ProFTPD Server Software

Thomas Böhne schrieb:
> I had proftpd running properly in FTPES mode, requireing TLS/SSL on both 
> the data and the control channel. I cannot remember making any changes 
> to the config, but now all connections terminate, see client log below 
> (IP addresses, user names and hostnames changed):
> 
> Status:	Auflösen der IP-Adresse für replaced.dyndns.org
> Status:	Verbinde mit 62.143.179.70:46021...
> Status:	Verbindung hergestellt, warte auf Willkommensnachricht...
> Antwort:	220 ToBoX FTP Server
> Befehl:	AUTH TLS
> Antwort:	234 AUTH TLS successful
> Status:	Initialisiere TLS...
> Status:	Überprüfe Zertifikat...
> Befehl:	USER andrea
> Status:	TLS/SSL-Verbindung hergestellt.
> Antwort:	331 Password required for XXXXXXX
> Befehl:	PASS *****
> Antwort:	230 Anonymous access granted, restrictions apply
> Befehl:	OPTS UTF8 ON
> Antwort:	200 UTF8 set to on
> Befehl:	PBSZ 0
> Antwort:	200 PBSZ 0 successful
> Befehl:	PROT P
> Antwort:	200 Protection set to Private
> Status:	Verbunden
> Status:	Empfange Verzeichnisinhalt...
> Befehl:	PWD
> Antwort:	257 "/" is the current directory
> Befehl:	TYPE I
> Antwort:	200 Type set to I
> Befehl:	PASV
> Antwort:	227 Entering Passive Mode (62,143,179,7,116,35).
> Befehl:	MLSD
> Antwort:	150 Opening ASCII mode data connection for MLSD
> Fehler:	Verbindung vom Server geschlossen
> Fehler:	Verzeichnisinhalt konnte nicht empfangen werden
> 
> Sorry for the german messages, but I guess the important things are 
> english. The last lines translate to "connection closed by server, could 
> not read directory contents".
> 
> These are the last lines of the debug level 10 output; I can provide the 
> full log if necessary.
> 
> qnap.toboxnet (::ffff:192.168.242.1[::ffff:192.168.242.1]) - dispatching CMD command 'PASV' to mod_core
> qnap.toboxnet (::ffff:192.168.242.1[::ffff:192.168.242.1]) - Entering Passive Mode (62,143,179,70,114,207).
> qnap.toboxnet (::ffff:192.168.242.1[::ffff:192.168.242.1]) - dispatching LOG_CMD command 'PASV' to mod_log
> qnap.toboxnet (::ffff:192.168.242.1[::ffff:192.168.242.1]) - dispatching PRE_CMD command 'MLSD' to mod_rewrite
> qnap.toboxnet (::ffff:192.168.242.1[::ffff:192.168.242.1]) - dispatching PRE_CMD command 'MLSD' to mod_tls
> qnap.toboxnet (::ffff:192.168.242.1[::ffff:192.168.242.1]) - dispatching PRE_CMD command 'MLSD' to mod_core
> qnap.toboxnet (::ffff:192.168.242.1[::ffff:192.168.242.1]) - dispatching PRE_CMD command 'MLSD' to mod_core
> qnap.toboxnet (::ffff:192.168.242.1[::ffff:192.168.242.1]) - dispatching CMD command 'MLSD' to mod_facts
> qnap.toboxnet (::ffff:192.168.242.1[::ffff:192.168.242.1]) - UseReverseDNS off, returning IP address instead of DNS name
> qnap.toboxnet (::ffff:192.168.242.1[::ffff:192.168.242.1]) - passive data connection opened - local  : ::ffff:192.168.242.215:29391
> qnap.toboxnet (::ffff:192.168.242.1[::ffff:192.168.242.1]) - passive data connection opened - remote : ::ffff:192.168.242.1:49755
> qnap.toboxnet (::ffff:192.168.242.1[::ffff:192.168.242.1]) - mod_tls/2.2.2: client-initiated session renegotiation detected, aborting connection
> qnap.toboxnet (::ffff:192.168.242.1[::ffff:192.168.242.1]) - mod_tls/2.2.2: scrubbing 1 passphrase from memory
> qnap.toboxnet (::ffff:192.168.242.1[::ffff:192.168.242.1]) - FTP session closed.
> qnap.toboxnet - ProFTPD terminating (signal 2)
> qnap.toboxnet - ROOT PRIVS at main.c:1988
> qnap.toboxnet - ROOT PRIVS at mod_delay.c:1145
> qnap.toboxnet - RELINQUISH PRIVS at mod_delay.c:1147
> qnap.toboxnet - mod_tls/2.2.2: scrubbing 1 passphrase from memory
> qnap.toboxnet - mod_ban/0.5.3: error detaching shm: Invalid argument
> qnap.toboxnet - ROOT PRIVS at mod_ban.c:1707
> qnap.toboxnet - RELINQUISH PRIVS at mod_ban.c:1709
> qnap.toboxnet - mod_ban/0.5.3: error removing shmid -1: No such file or directory
> qnap.toboxnet - RELINQUISH PRIVS at main.c:2010
> qnap.toboxnet - ProFTPD 1.3.2b standalone mode SHUTDOWN
> qnap.toboxnet - ROOT PRIVS at main.c:2017
> qnap.toboxnet - deleting existing scoreboard '/var/run/proftpd/proftpd.scoreboard'
> qnap.toboxnet - RELINQUISH PRIVS at main.c:2019
> 
> Any Ideas? The Client was FileZilla, but the problem occurred with curlftp as well.
> 
> Regards,
> Thomas
> 
> 
> 
> ------------------------------------------------------------------------------
> Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day 
> trial. Simplify your report design, integration and deployment - and focus on 
> what you do best, core application coding. Discover what's new with
> Crystal Reports now.  http://p.sf.net/sfu/bobj-july
> _______________________________________________
> ProFTPD Users List   <proftpd-users@...>
> Unsubscribe problems?
> http://www.proftpd.org/list-unsub.html

