1

I am using ubuntu 14.04 and vsftpd version 3.0.2 and my problem is related to uploading files via FTP. The service has worked great for the past two years and I was able to upload thousands of files with 0 errors. However recently, I can't do that anymore, if I try to upload let's say 1000 files, it will do the first ~300 files ok but then it will start to fail until gradually all upload slots are blocked retrying on these failed files 2 times, waiting for the timeout, and in the end I am left with a bunch of failed transfers.

I am using Filezilla 3.33 on Windows as a client. This is what it looks like in Filezilla when it initially fails:

Status: Starting upload of C:\wamp64\www\system\themes\widget\html.php
Status: Retrieving directory listing of "/web/domain.com/public_html/system/themes/widget"...
Command:    PASV
Response:   227 Entering Passive Mode (10,10,20,10,50,217).
Command:    STOR icon_box.php
Response:   150 Ok to send data.
Error:  Connection timed out after 10 seconds of inactivity
Error:  File transfer failed

vsftp.log looks like this for the failed transfers:

Sat Jun  2 10:17:00 2018 [pid 29163] [admin] FAIL UPLOAD: Client "ip", "/web/domain.com/public_html/system/themes/widget/html.php", 853 bytes, 0.00Kbyte/sec

Then after some retries Filezilla shows these errors:

Response:   421 There are too many connections from your internet address.
Error:  Could not connect to server
Status: Disconnected from server
Status: Delaying connection for 5 seconds due to previously failed connection attempt...
Response:   421 There are too many connections from your internet address.
Error:  Could not connect to server
Response:   421 There are too many connections from your internet address.
Error:  Could not connect to server

after all of these retries vsftp.log looks like this now:

Sat Jun  2 11:20:19 2018 [pid 3616] CONNECT: Client "ip", "Connection refused: too many sessions for this address."
Sat Jun  2 11:20:24 2018 [pid 3622] CONNECT: Client "ip", "Connection refused: too many sessions for this address."
Sat Jun  2 11:20:24 2018 [pid 3632] CONNECT: Client "ip", "Connection refused: too many sessions for this address."

This is how my /etc/vsftpd.conf looks:

anonymous_enable=NO
local_enable=YES
write_enable=YES
local_umask=002
anon_upload_enable=NO
dirmessage_enable=YES
xferlog_enable=YES
dual_log_enable=YES
connect_from_port_20=YES
xferlog_std_format=YES
chroot_local_user=YES
listen=YES
pam_service_name=vsftpd
userlist_enable=NO
tcp_wrappers=YES
force_dot_files=YES
ascii_upload_enable=YES
ascii_download_enable=YES
#allow_writable_chroot=YES
allow_writeable_chroot=YES
seccomp_sandbox=NO
pasv_enable=YES
pasv_max_port=14000
pasv_min_port=12000

netstat -napt | grep client_ip

tcp        0      0 server_ip:21        client_ip:54986    TIME_WAIT   -
tcp        1      0 server_ip:21        client_ip:54648    CLOSE_WAIT  4632/vsftpd
tcp        0      0 server_ip:12533     client_ip:54757    ESTABLISHED 4702/vsftpd
tcp        1      0 server_ip:21        client_ip:54730    CLOSE_WAIT  4698/vsftpd
tcp        0      0 server_ip:12342     client_ip:54900    ESTABLISHED 4700/vsftpd
tcp        0      0 server_ip:12113     client_ip:54854    TIME_WAIT   -
tcp        0      0 server_ip:21        client_ip:54994    TIME_WAIT   -
tcp        0      0 server_ip:13151     client_ip:54852    TIME_WAIT   -
tcp     2122      0 server_ip:13772     client_ip:54690    CLOSE_WAIT  -
tcp        0      0 server_ip:22        client_ip:54382    ESTABLISHED 4294/0
tcp     6001      0 server_ip:12738     client_ip:54679    CLOSE_WAIT  -
tcp     2122      0 server_ip:13316     client_ip:54658    CLOSE_WAIT  -
tcp        0      0 server_ip:12107     client_ip:54846    ESTABLISHED

this goes on for about 180 lines in total, while the whole situation is at that point where Filezilla says Response: 421 There are too many connections from your internet address.

Florin C.
  • 11
  • 1
  • 3

2 Answers2

1

You should confirm the running method first. use chkconfig -A|grep vsftpd, if it's not valid, you should check configuration vi /etc/xinetd.d/vsftpd, disable = no means xinetd method, disable = yes means standalone method.

If you are in standalone method, you can change max_per_ip in /etc/vsftpd.conf to extend sessions for one IP.

Stuggi
  • 3,506
  • 4
  • 19
  • 36
Smile
  • 11
  • 1
1

According to the source, it is related to prelogin. The default value seems to be 50; since you didn't change it in your config file.

So my guess would be your FTP client: I seem to racall that you can specify an upper bound to filezilla's connection pool. Did you change anything? Have a look there for filezilla's configuration.

aif
  • 381
  • 1
  • 8
  • I have Filezilla configured for 10 max connections, 10. However I don't think this is the problem because: 1. it has worked with that value before, 2. I have tested with 5 max connections and I get the same results 3. since the default would be 50 in vsftpd it doesn't reach that with 10 max connections unless there is something else wrong that would cause these connections to fail upload and remain open somehow . – Florin C. Jun 02 '18 at 10:29
  • How about `netstat -napt | grep client_ip`? – aif Jun 02 '18 at 11:02
  • I have added a truncated result of that in my original question, the list goes on for about 180 lines in total. – Florin C. Jun 02 '18 at 11:11