LINUX.ORG.RU
ФорумAdmin

Медленное подключение к vsftpd

 


0

1

Здравствуйте. Установил и настроил на CentOS7 vsftpd. Вот конфиг

# Запуск сервера в режиме службы
listen=YES

# Работа в фоновом режиме
background=YES

# Имя pam сервиса для vsftpd
pam_service_name=vsftpd

# Входящие соединения контроллируются через tcp_wrappers
tcp_wrappers=YES

# Запрещает подключение анонимных пользователей
anonymous_enable=NO

# Каталог, куда будут попадать анонимные пользователи, если они разрешены
#anon_root=/ftp

# Разрешает вход для локальных пользователей
local_enable=YES

# Разрешены команды на запись и изменение
write_enable=YES

# Указывает исходящим с сервера соединениям использовать 20-й порт
connect_from_port_20=YES

# Логирование всех действий на сервере
xferlog_enable=YES
#xferlog_std_format=YES
log_ftp_protocol=YES

# Путь к лог-файлу
xferlog_file=/var/log/vsftpd.log

# Включение специальных ftp команд, некоторые клиенты без этого могут зависать
async_abor_enable=YES

# Локальные пользователи по-умолчанию не могут выходить за пределы своего домашнего каталога
chroot_local_user=YES

# Разрешить список пользователей, которые могут выходить за пределы домашнего каталога
chroot_list_enable=YES

# Список пользователей, которым разрешен выход из домашнего каталога
chroot_list_file=/etc/vsftpd/chroot_list

# Разрешить запись в корень chroot каталога пользователя
allow_writeable_chroot=YES

# Контроль доступа к серверу через отдельный список пользователей
userlist_enable=YES

# Файл со списками разрешенных к подключению пользователей
userlist_file=/etc/vsftpd/user_list

# Пользователь будет отклонен, если его нет в user_list
userlist_deny=NO

# Директория с настройками пользователей
user_config_dir=/etc/vsftpd/users

# Показывать файлы, начинающиеся с точки
force_dot_files=YES

# Маска прав доступа к создаваемым файлам
local_umask=022

##############################################################################
#local_root=/var/ftp
allow_writeable_chroot=YES

# определяем порты для пассивного режима
pasv_enable=YES
pasv_min_port=21000
pasv_max_port=21100

# включаем TLS
rsa_cert_file=/etc/ssl/private/vsftpd.pem
rsa_private_key_file=/etc/ssl/private/vsftpd.pem
ssl_enable=YES
#implicit_ssl=YES
allow_anon_ssl=NO
require_ssl_reuse=NO
ssl_ciphers=HIGH
ssl_tlsv1=YES
ssl_sslv2=NO
ssl_sslv3=NO
#ssl_sslv2=YES
#ssl_sslv3=YES
force_local_data_ssl=YES
force_local_logins_ssl=YES

Настройки файервола

public (active)
  target: default
  icmp-block-inversion: no
  interfaces: eth0
  sources:
  services: dhcpv6-client ftp ssh
  ports: 21/tcp 20/tcp 21000-21100/tcp
  protocols:
  masquerade: no
  forward-ports:
  source-ports:
  icmp-blocks:
  rich rules:

Если подключаюсь к ftp обычным клиентом, то подключение и открытие файлов происходит быстро. А если пытаюсь это сделать в 1С 8.3.20.1613, то файлы открываются долго. До 1 минуты. Ниже лог

"CWD obmen"
"250 Directory successfully changed."
"EPSV"
"229 Entering Extended Passive Mode (|||21072|)."
"TYPE I"
"200 Switching to Binary mode."
"SIZE 0004.jpg"
"213 358207"
"RETR 0004.jpg"
"150 Opening BINARY mode data connection for 0004.jpg

(vsFTPd 3.0.2)"
"AUTH SSL"
Proceed with negotiation."
"user"
"331 Please specify the password."
"PASS <password>"

