firewall issues with simultaneous FTP transfer

0

08a4210

New member
Joined
Oct 28, 2010
Messages
8
I can not remember what I did with my firewall settings that If I try to upload more than 2 or 3 files with FTP I get banned for a short time.

Please let me know what I did? and how I can change that settings:confused:
 
linux

it just gives me some thing like these a few lines

Code: 
-A SPAMHAUS -s ************/******* -j DROP

Some numbers up there so what now?
 
Do you want to enable the limit or disable?
If disable, there's nothing in your firewall settings connected to the issue.
If enable, it's possible to limit number of connections to your FTP from one IP, and set banned on overusage.
 
I have just installed some thing in my server I do not remember witch apparently does not allow simultaneous ftp connection more than 5
What I need is to find out what that is and how I can increase the number of ftp connection to let's say 10
 
Please, examine your ProFTPd config. This extract from ours:

Code: 
# grep -i Max /etc/proftpd.conf
MaxInstances            50
MaxClients              200 "Sorry, the maximum number of allowed users are already connected (%m)"
MaxConnectionsPerHost   5   "Sorry, the maximum number of connections (%m) from your host are already connected."
MaxClientsPerHost       5   "Sorry, the maximum number of connections (%m) from your host are already connected."
MaxClientsPerUser       5   "Sorry, the maximum number of clients (%m) for this user already connected."
MaxLoginAttempts        1
 
Could not find proftpd.conf?
Run:

Code: 
# updatedb
# locate proftpd.conf

mod_evasive is used with Apache, not ProFTPd.
If csf is configured and working, it will result in printing something more, than few lines with spamhaus (when executing iptables -L -n or iptables-save).
 
Thanks my ect/proftpd.con only has these contents and I can not find what you say in there.

Code: 
ServerName		"ProFTPd"
ServerType          	standalone

Port			21
PassivePorts		35000 35999
UseReverseDNS		off
TimesGMT		off
TimeoutLogin		120
TimeoutIdle		600
TimeoutNoTransfer	900
TimeoutStalled		3600

ScoreboardFile			/var/run/proftpd/proftpd.pid

TransferLog		/var/log/proftpd/xferlog.legacy
LogFormat		default "%h %l %u %t \"%r\" %s %b"
LogFormat		auth    "%v [%P] %h %t \"%r\" %s"
LogFormat		write   "%h %l %u %t \"%r\" %s %b"

#DON'T modify this log format.  Its used by DirectAdmin to determine user usage
LogFormat		userlog "%u %b %m"
ExtendedLog		/var/log/proftpd/231.149.14.120.bytes WRITE,READ userlog

AuthUserFile                    /etc/proftpd.passwd
DefaultServer		on

#AuthPAM off

<IfModule mod_tls.c>
	TLSEngine on
	TLSLog /var/log/proftpd/proftpd.tls.log
	TLSProtocol TLSv1
	TLSVerifyClient off
	TLSRequired off
	
	#Certificates
	TLSRSACertificateFile /etc/exim.cert
	TLSRSACertificateKeyFile /etc/exim.key
	#TLSCACertificateFile /etc/ftpd/root.cert.pem
</IfModule>

<Global>
	DeferWelcome		on

	RequireValidShell	no

	DefaultRoot		~
	DirFakeUser on ftp
	DirFakeGroup on ftp

	User			ftp
	Group			ftp
	#UserAlias		anonymous ftp

	AllowStoreRestart	on
	AllowRetrieveRestart	on

	ListOptions		-a

	Umask			022
	DisplayLogin		welcome.msg
	DisplayChdir		readme
	AllowOverwrite		yes
	IdentLookups		off
	ExtendedLog		/var/log/proftpd/access.log WRITE,READ write
	ExtendedLog		/var/log/proftpd/auth.log AUTH auth
	
	#
	# Paranoia logging level....
	#
	#ExtendedLog    /var/log/proftpd/paranoid.log ALL default

</Global>

Include /etc/proftpd.vhosts.conf
 
The lines, I posted before, was added manually. So in your case it is not ProFTPd built-in limits.

Are you sure that your limit is set on your server, not a FTP client or your internet router/gateway?

What about system logs, when the limits work? Is there any record that an IP was banned?
 
zEitEr said:
The lines, I posted before, was added manually. So in your case it is not ProFTPd built-in limits.

Are you sure that your limit is set on your server, not a FTP client or your internet router/gateway?

What about system logs, when the limits work? Is there any record that an IP was banned?
Click to expand...

Yes an IP gets banned for a few min.
No it is not ftp client or router
Have so see the system logs when I get banned
have mod security too can it cause the issue?
 
No, mod security can not do that.

Without examining logs (with ban information) it hard to say anything more.
 
You must log in or register to reply here.
Back
Top