may no thelp your question, but for info
we had problems with ftpes by our old checkpoint firewall
so we use sftp now

-- 
Best Regards

MfG Robert Schetterer

Germany/Munich/Bavaria

> qnap.toboxnet - deleting existing scoreboard
> '/var/run/proftpd/proftpd.scoreboard'
> qnap.toboxnet - RELINQUISH PRIVS at main.c:2019
>
> Any Ideas? The Client was FileZilla, but the problem occurred with curlftp
> as well.
>
> Regards,
> Thomas
>
>
>

Hi!,

I would advise you to disable all other modules when trying to debug a
problem with concretely one module... (sometimes mod_delay caused some
issues... although I'm not saying is the problem here)... Some time ago
too there were some version of filezilla whose behavior wan't the
described in RFC.Try it with filezilla 3.2.0 and disable requiring tls
over data channels too and try it...

After doing this checks comment us  the result and paste the config of the
ssl module please too.

Bye!

On Monday 30 November 2009, Robert Schetterer wrote:
> Thomas Böhne schrieb:
> > I had proftpd running properly in FTPES mode, requireing TLS/SSL on both
> > the data and the control channel. I cannot remember making any changes
> > to the config, but now all connections terminate, see client log below
> > (IP addresses, user names and hostnames changed):
> may no thelp your question, but for info
> we had problems with ftpes by our old checkpoint firewall
> so we use sftp now

The problem is not the firewall. It seems to be a debian specific problem 
introduced in the update from 1.3.2b-1 to 1.3.2b-2 (I assume that 1.3.2b is 
the proftpd version, and the -1 and -2 are debian patches). 

I have now reported the bug here:

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=558597

If this is not a debian specific problem, I will post to this mailing list 
again.

