proftpd-mod_proxy icon indicating copy to clipboard operation
proftpd-mod_proxy copied to clipboard
verified publisher icon Castaglia

Data Upload Fails after around 200k

Open mikepultz opened this issue 7 years ago • 4 comments

Hello,

I've set up mod_proxy with ProFTPD 1.3.6, as a reverse proxy to another ProFTPD instance on another server.

Downloading files seems to be fine- and uploading directly to the other ProFTPD instance works fine- but when I upload a file via the proxy, I receive this error in the proxy log:

2018-07-23 04:43:44,703 mod_proxy/0.5[14754]: error writing 16384 bytes of data to destination data connection: Success
2018-07-23 04:43:44,703 mod_proxy/0.5[14754]: unable to proxy data between frontend/backend, closing data connections

From my FTP client (FileZilla) I see:

Status:	Starting upload of C:\Users\Mike\Desktop\ps.zip
Command:	CWD /
Response:	250 CWD command successful
Command:	PWD
Response:	257 "/" is the current directory
Command:	TYPE I
Response:	200 Type set to I
Command:	PASV
Response:	227 Entering Passive Mode (18,206,181,1,249,138).
Command:	STOR ps.zip
Response:	150 Opening BINARY mode data connection for ps.zip
Response:	226 Transfer complete
Error:	File transfer failed after transferring 196,608 bytes in 1 second

and then it retries several times.

Any thoughts would be appreciated!

Mike

mikepultz avatar Jul 23 '18 04:07 mikepultz

Here is my current configuration:

ServerName      "Test FTP Server"
ServerType      standalone
DefaultServer   on
DefaultAddress  192.168.100.110
Port            21

UseIPv6         off
Umask           022
MaxInstances    30
User            root
Group           root
DefaultRoot     ~
UseReverseDNS   off
ScoreboardFile  /var/run/proftpd.pid
SyslogLevel     debug
SyslogFacility  LOCAL4
TransferLog     /u/logs/ftp/transfer.log

LogFormat       default "%h %l %u %t \"%r\" %s %b"
LogFormat       auth    "%v [%P] %h %t \"%r\" %s"
LogFormat       write   "%h %l %u %t \"%r\" %s %b"

AllowStoreRestart   on
PassivePorts        60000 65535
AllowForeignAddress on
MasqueradeAddress   x.x.x.x # public IP

#
# Global settings
#
<Directory /*>
    AllowOverwrite yes
</Directory>

#
# TLS
#
TLSEngine on
TLSProtocol SSLv3 TLSv1
TLSRequired off
TLSVerifyClient off
TLSRenegotiate none
TLSCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP
TLSRSACertificateFile /etc/certs/domain.ca.pem
TLSRSACertificateKeyFile /etc/certs/domain.ca.key

#
# Proxy
#
ProxyEngine on
ProxyLog /u/logs/ftp/proxy.log
ProxyTables /tmp/proxy.table

ProxyRole reverse
ProxyReverseConnectPolicy RoundRobin
#ProxyReverseServers ftp://76.9.192.78:21 ftp://76.9.192.79:21
ProxyReverseServers ftp://76.9.192.78:21                     
ProxyTLSVerifyServer off

mikepultz avatar Jul 23 '18 15:07 mikepultz

I wonder if this is related to https://github.com/proftpd/proftpd/issues/959. Is your FTPS client using TLSv1.3, perhaps? Hmm...or maybe it's not related to FTPS as well. I'll have to see if I can reproduce this locally.

Castaglia avatar Apr 05 '20 17:04 Castaglia

Hmm. I'm not able to reproduce this locally. @mikepultz is still an issue for you, using the latest mod_proxy code?

Castaglia avatar May 30 '20 16:05 Castaglia

If there's nothing more to add to this ticket, I'd like to close it.

Castaglia avatar Aug 12 '23 23:08 Castaglia