"230 Login successful."
"PBSZ 0"
"200 PBSZ set to 0."
"PROT P"
"200 PROT now Private."
"PWD"
"257 "/""
"FEAT"
"211-Features:"
" AUTH TLS\x0D\x0A"
" EPRT\x0D\x0A"
" EPSV\x0D\x0A"
" MDTM\x0D\x0A"
" PASV\x0D\x0A"
" PBSZ\x0D\x0A"
" PROT\x0D\x0A"
" REST STREAM\x0D\x0A"
" SIZE\x0D\x0A"
" TVFS\x0D\x0A"
" UTF8\x0D\x0A"
"211 End"
"OPTS UTF8 ON"
"200 Always in UTF8 mode."
"PASV"
"227 Entering Passive Mode (10,128,0,22,82,13)."

(vsFTPd 3.0.2)"
"AUTH SSL"
Proceed with negotiation."
"user"
"331 Please specify the password."
"PASS <password>"

"230 Login successful."
"PBSZ 0"
"200 PBSZ set to 0."
"PROT P"
"200 PROT now Private."
"PWD"
"257 "/""
"FEAT"
"211-Features:"
" AUTH TLS\x0D\x0A"
" EPRT\x0D\x0A"
" EPSV\x0D\x0A"
" MDTM\x0D\x0A"
" PASV\x0D\x0A"
" PBSZ\x0D\x0A"
" PROT\x0D\x0A"
" REST STREAM\x0D\x0A"
" SIZE\x0D\x0A"
" TVFS\x0D\x0A"
" UTF8\x0D\x0A"
"211 End"
"OPTS UTF8 ON"
"200 Always in UTF8 mode."
"EPSV"
"229 Entering Extended Passive Mode (|||21029|)."
"TYPE A"
"200 Switching to ASCII mode."
"LIST"
"150 Here comes the directory listing."
"226 Directory send OK."
"CWD /"
"250 Directory successfully changed."
"CWD obmen"
"250 Directory successfully changed."
"EPSV"
"229 Entering Extended Passive Mode (|||21086|)."
"TYPE I"
"200 Switching to Binary mode."
"SIZE 0004.jpg"
"213 358207"
"RETR 0004.jpg"
"150 Opening BINARY mode data connection for 0004.jpg
"/obmen/0004.jpg", 358207 bytes, 969.73Kbyte/sec
"226 Transfer complete."
"QUIT"
"221 Goodbye."

vsftpd

14.12.21 17:50:38

2021 год

Может закопаете уже извращение над старым протоколом?

anonymous ()

Ниже лог

Без timestamp нифига не ясно на каком этапе затык. Так как FTP - открытый протокол(а об использовании FTPS речи не шло), нужен выхлоп tcpdump с метками времени для всего процесса соединения.

Pinkbyte ★★★★★ ()
Ответ на: комментарий от sasha198407

А я все равно ставлю на DNS. И как там прогресс с tcpdump?