Regards,
Thomas

Thomas Böhne schrieb:
> On Monday 30 November 2009, Robert Schetterer wrote:
>> Thomas Böhne schrieb:
>>> I had proftpd running properly in FTPES mode, requireing TLS/SSL on both
>>> the data and the control channel. I cannot remember making any changes
>>> to the config, but now all connections terminate, see client log below
>>> (IP addresses, user names and hostnames changed):
>> may no thelp your question, but for info
>> we had problems with ftpes by our old checkpoint firewall
>> so we use sftp now
> 
> The problem is not the firewall.

for sure "our" problem is a firewall problem, cause problem apears
with ftpes vstfpd too and many tested ftp clients
it only works with override many security for the ftp clients host ip in
the firewall here,
i think it would be fixable by update the checkpoint
but option is used so rare that switching to sftp is enough solve vor us
this might not say that there are no additional bugs in debian or whatever

 It seems to be a debian specific problem
> introduced in the update from 1.3.2b-1 to 1.3.2b-2 (I assume that 1.3.2b is 
> the proftpd version, and the -1 and -2 are debian patches). 
> 
> I have now reported the bug here:
> 
> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=558597
> 
> If this is not a debian specific problem, I will post to this mailing list 
> again.
> 
> Regards,
> Thomas
> 
> ------------------------------------------------------------------------------
> Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day 
> trial. Simplify your report design, integration and deployment - and focus on 
> what you do best, core application coding. Discover what's new with
> Crystal Reports now.  http://p.sf.net/sfu/bobj-july
> _______________________________________________
> ProFTPD Users List   <proftpd-users@...>
> Unsubscribe problems?
> http://www.proftpd.org/list-unsub.html


-- 
Best Regards

MfG Robert Schetterer

Germany/Munich/Bavaria

>The problem is not the firewall. It seems to be a debian specific problem 
>introduced in the update from 1.3.2b-1 to 1.3.2b-2 (I assume that 1.3.2b is 
>the proftpd version, and the -1 and -2 are debian patches). 
>
>I have now reported the bug here:
>
>http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=558597
>
>If this is not a debian specific problem, I will post to this mailing list 
>again.

This bug is actually fallout from the fix for this:

  http://bugs.proftpd.org/show_bug.cgi?id=3324

which was, I think, backported in some of the Debian packages.  However, that 
fix was incomplete, and caused issues for data transfers (which you are 
encountering).  This data transfer issue has been fixed in CVS, but perhaps not 
yet picked up by the Debian packages.

Cheers,
TJ

hi !

i noticed in your log:

Befehl: USER andrea
Status: TLS/SSL-Verbindung hergestellt.
Antwort:        331 Password required for XXXXXXX
Befehl: PASS *****
Antwort:        230 Anonymous access granted, restrictions apply

so user "andrea" gets " Anonymous access granted ?

i play'd around with ubuntu and proftpd-packages and source ... i remember
some thing about that:

sometimes its necessary to remove the anonymous-section completely from the
config file... cannot recall in which versions but maybee it has to do
something which what tj said.

greetings

chris





2009/11/30 TJ Saunders <tj@...>

>
> >The problem is not the firewall. It seems to be a debian specific problem
> >introduced in the update from 1.3.2b-1 to 1.3.2b-2 (I assume that 1.3.2b
> is
> >the proftpd version, and the -1 and -2 are debian patches).
> >
> >I have now reported the bug here:
> >
> >http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=558597
> >
> >If this is not a debian specific problem, I will post to this mailing list
> >again.
>
> This bug is actually fallout from the fix for this:
>
>  http://bugs.proftpd.org/show_bug.cgi?id=3324
>
> which was, I think, backported in some of the Debian packages.  However,
> that
> fix was incomplete, and caused issues for data transfers (which you are
> encountering).  This data transfer issue has been fixed in CVS, but perhaps
> not
> yet picked up by the Debian packages.
>
> Cheers,
> TJ
>
>
> ------------------------------------------------------------------------------
> Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day
> trial. Simplify your report design, integration and deployment - and focus
> on
> what you do best, core application coding. Discover what's new with
> Crystal Reports now.  http://p.sf.net/sfu/bobj-july
> _______________________________________________
> ProFTPD Users List   <proftpd-users@...>
> Unsubscribe problems?
> http://www.proftpd.org/list-unsub.html
>



