Anonymous FTP sessions slowly accumulate
in [Solaris]
|
Prev: UX:lp: ERROR: The LP print service could not read your request
Next: Solaris 10 OS Kernel version 5.10-2008.10 ***How to get it***
From: Gary Mills on 30 Nov 2009 22:06 I'm running an anonymous FTP server using the stock in.ftpd on Solaris 10. It works nicely, except that an idle session occasionally remains. Eventually, these reach the session limit, preventing new sessions from starting. This may take a month. I have to disable and enable the service when that happens to clear the idle sessions. This sort of idle session is always blocked on the same read(): # truss -p 21257 *** SUID: ruid/euid/suid = 49 / 49 / 0 *** read(9, 0x08045934, 1) (sleeping...) The socket looks like this: # pfiles 21257 21257: /usr/sbin/in.ftpd -a Current rlimit: 256 file descriptors 0: S_IFSOCK mode:0666 dev:287,0 ino:34722 uid:0 gid:0 size:0 O_RDWR SOCK_STREAM SO_REUSEADDR,SO_KEEPALIVE,SO_OOBINLINE,SO_SNDBUF(49152),SO_RCVBUF(49152),IP_NEXTHOP(0.192.0.0) sockname: AF_INET6 :: port: 0 ... 9: S_IFSOCK mode:0666 dev:287,0 ino:35230 uid:0 gid:0 size:0 O_RDWR SOCK_STREAM SO_KEEPALIVE,SO_SNDBUF(49152),SO_RCVBUF(49680),IP_NEXTHOP(16.194.0.0) sockname: AF_INET6 ::ffff:130.179.16.34 port: 14973 I've tried many things, all with no effect. All of the timeout settings except one had defaults in /etc/ftpd/ftpaccess. I tried setting `limit-time' to 360 minutes, with no effect. I tried changing the inetd `proto' setting from `tcp6' to `tcp'. That changed the socket type, but otherwise had no effect. The sockets all appear to be unconnected for these processes. Has anyone else seen this behavior? I couldn't find any relevant bug reports. What could be wrong? -- -Gary Mills- -Unix Group- -Computer and Network Services-
From: solx on 1 Dec 2009 05:08 On 01/12/2009 03:06, Gary Mills wrote: > I'm running an anonymous FTP server using the stock in.ftpd on Solaris > 10. It works nicely, except that an idle session occasionally > remains. Eventually, these reach the session limit, preventing new > sessions from starting. This may take a month. I have to disable and > enable the service when that happens to clear the idle sessions. > > This sort of idle session is always blocked on the same read(): > > # truss -p 21257 > *** SUID: ruid/euid/suid = 49 / 49 / 0 *** > read(9, 0x08045934, 1) (sleeping...) > > The socket looks like this: > > # pfiles 21257 > 21257: /usr/sbin/in.ftpd -a > Current rlimit: 256 file descriptors > 0: S_IFSOCK mode:0666 dev:287,0 ino:34722 uid:0 gid:0 size:0 > O_RDWR > SOCK_STREAM > SO_REUSEADDR,SO_KEEPALIVE,SO_OOBINLINE,SO_SNDBUF(49152),SO_RCVBUF(49152),IP_NEXTHOP(0.192.0.0) > sockname: AF_INET6 :: port: 0 > ... > 9: S_IFSOCK mode:0666 dev:287,0 ino:35230 uid:0 gid:0 size:0 > O_RDWR > SOCK_STREAM > SO_KEEPALIVE,SO_SNDBUF(49152),SO_RCVBUF(49680),IP_NEXTHOP(16.194.0.0) > sockname: AF_INET6 ::ffff:130.179.16.34 port: 14973 > > I've tried many things, all with no effect. All of the timeout > settings except one had defaults in /etc/ftpd/ftpaccess. I tried > setting `limit-time' to 360 minutes, with no effect. I tried changing > the inetd `proto' setting from `tcp6' to `tcp'. That changed the > socket type, but otherwise had no effect. > > The sockets all appear to be unconnected for these processes. Has > anyone else seen this behavior? I couldn't find any relevant bug > reports. What could be wrong? > Hi, I ran the stock in.ftpd for over ten years but never experienced this problem. Are you running the in.ftpd in standalone mode? ie # ./in.ftpd -s I used my own S100ftpserver script which was the last to run in rc3.d
From: Casper H.S. Dik on 1 Dec 2009 05:39 Gary Mills <mills(a)cc.umanitoba.ca> writes: >I've tried many things, all with no effect. All of the timeout >settings except one had defaults in /etc/ftpd/ftpaccess. I tried >setting `limit-time' to 360 minutes, with no effect. I tried changing >the inetd `proto' setting from `tcp6' to `tcp'. That changed the >socket type, but otherwise had no effect. What is the output of netstat for the connections? Casper -- Expressed in this posting are my opinions. They are in no way related to opinions held by my employer, Sun Microsystems. Statements on Sun products included here are not gospel and may be fiction rather than truth.
From: Gary Mills on 1 Dec 2009 07:51 In <oI6dnQYpwoyCdonWnZ2dnUVZ8jqdnZ2d(a)pipex.net> solx <nospam(a)example.net> writes: >On 01/12/2009 03:06, Gary Mills wrote: >> I'm running an anonymous FTP server using the stock in.ftpd on Solaris >> 10. It works nicely, except that an idle session occasionally >> remains. Eventually, these reach the session limit, preventing new >> sessions from starting. This may take a month. I have to disable and >> enable the service when that happens to clear the idle sessions. >I ran the stock in.ftpd for over ten years but never experienced this >problem. Are you running the in.ftpd in standalone mode? >ie # ./in.ftpd -s >I used my own S100ftpserver script which was the last to run in rc3.d No, it's an SMF service, running under the inetd restarter in Solaris 10. -- -Gary Mills- -Unix Group- -Computer and Network Services-
From: Gary Mills on 1 Dec 2009 07:55
In <4b14f252$0$22941$e4fe514c(a)news.xs4all.nl> Casper H.S. Dik <Casper.Dik(a)Sun.COM> writes: >Gary Mills <mills(a)cc.umanitoba.ca> writes: >>I've tried many things, all with no effect. All of the timeout >>settings except one had defaults in /etc/ftpd/ftpaccess. I tried >>setting `limit-time' to 360 minutes, with no effect. I tried changing >>the inetd `proto' setting from `tcp6' to `tcp'. That changed the >>socket type, but otherwise had no effect. >What is the output of netstat for the connections? I've just restarted the service, so I'll have to wait a few days for one to appear. Is there a way to specify a port or process with netstat, or do I need to start with all TCP connections? -- -Gary Mills- -Unix Group- -Computer and Network Services- |