router ★★★★★ ()
Tue Dec 14 12:27:36 2021 [pid 20591] CONNECT: Client "ip"
Tue Dec 14 12:27:36 2021 [pid 20591] FTP response: Client "ip", "220 (vsFTPd 3.0.2)"
Tue Dec 14 12:27:36 2021 [pid 20591] FTP command: Client "ip", "AUTH SSL"
Tue Dec 14 12:27:36 2021 [pid 20591] FTP response: Client "ip", "234 Proceed with negotiation."
Tue Dec 14 12:27:36 2021 [pid 20591] FTP command: Client "ip", "USER user"
Tue Dec 14 12:27:36 2021 [pid 20591] [user] FTP response: Client "ip", "331 Please specify the password."
Tue Dec 14 12:27:36 2021 [pid 20591] [user] FTP command: Client "ip", "PASS <password>"
Tue Dec 14 12:27:36 2021 [pid 20590] [user] OK LOGIN: Client "ip"
Tue Dec 14 12:27:36 2021 [pid 20592] [user] FTP response: Client "ip", "230 Login successful."
Tue Dec 14 12:27:36 2021 [pid 20592] [user] FTP command: Client "ip", "PBSZ 0"
Tue Dec 14 12:27:36 2021 [pid 20592] [user] FTP response: Client "ip", "200 PBSZ set to 0."
Tue Dec 14 12:27:36 2021 [pid 20592] [user] FTP command: Client "ip", "PROT P"
Tue Dec 14 12:27:36 2021 [pid 20592] [user] FTP response: Client "ip", "200 PROT now Private."
Tue Dec 14 12:27:36 2021 [pid 20592] [user] FTP command: Client "ip", "PWD"
Tue Dec 14 12:27:36 2021 [pid 20592] [user] FTP response: Client "ip", "257 "/""
Tue Dec 14 12:27:36 2021 [pid 20592] [user] FTP command: Client "ip", "FEAT"
Tue Dec 14 12:27:36 2021 [pid 20592] [user] FTP response: Client "ip", "211-Features:"
Tue Dec 14 12:27:36 2021 [pid 20592] [user] FTP response: Client "ip", " AUTH TLS\x0D\x0A"
Tue Dec 14 12:27:36 2021 [pid 20592] [user] FTP response: Client "ip", " EPRT\x0D\x0A"
Tue Dec 14 12:27:36 2021 [pid 20592] [user] FTP response: Client "ip", " EPSV\x0D\x0A"
Tue Dec 14 12:27:36 2021 [pid 20592] [user] FTP response: Client "ip", " MDTM\x0D\x0A"
Tue Dec 14 12:27:36 2021 [pid 20592] [user] FTP response: Client "ip", " PASV\x0D\x0A"
Tue Dec 14 12:27:36 2021 [pid 20592] [user] FTP response: Client "ip", " PBSZ\x0D\x0A"
Tue Dec 14 12:27:36 2021 [pid 20592] [user] FTP response: Client "ip", " PROT\x0D\x0A"
Tue Dec 14 12:27:36 2021 [pid 20592] [user] FTP response: Client "ip", " REST STREAM\x0D\x0A"
Tue Dec 14 12:27:36 2021 [pid 20592] [user] FTP response: Client "ip", " SIZE\x0D\x0A"
Tue Dec 14 12:27:36 2021 [pid 20592] [user] FTP response: Client "ip", " TVFS\x0D\x0A"
Tue Dec 14 12:27:36 2021 [pid 20592] [user] FTP response: Client "ip", " UTF8\x0D\x0A"
Tue Dec 14 12:27:36 2021 [pid 20592] [user] FTP response: Client "ip", "211 End"