-- 
please don't send me word - documents (
http://www.gnu.org/philosophy/no-word-attachments.html)

On Tuesday 01 December 2009, Leutnant Steiner wrote:
> Befehl: USER andrea
> Status: TLS/SSL-Verbindung hergestellt.
> Antwort:        331 Password required for XXXXXXX
> Befehl: PASS *****
> Antwort:        230 Anonymous access granted, restrictions apply
>
> so user "andrea" gets " Anonymous access granted ?

Using <Anonymous> for virtual users is a hack, but worked properly for me. 
Actually, I did not create the initial configuration by myself but used 
gadmin-proftpd as a GUI frontend. Now I just add new <Anonymous> sections for 
virtual users by editing the config file. 

Regards
Thomas

aha ok... was just a guess.

but what's the benefit of using anonymous user instead of a system user for
virtual users?

btw: here is a setup helper included for proftpd with myql +tls ( put it in
a webroot and see )...at least how i like it ... mind to try:


http://sourceforge.net/apps/mediawiki/proftpd-web-adm/index.php?title=Install
    http://sourceforge.net/projects/proftpd-web-adm/develop
    if interested use the svn-version.


greetings

chris


2009/12/1 Thomas Böhne <tobox@...>

> On Tuesday 01 December 2009, Leutnant Steiner wrote:
> > Befehl: USER andrea
> > Status: TLS/SSL-Verbindung hergestellt.
> > Antwort:        331 Password required for XXXXXXX
> > Befehl: PASS *****
> > Antwort:        230 Anonymous access granted, restrictions apply
> >
> > so user "andrea" gets " Anonymous access granted ?
>
> Using <Anonymous> for virtual users is a hack, but worked properly for me.
> Actually, I did not create the initial configuration by myself but used
> gadmin-proftpd as a GUI frontend. Now I just add new <Anonymous> sections
> for
> virtual users by editing the config file.
>
> Regards
> Thomas
>
>
> ------------------------------------------------------------------------------
> Join us December 9, 2009 for the Red Hat Virtual Experience,
> a free event focused on virtualization and cloud computing.
> Attend in-depth sessions from your desk. Your couch. Anywhere.
> http://p.sf.net/sfu/redhat-sfdev2dev
> _______________________________________________
> ProFTPD Users List   <proftpd-users@...>
> Unsubscribe problems?
> http://www.proftpd.org/list-unsub.html
>



-- 
please don't send me word - documents (
http://www.gnu.org/philosophy/no-word-attachments.html)

On Tuesday 01 December 2009, Leutnant Steiner wrote:
> but what's the benefit of using anonymous user instead of a system user for
> virtual users?

I don't know; I just used the GUI to set up virtual users, and the GUI used 
the anonymous user hack.

> btw: here is a setup helper included for proftpd with myql +tls ( put it in
> a webroot and see )...at least how i like it ... mind to try:
>
> http://sourceforge.net/apps/mediawiki/proftpd-web-adm/index.php?title=Insta
>ll http://sourceforge.net/projects/proftpd-web-adm/develop
>     if interested use the svn-version.

I just rewrote my config to use virtual users using <Directory> sections 
instead of <Anonymous>, and that works as expected with 1.3.2b-1; with 
1.3.2b-2, the old error occurs again. 

