FTP response: Client "<client_ip>", "230 Login successful." Wed Dec 28 13:55:07 2016 [pid 3] [myuser] FTP command: Client "<client_ip>", "OPTS UTF8 ON" Wed Dec 28 13:55:07 2016 [pid 3] [myuser] FTP response: Client "<client_ip>", "200 Always in UTF8 mode." Wed Dec 28 13:55:07 2016 [pid 3] [myuser] FTP command: Client "<client_ip>", "PWD" Wed Dec 28 13:55:07 2016 [pid 3] [myuser] FTP response: Client "<client_ip>", "257 "/" is the current directory" Wed Dec 28 13:55:07 2016 [pid 3] [myuser] FTP command: Client "<client_ip>", "TYPE I" Wed Dec 28 13:55:07 2016 [pid 3] [myuser] FTP response: Client "<client_ip>", "200 Switching to Binary mode." Wed Dec 28 13:55:07 2016 [pid 3] [myuser] FTP command: Client "<client_ip>", "PASV" Wed Dec 28 13:55:07 2016 [pid 3] [myuser] FTP response: Client "<client_ip>", "227 Entering Passive Mode (<server_ip>,156,86)." Wed Dec 28 13:55:07 2016 [pid 3] [myuser] FTP command: Client "<client_ip>", "LIST" Wed Dec 28 13:55:07 2016 [pid 3] [myuser] FTP response: Client "<client_ip>", "150 Here comes the directory listing." Wed Dec 28 13:55:08 2016 [pid 3] [myuser] FTP response: Client "<client_ip>", "226 Directory send OK." Wed Dec 28 13:55:09 2016 [pid 3] [myuser] FTP command: Client "<client_ip>", "CWD /dir1" Wed Dec 28 13:55:09 2016 [pid 3] [myuser] FTP response: Client "<client_ip>", "250 Directory successfully changed." Wed Dec 28 13:55:09 2016 [pid 3] [myuser] FTP command: Client "<client_ip>", "PASV" Wed Dec 28 13:55:09 2016 [pid 3] [myuser] FTP response: Client "<client_ip>", "227 Entering Passive Mode (<server_ip>,156,92)." Wed Dec 28 13:55:09 2016 [pid 3] [myuser] FTP command: Client "<client_ip>", "LIST" Wed Dec 28 13:55:09 2016 [pid 3] [myuser] FTP response: Client "<client_ip>", "150 Here comes the directory listing." Wed Dec 28 13:55:09 2016 [pid 3] [myuser] FTP response: Client "<client_ip>", "226 Directory send OK." Wed Dec 28 13:55:11 2016 [pid 3] [myuser] FTP command: Client "<client_ip>", "CWD /dir1/dir2" Wed Dec 28 13:55:11 2016 [pid 3] [myuser] FTP response: Client "<client_ip>", "250 Directory successfully changed." Wed Dec 28 13:55:11 2016 [pid 3] [myuser] FTP command: Client "<client_ip>", "PASV" Wed Dec 28 13:55:11 2016 [pid 3] [myuser] FTP response: Client "<client_ip>", "227 Entering Passive Mode (<server_ip>,156,87)." Wed Dec 28 13:55:11 2016 [pid 3] [myuser] FTP command: Client "<client_ip>", "LIST" Wed Dec 28 13:55:11 2016 [pid 3] [myuser] FTP response: Client "<client_ip>", "150 Here comes the directory listing."

The log always stops after "150 Here comes the directory listing.". I tried it several times.

And this is, what I see, when I use the ftp command on my terminal:

$ ftp -n 127.0.0.1 Connected to 127.0.0.1. 220 Welcome. ftp> user myuser 331 Please specify the password. Password: 230 Login successful. ftp> ls 200 PORT command successful. Consider using PASV. 150 Here comes the directory listing. drwxr-xr-x 4 1000 1000 4096 Dec 28 13:27 dir1 226 Directory send OK. ftp> cd dir1 250 Directory successfully changed. ftp> ls 200 PORT command successful. Consider using PASV. 150 Here comes the directory listing. -rwxr-xr-x 1 1000 1000 469504 Dec 23 03:03 file_1 -rw-r--r-- 1 1000 1000 186 Feb 19 2016 file_2 -rw-r--r-- 1 1000 1000 121856 Dec 23 00:16 file_3 -rw-r--r-- 1 1000 1000 118272 Feb 12 2016 file_4 -rw-r--r-- 1 1000 1000 88232 Mar 22 2016 file_5 -rw-r--r-- 1 1000 1000 64680 Mar 22 2016 file_6 -rw-r--r-- 1 1000 1000 101032 Mar 22 2016 file_7 -rw-r--r-- 1 1000 1000 6144 Mar 22 2016 file_8 -rw-r--r-- 1 1000 1000 899584 Mar 22 2016 file_9 drwxrwxr-x 42 1000 1000 4096 Dec 28 11:38 dir2 226 Directory send OK. ftp> cd dir2 250 Directory successfully changed. ftp> pwd 257 "/dir1/dir2" is the current directory ftp> ls 200 PORT command successful. Consider using PASV. 150 Here comes the directory listing. 421 Service not available, remote server has closed connection

Thanks a lot for help.

Improve this question
2
  • What's interesting is that your server logs show the PASV command being used (for passive data transfers), but your client log shows PORT being used (for active data transfers). What happens if, using the ftp(1) command-client, you explicitly tell it to use PASV using "passive" (or the -p command-line option, depending on your ftp(1) flavor)? Same behavior? Commented Dec 28, 2016 at 20:26
  • I have the same problem, even in empty directories Commented Oct 8, 2023 at 19:00

2 Answers 2

Reset to default
9

I fixed the issue I has with directory listings failing with more than 10ish files (as described by Chistian Mund) by by adding this

seccomp_sandbox=NO

To /etc/vsftpd.conf

Source Arch Wiki

Improve this answer
1

I had the exact same problem, also on Arch Linux with vsftp 3.0.3 (pkg rel 3). It turned out the directory causing this behaviour had too many files in it (2,666). After removing most of them, listing over ftp started working again.

Weird, huh? 2,666 don't seem like too many. But I've really changed nothing else. vsftp settings are still the same and file system permissions are untouched. Also the file names didn't contain any strange characters (sequential numbers with a length of up to 21 chars).

Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.