Pure-ftpd: first connection works, second connection fails

This document (7011289) is provided subject to the disclaimer at the end of this document.

Environment

SUSE Linux Enterprise Server 11 Service Pack 2

Situation

After launching pure-ftpd, the first FTP client session will work.  The second (and thereafter) will be closed with a message such as:
 
421  Service not available, remote server has closed connection.
 
If pure-ftpd is restarted, the pattern will repeat.

Resolution

Edit /etc/pure-ftpd/pure-ftpd.conf and examine the "PassivePortRange" setting.  It should appear as:
 
PassivePortRange  minport:maxport
 
Where "minport" is the beginning of the passive port range, and "maxport" is the end.  If these 2 numbers are the same, pure-ftpd will malfunction.  The size of the range [(max minus min) plus 1] should be twice the size of the number of FTP clients that are to be supported.  For example, a range of 30001:30100 is 100 in size and will support 50 clients.

Cause

Administrators are often finding that this range of ports has been set to "1024:1024", thus causing this behavior.  That invalid setting comes from a malfunction in yast's FTP Server configuration tool (yast2-ftp-server).
 
To make sure yast doesn't misread this setting and replace it, it should have a colon between the numbers.  This is a yast issue, as pure-ftpd.conf (on SLES) accepts either a colon or a space for this particular setting.  Yast is not recognizing the space, and therefore replaces the entire line with a new one.  The new line, as "corrected" by yast, is (ironically) invalid, because it starts and ends at the same port number.
 
A fix to yast is available in the package yast2-ftp-server, version 2.17.9-0.5.2, which is availabe in SLES 11 SP2 online updates as of December 2012.  This will allow yast to recognize both the space and the colon (:), and the line will not be replaced.  Even so, if this configuration line has already been written incorrectly, it will need to be corrected manually.
 
NOTE:  The existance of the "yast2-ftp-server" module is relatively new, for SLES.  It has not been included for long.  In the experience and opinion of this TID author, this module still has potential issues and sometimes does undesirable things to the pure-ftpd.conf file; and continuing the previous method of editing the pure-ftpd.conf manually will lead to the most predictable results.

Additional Information

 

Disclaimer

This Support Knowledgebase provides a valuable tool for SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.

  • Document ID:7011289
  • Creation Date: 31-Oct-2012
  • Modified Date:03-Mar-2020
    • SUSE Linux Enterprise Server

< Back to Support Search

For questions or concerns with the SUSE Knowledgebase please contact: tidfeedback@suse.com

SUSE Support Forums

Get your questions answered by experienced Sys Ops or interact with other SUSE community experts.

Join Our Community

Support Resources

Learn how to get the most from the technical support you receive with your SUSE Subscription, Premium Support, Academic Program, or Partner Program.


SUSE Customer Support Quick Reference Guide SUSE Technical Support Handbook Update Advisories
Support FAQ

Open an Incident

Open an incident with SUSE Technical Support, manage your subscriptions, download patches, or manage user access.

Go to Customer Center