Tue Dec 14 12:27:36 2021 [pid 20592] [user] FTP command: Client "ip", "OPTS UTF8 ON"
Tue Dec 14 12:27:36 2021 [pid 20592] [user] FTP response: Client "ip", "200 Always in UTF8 mode."
Tue Dec 14 12:27:36 2021 [pid 20592] [user] FTP command: Client "ip", "PASV"
Tue Dec 14 12:27:36 2021 [pid 20592] [user] FTP response: Client "ip", "227 Entering Passive Mode (10,128,0,7,82,54)."
Tue Dec 14 12:27:57 2021 [pid 20596] CONNECT: Client "ip"
Tue Dec 14 12:27:57 2021 [pid 20596] FTP response: Client "ip", "220 (vsFTPd 3.0.2)"
Tue Dec 14 12:27:57 2021 [pid 20596] FTP command: Client "ip", "AUTH SSL"
Tue Dec 14 12:27:57 2021 [pid 20596] FTP response: Client "ip", "234 Proceed with negotiation."
Tue Dec 14 12:27:58 2021 [pid 20596] FTP command: Client "ip", "USER user"
Tue Dec 14 12:27:58 2021 [pid 20596] [user] FTP response: Client "ip", "331 Please specify the password."
Tue Dec 14 12:27:58 2021 [pid 20596] [user] FTP command: Client "ip", "PASS <password>"
Tue Dec 14 12:27:58 2021 [pid 20595] [user] OK LOGIN: Client "ip"
Tue Dec 14 12:27:58 2021 [pid 20597] [user] FTP response: Client "ip", "230 Login successful."
Tue Dec 14 12:27:58 2021 [pid 20597] [user] FTP command: Client "ip", "PBSZ 0"
Tue Dec 14 12:27:58 2021 [pid 20597] [user] FTP response: Client "ip", "200 PBSZ set to 0."
Tue Dec 14 12:27:58 2021 [pid 20597] [user] FTP command: Client "ip", "PROT P"
Tue Dec 14 12:27:58 2021 [pid 20597] [user] FTP response: Client "ip", "200 PROT now Private."
Tue Dec 14 12:27:58 2021 [pid 20597] [user] FTP command: Client "ip", "PWD"
Tue Dec 14 12:27:58 2021 [pid 20597] [user] FTP response: Client "ip", "257 "/""
Tue Dec 14 12:27:58 2021 [pid 20597] [user] FTP command: Client "ip", "FEAT"
Tue Dec 14 12:27:58 2021 [pid 20597] [user] FTP response: Client "ip", "211-Features:"
Tue Dec 14 12:27:58 2021 [pid 20597] [user] FTP response: Client "ip", " AUTH TLS\x0D\x0A"
Tue Dec 14 12:27:58 2021 [pid 20597] [user] FTP response: Client "ip", " EPRT\x0D\x0A"
Tue Dec 14 12:27:58 2021 [pid 20597] [user] FTP response: Client "ip", " EPSV\x0D\x0A"
Tue Dec 14 12:27:58 2021 [pid 20597] [user] FTP response: Client "ip", " MDTM\x0D\x0A"
Tue Dec 14 12:27:58 2021 [pid 20597] [user] FTP response: Client "ip", " PASV\x0D\x0A"
Tue Dec 14 12:27:58 2021 [pid 20597] [user] FTP response: Client "ip", " PBSZ\x0D\x0A"
Tue Dec 14 12:27:58 2021 [pid 20597] [user] FTP response: Client "ip", " PROT\x0D\x0A"