Regards
Thomas

ok, all i can say then is: in 1.3.3rc3 (CVS) , tls mysql works.

just to make sure we are talking about virutal users and not virtual servers
?

so it's mysql backend ?
can you post a config-example of what you are doing with the directory
directive and virtual users? and directives about the backend ...
in my setup i don't need directory directives for making that work ..
little confused now .... or do i miss something ?

greetings





2009/12/1 Thomas Böhne <tobox@...>

> On Tuesday 01 December 2009, Leutnant Steiner wrote:
> > but what's the benefit of using anonymous user instead of a system user
> for
> > virtual users?
>
> I don't know; I just used the GUI to set up virtual users, and the GUI used
> the anonymous user hack.
>
> > btw: here is a setup helper included for proftpd with myql +tls ( put it
> in
> > a webroot and see )...at least how i like it ... mind to try:
> >
> >
> http://sourceforge.net/apps/mediawiki/proftpd-web-adm/index.php?title=Insta
> >ll http://sourceforge.net/projects/proftpd-web-adm/develop
> >     if interested use the svn-version.
>
> I just rewrote my config to use virtual users using <Directory> sections
> instead of <Anonymous>, and that works as expected with 1.3.2b-1; with
> 1.3.2b-2, the old error occurs again.
>
> Regards
> Thomas
>
>
> ------------------------------------------------------------------------------
> Join us December 9, 2009 for the Red Hat Virtual Experience,
> a free event focused on virtualization and cloud computing.
> Attend in-depth sessions from your desk. Your couch. Anywhere.
> http://p.sf.net/sfu/redhat-sfdev2dev
> _______________________________________________
> ProFTPD Users List   <proftpd-users@...>
> Unsubscribe problems?
> http://www.proftpd.org/list-unsub.html
>



-- 
please don't send me word - documents (
http://www.gnu.org/philosophy/no-word-attachments.html)

On Tuesday 01 December 2009, Leutnant Steiner wrote:
> ok, all i can say then is: in 1.3.3rc3 (CVS) , tls mysql works.
>
> just to make sure we are talking about virutal users and not virtual
> servers ?

Virtual users.

> so it's mysql backend ?

No, just a list of users in AuthUserFile.

> can you post a config-example of what you are doing with the directory
> directive and virtual users? and directives about the backend ...
> in my setup i don't need directory directives for making that work ..
> little confused now .... or do i miss something ?

This is my complete config (usernames, passwords and groups are 
in separate files in /etc/gadmin-proftpd/users/ ):

ModulePath /usr/lib/proftpd
LoadModule mod_ctrls_admin.c
LoadModule mod_tls.c
LoadModule mod_radius.c
LoadModule mod_quotatab.c
LoadModule mod_quotatab_file.c
LoadModule mod_quotatab_radius.c
LoadModule mod_wrap.c
LoadModule mod_rewrite.c
LoadModule mod_load.c
LoadModule mod_ban.c
LoadModule mod_wrap2.c
LoadModule mod_wrap2_file.c
LoadModule mod_dynmasq.c
LoadModule mod_ifsession.c
ServerType standalone
DefaultServer on
Umask 022
ServerName "replaced.dyndns.org"
ServerIdent on "My FTP Server"
ServerAdmin replaced@...
IdentLookups off
UseReverseDNS off
Port 21
PassivePorts 29000 30000
MasqueradeAddress replaced.dyndns.org
TimesGMT off
MaxInstances 30
#MaxTransfersPerUser 10 10
MaxLoginAttempts 3
TimeoutLogin 300
TimeoutNoTransfer 600
TimeoutIdle 600
DisplayLogin welcome.msg
DisplayChdir .message
User nobody
Group nobody
DirFakeUser on nobody
DirFakeGroup on share
DefaultTransferMode binary
AllowForeignAddress off
AllowRetrieveRestart on
AllowStoreRestart on
DeleteAbortedStores off
TransferRate RETR 100
TransferRate STOR 100
TransferRate STOU 100
TransferRate APPE 100
SystemLog /var/log/secure
RequireValidShell off
<IfModule mod_auth_pam.c>
AuthPAM off
</IfModule>
AuthUserFile /etc/gadmin-proftpd/users/proftpd.passwd
AuthGroupFile /etc/gadmin-proftpd/users/proftpd.group
<IfModule mod_tls.c>
TLSEngine on
TLSRequired auth+data
TLSVerifyClient off
TLSProtocol SSLv23
TLSLog /var/log/proftpd_tls.log
TLSRSACertificateFile /etc/gadmin-proftpd/certs/cert.pem
TLSRSACertificateKeyFile /etc/gadmin-proftpd/certs/key.pem
TLSCACertificateFile /etc/gadmin-proftpd/certs/cacert.pem
TLSRenegotiate required off
</IfModule>
<IfModule mod_ratio.c>
Ratios off
SaveRatios off
RatioFile "/restricted/proftpd_ratios"
RatioTempFile "/restricted/proftpd_ratios_temp"
CwdRatioMsg "Please upload first!"
FileRatioErrMsg "FileRatio limit exceeded, upload something first..."
ByteRatioErrMsg "ByteRatio limit exceeded, upload something first..."
LeechRatioMsg "Your ratio is unlimited."
</IfModule>

