Author Topic: PASV - long execution time  (Read 255 times)

Offline macieii

  • New user
  • *
  • Posts: 1
    • View Profile
PASV - long execution time
« on: January 07, 2017, 09:37:45 am »
Hi All,
I have an annoying issue with uploading to an proftpd-based server. One of the tools I'm using uses the ftp to transfer files to the server. It's a kind of a custom FTP client. ftpdpro runs as a part of a Plesk installation, inetd mode.

In general it works, but at certain points the upload process stops for exactly 30 seconds. This break is repeated a number of times increasing to nearly 10 minutes otherwise short upload time. I'm struggling to find a root cause solution to this issue... It looks like it is the PASV command that is causing the issue ? (switching to acive mode didn't help, the client crashed). But is this really so ? Any ideas on what to check or change ?

Any help will be appreciated!
Thank you

The ftp.log (ExtendedLog) shows
xxxx UNKNOWN ftp_analizy [07/Jan/2017:07:15:53 +0100] "SITE chmod 755 /abcdefghijklmnopqrstuvwxyz" 550 -
xxxx UNKNOWN ftp_analizy [07/Jan/2017:07:15:53 +0100] "PASV" 227 -
xxxx UNKNOWN ftp_analizy [07/Jan/2017:07:16:24 +0100] "LIST /Ag001_tesity" 226 340

SystemLog shows
2017-01-07 07:15:54,019 xxxx proftpd[6841] ([]): dispatching CMD command 'LIST /Ag001_tesity' to mod_ls
2017-01-07 07:15:54,019 xxxx proftpd[6841] ([]): passive data connection opened - local  : <ip>:58298
2017-01-07 07:15:54,019 xxxx proftpd[6841] ([]): passive data connection opened - remote :
2017-01-07 07:16:24,050 xxxx proftpd[6841] ([]): dispatching POST_CMD command 'LIST /Ag001_tesity' to mod_ratio
2017-01-07 07:16:24,050 xxxx proftpd[6841] ([]): dispatching LOG_CMD command 'LIST /Ag001_tesity' to mod_log
2017-01-07 07:16:24,050 xxxx proftpd[6841] ([]): dispatching LOG_CMD command 'LIST /Ag001_tesity' to mod_ls

Proftpd -vv
ProFTPD Version: 1.3.5b (maint)
  Scoreboard Version: 01040003
  Built: Wed Apr 27 2016 18:35:42 NOVT

Loaded modules:


ServerName                      "ProFTPD"
#ServerType                     standalone
ServerType                      inetd
DefaultServer                   on

DefaultRoot     ~               psacln
AllowOverwrite          on
<IfModule mod_tls.c>
        TLSEngine on
        TLSRequired off

        TLSLog /var/log/plesk/ftp_tls.log

        TLSRSACertificateFile /opt/psa/admin/conf/httpsd.pem
        TLSRSACertificateKeyFile /opt/psa/admin/conf/httpsd.pem
        TLSVerifyClient off
        TLSRenegotiate none


DefaultTransferMode     binary
UseFtpUsers                     on

TimesGMT                        off
SetEnv TZ :/etc/localtime
Port                            21
Umask                           022
MaxInstances                    30
ExtendedLog /var/log/ftp.log ALL
SystemLog /var/log/ftps.log ALL
ListOptions "" strict
UseGlobbing on

#Plesk-generated part
ScoreboardFile /var/run/proftpd.scoreboard
TransferLog /var/log/plesk/xferlog

<Directory /var/www/vhosts>
        GroupOwner      psacln

AuthPAM on
AuthPAMConfig proftpd

IdentLookups off
UseReverseDNS off

AuthGroupFile   /etc/group

Include /etc/proftpd.d/*.conf

Any support will be greatly appreciated!
Thank you

Offline castaglia

  • Administrator
  • Support Hero
  • *****
  • Posts: 5373
    • View Profile
Re: PASV - long execution time
« Reply #1 on: January 09, 2017, 05:41:58 pm »
Is there a NAT/firewall/router between your FTP client and the FTP server?  If so, you may need to explicitly configure a range of ports, in the NAT/firewall/router, for use for passive transfers -- and a PassivePorts directive to tell ProFTPD to use that same range of ports:

Timeouts like the one you're describing often happen because the FTP client times out trying to connect to the address/port specified by the FTP server in its PASV response -- and that address/port is often unavailable because some NAT/firewall/router blocks the connection to that random/high-numbered port.


sighted planning