Tue Dec 14 12:27:58 2021 [pid 20597] [user] FTP response: Client "ip", " REST STREAM\x0D\x0A"
Tue Dec 14 12:27:58 2021 [pid 20597] [user] FTP response: Client "ip", " SIZE\x0D\x0A"
Tue Dec 14 12:27:58 2021 [pid 20597] [user] FTP response: Client "ip", " TVFS\x0D\x0A"
Tue Dec 14 12:27:58 2021 [pid 20597] [user] FTP response: Client "ip", " UTF8\x0D\x0A"
Tue Dec 14 12:27:58 2021 [pid 20597] [user] FTP response: Client "ip", "211 End"
Tue Dec 14 12:27:58 2021 [pid 20597] [user] FTP command: Client "ip", "OPTS UTF8 ON"
Tue Dec 14 12:27:58 2021 [pid 20597] [user] FTP response: Client "ip", "200 Always in UTF8 mode."
Tue Dec 14 12:27:58 2021 [pid 20597] [user] FTP command: Client "ip", "EPSV"
Tue Dec 14 12:27:58 2021 [pid 20597] [user] FTP response: Client "ip", "229 Entering Extended Passive Mode (|||21037|)."
Tue Dec 14 12:27:58 2021 [pid 20597] [user] FTP command: Client "ip", "TYPE A"
Tue Dec 14 12:27:58 2021 [pid 20597] [user] FTP response: Client "ip", "200 Switching to ASCII mode."
Tue Dec 14 12:27:58 2021 [pid 20597] [user] FTP command: Client "ip", "LIST"
Tue Dec 14 12:27:58 2021 [pid 20597] [user] FTP response: Client "ip", "150 Here comes the directory listing."
Tue Dec 14 12:27:58 2021 [pid 20597] [user] FTP response: Client "ip", "226 Directory send OK."
Tue Dec 14 12:27:58 2021 [pid 20597] [user] FTP command: Client "ip", "CWD /"
Tue Dec 14 12:27:58 2021 [pid 20597] [user] FTP response: Client "ip", "250 Directory successfully changed."
Tue Dec 14 12:27:58 2021 [pid 20597] [user] FTP command: Client "ip", "CWD dir/obmen/"
Tue Dec 14 12:27:58 2021 [pid 20597] [user] FTP response: Client "ip", "250 Directory successfully changed."
Tue Dec 14 12:27:58 2021 [pid 20597] [user] FTP command: Client "ip", "EPSV"
Tue Dec 14 12:27:58 2021 [pid 20597] [user] FTP response: Client "ip", "229 Entering Extended Passive Mode (|||21049|)."
Tue Dec 14 12:27:58 2021 [pid 20597] [user] FTP command: Client "ip", "TYPE I"
Tue Dec 14 12:27:58 2021 [pid 20597] [user] FTP response: Client "ip", "200 Switching to Binary mode."
Tue Dec 14 12:27:58 2021 [pid 20597] [user] FTP command: Client "ip", "SIZE 0005.jpg"
Tue Dec 14 12:27:58 2021 [pid 20597] [user] FTP response: Client "ip", "213 290033"
Tue Dec 14 12:27:58 2021 [pid 20597] [user] FTP command: Client "ip", "RETR 0005.jpg"
Tue Dec 14 12:27:58 2021 [pid 20597] [user] FTP response: Client "ip", "150 Opening BINARY mode data connection for 0005.jpg (290033 bytes)."