<Directory /home/share>
<Limit LOGIN>
  AllowUser replaceduser1
  AllowUser replaceduser2
  AllowUser replaceduser3
  DenyALL
</Limit>
<Limit LIST NLST  RETR  PWD XPWD  SIZE  STAT  CWD XCWD  CDUP XCUP >
 AllowAll
</Limit>
<Limit STOR STOU  APPE  RNFR RNTO  DELE  MKD XMKD SITE_MKDIR  RMD XRMD SITE_RMDIR  SITE  SITE_CHMOD  SITE_CHGRP  MTDM >
 DenyAll
</Limit>
</Directory>




Regards
Thomas

hmm ok, ... but the problem is/was about loggin-in ?

hmm, ic , hmmm ...should work.  think you've already done but:

-- check premisson of homedir  ( homedir , gid , uid from authuserfile.)


or try to use a different approach .. seems this authuserfile mechanism is
quite improoved... but has its downsides when not using gproftpd as
configuration utilitie you end up specifiing each <Directory>...

so in a simple virtualuser approach one could set the same home.directory
for user 1,2,3.... or use different uid/gid and then use fs premissions ....

...blahh .. .stop:  i must confess ... in the end i cannot help you any
further ... at least with this problem. building the latest source from cvs
would be the most effective solution i think.

