--=-wZhd+y5r37z3kNHUwh2w
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

В Птн, 08/09/2006 в 12:31 -0500, Thomas L. Shinnick пишет:
> At 09:54 AM 9/8/2006, =?koi8-r?Q?=F0=CF=CB=CF=D4=C9=CC=C5=CE=CB=CF_?=
> =?koi8-r?Q?=EB= wrote:
> > Is this possible?
> >
> > I've defined 2 virtual hosts on the same ip address but on different
> > port + one standard on port 21.
> >
> > When trying to connect to one of virtual hosts (not port 21) I
> > always
> > geting into the standard repository.
> >
> > Config attached.
> >
> > --
> > ðÏËÏÔÉÌÅÎËÏ ëÏÓÔÉË

>
> I tried to duplicate your config in my environment, and it all works
> under ProFTPD 1.3.0. There's only one 'bug' in your config that I
> can see. FTP needs to use _two_ port addresses, the port you name and
> one less than that, for data connections. So when you said "Port
> 3422" you would also be using port 3421 for that same VirtualHost,
> overlapping the other VirtualHost. But even when I used the same
> (bad) port numbers, I could still get connected.
>
> Here's some pieces of the config I tested with:
> ServerType standalone
> DefaultServer off
>
> ServerName "Base FTP server"
> ServerIdent on "Base FTP server ready."
> Port 21
>
>
> Port 3420
> ServerName "First Virtual FTP server"
> ServerIdent on "First Virtual FTP server ready."
>

>
>
> Port 3422
> ServerName "Second Virtual FTP server"
> ServerIdent on "Second Virtual FTP server ready."
>

>
> Note that I use the ServerName and ServerIdent values to help me see
> _which_ site config I've really connected to.
>
> When I start this up I see the three sets of ports being used:
> (under Solaris the command is "netstat -a -P tcp -f inet", under
> Linux I use "netstat -t -l -p" to see which ports are being
> listened to)
> *.ftp *.* 0 0 49152 0 LISTEN
> *.3420 *.* 0 0 49152 0 LISTEN
> *.3422 *.* 0 0 49152 0 LISTEN
>
> When I test from command-line I see these results:
> ftp ftptest
> 220 Base FTP server ready.
>
> ftp ftptest 3420
> 220 First Virtual FTP server ready.
>
> ftp ftptest 3422
> 220 Second Virtual FTP server ready.
> so it all works just fine.
>
> I changed the config to use your (bad) ports, like so:
>
> Port 3422
>
>
> Port 3421
>
> And restarted and retested and saw:
> *.ftp *.* 0 0 49152 0 LISTEN
> *.3422 *.* 0 0 49152 0 LISTEN
> *.3421 *.* 0 0 49152 0 LISTEN
>
> ftp ftptest
> 220 Base FTP server ready.
>
> ftp ftptest 3421
> 220 Second Virtual FTP server ready.
>
> ftp ftptest 3422
> 220 First Virtual FTP server ready.
>
> so it all still worked for connecting. (If you tried data transfers
> or directory listings the overlapping ports will cause trouble)
>
> So, fix the ports, and try putting in the ServerName and ServerIdent
> values, and see if that helps you figure out what is _really_
> happening. Maybe you weren't specifying the port numbers correctly
> when testing?


Unfortunately, this doesn't help either.

# proftpd -nd5 2>&1 >& /var/log/proftpd.debug &

# netstat -ntl | grep 21
tcp 0 0 0.0.0.0:3521 0.0.0.0:*
LISTEN
tcp 0 0 0.0.0.0:21 0.0.0.0:*
LISTEN
tcp 0 0 0.0.0.0:3421 0.0.0.0:*
LISTEN

# ftp localhost
Connected to localhost.localdomain.
220 Main FTP server.
Name (localhost:root): casper
331 Password required for casper.
Password:
230 User casper logged in.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> by
221 Goodbye.

# ftp localhost 3421
Connected to localhost.localdomain.
220 Main FTP server.
Name (localhost:root): casper
331 Password required for casper.
Password:
230 User casper logged in.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> by
221 Goodbye.

# ftp localhost 3521
Connected to localhost.localdomain.
220 Main FTP server.
Name (localhost:root): casper
331 Password required for casper.
Password:
230 User casper logged in.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> by
221 Goodbye.