sasha198407 ()
Ответ на: комментарий от sasha198407
Tue Dec 14 12:28:28 2021 [pid 20599] CONNECT: Client "ip"
Tue Dec 14 12:28:28 2021 [pid 20599] FTP response: Client "ip", "220 (vsFTPd 3.0.2)"
Tue Dec 14 12:28:28 2021 [pid 20599] FTP command: Client "ip", "AUTH SSL"
Tue Dec 14 12:28:28 2021 [pid 20599] FTP response: Client "ip", "234 Proceed with negotiation."
Tue Dec 14 12:28:28 2021 [pid 20599] FTP command: Client "ip", "USER user"
Tue Dec 14 12:28:28 2021 [pid 20599] [user] FTP response: Client "ip", "331 Please specify the password."
Tue Dec 14 12:28:28 2021 [pid 20599] [user] FTP command: Client "ip", "PASS <password>"
Tue Dec 14 12:28:28 2021 [pid 20598] [user] OK LOGIN: Client "ip"
Tue Dec 14 12:28:28 2021 [pid 20600] [user] FTP response: Client "ip", "230 Login successful."
Tue Dec 14 12:28:28 2021 [pid 20600] [user] FTP command: Client "ip", "PBSZ 0"
Tue Dec 14 12:28:28 2021 [pid 20600] [user] FTP response: Client "ip", "200 PBSZ set to 0."
Tue Dec 14 12:28:28 2021 [pid 20600] [user] FTP command: Client "ip", "PROT P"
Tue Dec 14 12:28:28 2021 [pid 20600] [user] FTP response: Client "ip", "200 PROT now Private."
Tue Dec 14 12:28:28 2021 [pid 20600] [user] FTP command: Client "ip", "PWD"
Tue Dec 14 12:28:28 2021 [pid 20600] [user] FTP response: Client "ip", "257 "/""
Tue Dec 14 12:28:28 2021 [pid 20600] [user] FTP command: Client "ip", "FEAT"
Tue Dec 14 12:28:28 2021 [pid 20600] [user] FTP response: Client "ip", "211-Features:"
Tue Dec 14 12:28:28 2021 [pid 20600] [user] FTP response: Client "ip", " AUTH TLS\x0D\x0A"
Tue Dec 14 12:28:28 2021 [pid 20600] [user] FTP response: Client "ip", " EPRT\x0D\x0A"
Tue Dec 14 12:28:28 2021 [pid 20600] [user] FTP response: Client "ip", " EPSV\x0D\x0A"
Tue Dec 14 12:28:28 2021 [pid 20600] [user] FTP response: Client "ip", " MDTM\x0D\x0A"
Tue Dec 14 12:28:28 2021 [pid 20600] [user] FTP response: Client "ip", " PASV\x0D\x0A"
Tue Dec 14 12:28:28 2021 [pid 20600] [user] FTP response: Client "ip", " PBSZ\x0D\x0A"
Tue Dec 14 12:28:28 2021 [pid 20600] [user] FTP response: Client "ip", " PROT\x0D\x0A"
Tue Dec 14 12:28:28 2021 [pid 20600] [user] FTP response: Client "ip", " REST STREAM\x0D\x0A"
Tue Dec 14 12:28:28 2021 [pid 20600] [user] FTP response: Client "ip", " SIZE\x0D\x0A"
Tue Dec 14 12:28:28 2021 [pid 20600] [user] FTP response: Client "ip", " TVFS\x0D\x0A"
Tue Dec 14 12:28:28 2021 [pid 20600] [user] FTP response: Client "ip", " UTF8\x0D\x0A"
Tue Dec 14 12:28:28 2021 [pid 20600] [user] FTP response: Client "ip", "211 End"
Tue Dec 14 12:28:28 2021 [pid 20600] [user] FTP command: Client "ip", "OPTS UTF8 ON"
Tue Dec 14 12:28:28 2021 [pid 20600] [user] FTP response: Client "ip", "200 Always in UTF8 mode."
Tue Dec 14 12:28:28 2021 [pid 20600] [user] FTP command: Client "ip", "PASV"
Tue Dec 14 12:28:28 2021 [pid 20600] [user] FTP response: Client "ip", "227 Entering Passive Mode (10,128,0,7,82,54)."
Tue Dec 14 12:28:50 2021 [pid 20602] CONNECT: Client "ip"
Tue Dec 14 12:28:50 2021 [pid 20602] FTP response: Client "ip", "220 (vsFTPd 3.0.2)"
Tue Dec 14 12:28:50 2021 [pid 20602] FTP command: Client "ip", "AUTH SSL"
Tue Dec 14 12:28:50 2021 [pid 20602] FTP response: Client "ip", "234 Proceed with negotiation."
Tue Dec 14 12:28:50 2021 [pid 20602] FTP command: Client "ip", "USER user"
Tue Dec 14 12:28:50 2021 [pid 20602] [user] FTP response: Client "ip", "331 Please specify the password."