greetings




2009/12/1 Thomas Böhne <tobox@...>

> On Tuesday 01 December 2009, Leutnant Steiner wrote:
> > ok, all i can say then is: in 1.3.3rc3 (CVS) , tls mysql works.
> >
> > just to make sure we are talking about virutal users and not virtual
> > servers ?
>
> Virtual users.
>
> > so it's mysql backend ?
>
> No, just a list of users in AuthUserFile.
>
> > can you post a config-example of what you are doing with the directory
> > directive and virtual users? and directives about the backend ...
> > in my setup i don't need directory directives for making that work ..
> > little confused now .... or do i miss something ?
>
> This is my complete config (usernames, passwords and groups are
> in separate files in /etc/gadmin-proftpd/users/ ):
>
> ModulePath /usr/lib/proftpd
> LoadModule mod_ctrls_admin.c
> LoadModule mod_tls.c
> LoadModule mod_radius.c
> LoadModule mod_quotatab.c
> LoadModule mod_quotatab_file.c
> LoadModule mod_quotatab_radius.c
> LoadModule mod_wrap.c
> LoadModule mod_rewrite.c
> LoadModule mod_load.c
> LoadModule mod_ban.c
> LoadModule mod_wrap2.c
> LoadModule mod_wrap2_file.c
> LoadModule mod_dynmasq.c
> LoadModule mod_ifsession.c
> ServerType standalone
> DefaultServer on
> Umask 022
> ServerName "replaced.dyndns.org"
> ServerIdent on "My FTP Server"
> ServerAdmin replaced@...
> IdentLookups off
> UseReverseDNS off
> Port 21
> PassivePorts 29000 30000
> MasqueradeAddress replaced.dyndns.org
> TimesGMT off
> MaxInstances 30
> #MaxTransfersPerUser 10 10
> MaxLoginAttempts 3
> TimeoutLogin 300
> TimeoutNoTransfer 600
> TimeoutIdle 600
> DisplayLogin welcome.msg
> DisplayChdir .message
> User nobody
> Group nobody
> DirFakeUser on nobody
> DirFakeGroup on share
> DefaultTransferMode binary
> AllowForeignAddress off
> AllowRetrieveRestart on
> AllowStoreRestart on
> DeleteAbortedStores off
> TransferRate RETR 100
> TransferRate STOR 100
> TransferRate STOU 100
> TransferRate APPE 100
> SystemLog /var/log/secure
> RequireValidShell off
> <IfModule mod_auth_pam.c>
> AuthPAM off
> </IfModule>
> AuthUserFile /etc/gadmin-proftpd/users/proftpd.passwd
> AuthGroupFile /etc/gadmin-proftpd/users/proftpd.group
> <IfModule mod_tls.c>
> TLSEngine on
> TLSRequired auth+data
> TLSVerifyClient off
> TLSProtocol SSLv23
> TLSLog /var/log/proftpd_tls.log
> TLSRSACertificateFile /etc/gadmin-proftpd/certs/cert.pem
> TLSRSACertificateKeyFile /etc/gadmin-proftpd/certs/key.pem
> TLSCACertificateFile /etc/gadmin-proftpd/certs/cacert.pem
> TLSRenegotiate required off
> </IfModule>
> <IfModule mod_ratio.c>
> Ratios off
> SaveRatios off
> RatioFile "/restricted/proftpd_ratios"
> RatioTempFile "/restricted/proftpd_ratios_temp"
> CwdRatioMsg "Please upload first!"
> FileRatioErrMsg "FileRatio limit exceeded, upload something first..."
> ByteRatioErrMsg "ByteRatio limit exceeded, upload something first..."
> LeechRatioMsg "Your ratio is unlimited."
> </IfModule>
>
> <Directory /home/share>
> <Limit LOGIN>
>  AllowUser replaceduser1
>  AllowUser replaceduser2
>  AllowUser replaceduser3
>  DenyALL
> </Limit>
> <Limit LIST NLST  RETR  PWD XPWD  SIZE  STAT  CWD XCWD  CDUP XCUP >
>  AllowAll
> </Limit>
> <Limit STOR STOU  APPE  RNFR RNTO  DELE  MKD XMKD SITE_MKDIR  RMD XRMD
> SITE_RMDIR  SITE  SITE_CHMOD  SITE_CHGRP  MTDM >
>  DenyAll
> </Limit>
> </Directory>
>
>
>
>
> Regards
> Thomas
>
>
> ------------------------------------------------------------------------------
> Join us December 9, 2009 for the Red Hat Virtual Experience,
> a free event focused on virtualization and cloud computing.
> Attend in-depth sessions from your desk. Your couch. Anywhere.
> http://p.sf.net/sfu/redhat-sfdev2dev
> _______________________________________________
> ProFTPD Users List   <proftpd-users@...>
> Unsubscribe problems?
> http://www.proftpd.org/list-unsub.html
>



-- 
please don't send me word - documents (
http://www.gnu.org/philosophy/no-word-attachments.html)

On Tuesday 01 December 2009, Leutnant Steiner wrote:
> hmm ok, ... but the problem is/was about loggin-in ?

No, logging in worked, but after successful login the connection was closed.

Actually, I think TJ Saunders found the root of the problem (and a solution)

http://sourceforge.net/mailarchive/message.php?msg_name=20091130093311.BDL01663%40m1.imap-partners.net

I think this bug can be closed with the next release (of both the proftpd 
source and the corresponding debian package). Until then I will just stick 
with the old release.

Regards
Thomas