Config file and /var/log/proftpd.debug are attached.


--
Покотиленко Костик

--=-wZhd+y5r37z3kNHUwh2w
Content-Disposition: attachment; filename=proftpd.conf
Content-Type: text/plain; name=proftpd.conf; charset=koi8-u
Content-Transfer-Encoding: 7bit

#
# /etc/proftpd.conf -- This is a basic ProFTPD configuration file.
# To really apply changes reload proftpd after modifications.
#

ServerName "Debian"
ServerType standalone
ServerIdent on "Main FTP server."
DeferWelcome off

MultilineRFC2228 on
DefaultServer on
ShowSymlinks on

TimeoutNoTransfer 600
TimeoutStalled 600
TimeoutIdle 1200

DisplayLogin welcome.msg
DisplayFirstChdir .message
ListOptions "-l"

DenyFilter \*.*/

QuotaEngine on

# Uncomment this if you are using NIS or LDAP to retrieve passwords:
#PersistentPasswd off

# Uncomment this if you would use TLS module:
#TLSEngine on

# Uncomment this if you would use quota module:
#Quotas on

# Uncomment this if you would use ratio module:
#Ratios on

# Port 21 is the standard FTP port.
Port 21

# To prevent DoS attacks, set the maximum number of child processes
# to 30. If you need to allow more than 30 concurrent connections
# at once, simply increase this value. Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd)
MaxInstances 30

# Set the user and group that the server normally runs at.
User nobody
Group nogroup

# Umask 022 is a good standard umask to prevent new files and dirs
# (second parm) from being group and world writable.
Umask 022 022
# Normally, we want files to be overwriteable.
AllowOverwrite on

# Delay engine reduces impact of the so-called Timing Attack described in
# http://security.lss.hr/index.php?pag...LSS-2004-10-02
# It is on by default.
#DelayEngine off

# A basic anonymous configuration, no upload directories.

QuotaDisplayUnits Mb
QuotaLimitTable file:/etc/proftpd/ftpquota.limittab
QuotaTallyTable file:/etc/proftpd/ftpquota.tallytab
QuotaLog /var/log/proftpd_quota.log



# DefaultRoot ~ftp

User ftp
Group ftp

#
# # Umask 022 is a good standard umask to prevent new files and dirs
# # (second parm) from being group and world writable.
# Umask 002 002
# GroupOwner ftp
#






ServerName "Virt1: public FTP server"
ServerIdent on "Virt1: public FTP server."
Port 3421
Umask 002


User ftp
Group ftp
# We want clients to be able to login with "anonymous" as well as "ftp"
UserAlias anonymous ftp
# Cosmetic changes, all files belongs to ftp user
DirFakeUser on ftp
DirFakeGroup on ftp

RequireValidShell off

# Limit the maximum number of anonymous logins
MaxClients 10

# We want 'welcome.msg' displayed at login, and '.message' displayed
# in each newly chdired directory.
DisplayLogin welcome.msg
DisplayFirstChdir .message



AllowAll


# Limit WRITE everywhere in the anonymous chroot

Umask 002 002

AllowAll







ServerName "Virt2: incoming FTP server"
ServerIdent on "Virt2: incoming FTP server."
Port 3521
Umask 002


User ftp
Group ftp
# We want clients to be able to login with "anonymous" as well as "ftp"
UserAlias anonymous ftp
# Cosmetic changes, all files belongs to ftp user
DirFakeUser on ftp
DirFakeGroup on ftp

RequireValidShell off

# Limit the maximum number of anonymous logins
MaxClients 10

# We want 'welcome.msg' displayed at login, and '.message' displayed
# in each newly chdired directory.
DisplayLogin welcome.msg
DisplayFirstChdir .message


AllowAll


# Uncomment this if you're brave.

# Umask 022 is a good standard umask to prevent new files and dirs
# (second parm) from being group and world writable.
Umask 002 002

AllowAll


DenyAll


AllowAll







--=-wZhd+y5r37z3kNHUwh2w
Content-Disposition: attachment; filename=proftpd.debug.gz
Content-Type: application/x-gzip; name=proftpd.debug.gz
Content-Transfer-Encoding: base64

H4sICDM4BUUAA3Byb2Z0cGQuZGVidWcA7Zpdb9s2FIZ73V/BOydYI393mYFeFHHaBXDjNLJRDMNg
0BIdc6ZIlaTi5d+PVr2sXpLFnSjJHd6nF3EB6bwidfh19L54AQ AAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAFAhkZILppmMWPA7nc+ZDlbrIE 6DjJIjoSIqlsrYIP8Vq4Ry+Wu7
82PQcv/avx2TE/JuckUMM4YrSTT7nDFjWUwWWiUkkyup1pJEghrzsqiQu1+yaBP8 hORXETIg95cM
Om2vCpolyrIdhW6/2+0XFvm6v1TKJIuDwjFjblJqoyWXN+Tq+nx29mHoGpMkVMakMQ 3Pr0lETcp0
g1hFEhXPNFtrbln1wlYUT4RvFo2UrqGp9ajGTNC76mVpZpdeVZ 9PYWq5qlbSeyOvxuGkjlc6Gr9/
Xlaom3Lz6OptGJKjJY9jJo+rnZoely59cnpctvyJ4rB0K5iiHh dea5rWktI05lktqVXutFyiZuEA
Z+5+fkMWSpMhm3MqB4VDhkzfMn3hGmsLxxoyd/snJlxfFh+DLhjNhP3yfMWbuVTr8C4RXK6K5+yE
J0xl9lJNNJVm4eHxthFDS4Vgsa9wF7Hw8B7cQHFT20jdcOkr2D uujT1bxrx4z424sePU7Zpk8fc6
ZNI9mrAeXujHTFl6Ll2fFX8DU+MG6NBLmEvqYWS+1ypLPTxQHs fLE00TalYeklP7CfRWCLUeu2nL
z6Yvz6XtyJlKbosneh5xxBNuJ3TuYY7I403c3HXnMd7Iw1YdQ+ fZLcX0+vr8cnJyNrpwf8LiXeUO
XV6CbE9uA5KvPMRkUcSMWWSieGXJhXNLzyxasmg1cxHF0fGAuN 3gkrwhjabbGa6at1TH1NLm0m1l
mtsz5Cuyufb56zyXvh4cp584+Hg4BmzjNNtBa+D6P6VzLrjlzJ DGm83/Z5LZ2ZzLeOYGxC2P2A8s
bdTSWr7YlhtrUdeMxh7G3n+RLuGcuW+jSzjw7SntvYaxd5N9l+ P2Vf68WQEtndci7r1Itq9uPW/Z
ez3hQSWymm7eU7aEpP5n3Sb8JZxUW/vcUSy95LmjVn7FsVy5CqUeZOiOXOm1+Y/Ti4rTckex9LTc
USs/LeuU850rJTfs6+/jkVDGx/fxQ/EodHvluxR6/W7vNVwKcCkcsipcCnApwKUAl8IB68KlAJcC
XApwKcClAJcCXApwKcClAJfC9zB04FKAS+FeFy4FuBTgUoBLAS 4FuBTgUoBLAS4Fn4pwKcCl8H90
KfQrcCn0fmp34FKAS+GQVeFSgEvhybJKHqnZCnoDkv/cPMPmO167e9rtnZ62WiQzLPI7QitzRGwm
VpGX6SxP3ByuMvtq8yT3szoW0LoX0E6vd4oFFAvoIatiAcUC+s 0LaP97XjhhJTxgSx+shLASFpqH
YSWElRBWQlgJYSV8KtDh+aFgJYSVEEMHVkJYCWElhJWwYG2m3W v1u/1u77SEGg1si7AtwrYI2yJs
iwfiI4RtsdiHVamI3RaB8s/otX9EPyFXWrl7hsQynXDpBqDrjCPDbyQVpHO8373toBO0W8RY1 3NU
KMk2ncZI+PN0Mhx/uvz3IG43wXJV9gc3+Q+zebtz5fbKbt/stsxNnclmqtXCpvFff4O/L2q8/BNd
FcQjnqkAAA==


--=-wZhd+y5r37z3kNHUwh2w
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

-------------------------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=...057&dat=121642
--=-wZhd+y5r37z3kNHUwh2w
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

_______________________________________________
ProFTPD Users List
Unsubscribe problems?
http://www.proftpd.org/list-unsub.html
--=-wZhd+y5r37z3kNHUwh2w--