Tue Dec 14 12:28:50 2021 [pid 20602] [user] FTP command: Client "ip", "PASS <password>"
Tue Dec 14 12:28:50 2021 [pid 20601] [user] OK LOGIN: Client "ip"
Tue Dec 14 12:28:50 2021 [pid 20603] [user] FTP response: Client "ip", "230 Login successful."
Tue Dec 14 12:28:50 2021 [pid 20603] [user] FTP command: Client "ip", "PBSZ 0"
Tue Dec 14 12:28:50 2021 [pid 20603] [user] FTP response: Client "ip", "200 PBSZ set to 0."
Tue Dec 14 12:28:50 2021 [pid 20603] [user] FTP command: Client "ip", "PROT P"
Tue Dec 14 12:28:50 2021 [pid 20603] [user] FTP response: Client "ip", "200 PROT now Private."
Tue Dec 14 12:28:50 2021 [pid 20603] [user] FTP command: Client "ip", "PWD"
Tue Dec 14 12:28:50 2021 [pid 20603] [user] FTP response: Client "ip", "257 "/""
Tue Dec 14 12:28:50 2021 [pid 20603] [user] FTP command: Client "ip", "FEAT"
Tue Dec 14 12:28:50 2021 [pid 20603] [user] FTP response: Client "ip", "211-Features:"
Tue Dec 14 12:28:50 2021 [pid 20603] [user] FTP response: Client "ip", " AUTH TLS\x0D\x0A"
Tue Dec 14 12:28:50 2021 [pid 20603] [user] FTP response: Client "ip", " EPRT\x0D\x0A"
Tue Dec 14 12:28:50 2021 [pid 20603] [user] FTP response: Client "ip", " EPSV\x0D\x0A"
Tue Dec 14 12:28:50 2021 [pid 20603] [user] FTP response: Client "ip", " MDTM\x0D\x0A"
Tue Dec 14 12:28:50 2021 [pid 20603] [user] FTP response: Client "ip", " PASV\x0D\x0A"
Tue Dec 14 12:28:50 2021 [pid 20603] [user] FTP response: Client "ip", " PBSZ\x0D\x0A"
Tue Dec 14 12:28:50 2021 [pid 20603] [user] FTP response: Client "ip", " PROT\x0D\x0A"
Tue Dec 14 12:28:50 2021 [pid 20603] [user] FTP response: Client "ip", " REST STREAM\x0D\x0A"
Tue Dec 14 12:28:50 2021 [pid 20603] [user] FTP response: Client "ip", " SIZE\x0D\x0A"
Tue Dec 14 12:28:50 2021 [pid 20603] [user] FTP response: Client "ip", " TVFS\x0D\x0A"
Tue Dec 14 12:28:50 2021 [pid 20603] [user] FTP response: Client "ip", " UTF8\x0D\x0A"
Tue Dec 14 12:28:50 2021 [pid 20603] [user] FTP response: Client "ip", "211 End"
Tue Dec 14 12:28:50 2021 [pid 20603] [user] FTP command: Client "ip", "OPTS UTF8 ON"
Tue Dec 14 12:28:50 2021 [pid 20603] [user] FTP response: Client "ip", "200 Always in UTF8 mode."
Tue Dec 14 12:28:50 2021 [pid 20603] [user] FTP command: Client "ip", "EPSV"
Tue Dec 14 12:28:50 2021 [pid 20603] [user] FTP response: Client "ip", "229 Entering Extended Passive Mode (|||21069|)."
Tue Dec 14 12:28:50 2021 [pid 20603] [user] FTP command: Client "ip", "TYPE A"
Tue Dec 14 12:28:50 2021 [pid 20603] [user] FTP response: Client "ip", "200 Switching to ASCII mode."
Tue Dec 14 12:28:50 2021 [pid 20603] [user] FTP command: Client "ip", "LIST"
Tue Dec 14 12:28:50 2021 [pid 20603] [user] FTP response: Client "ip", "150 Here comes the directory listing."
Tue Dec 14 12:28:50 2021 [pid 20603] [user] FTP response: Client "ip", "226 Directory send OK."
Tue Dec 14 12:28:50 2021 [pid 20603] [user] FTP command: Client "ip", "CWD /"
Tue Dec 14 12:28:50 2021 [pid 20603] [user] FTP response: Client "ip", "250 Directory successfully changed."
Tue Dec 14 12:28:50 2021 [pid 20603] [user] FTP command: Client "ip", "CWD dir/obmen"
Tue Dec 14 12:28:50 2021 [pid 20603] [user] FTP response: Client "ip", "250 Directory successfully changed."
Tue Dec 14 12:28:50 2021 [pid 20603] [user] FTP command: Client "ip", "EPSV"
Tue Dec 14 12:28:50 2021 [pid 20603] [user] FTP response: Client "ip", "229 Entering Extended Passive Mode (|||21058|)."
Tue Dec 14 12:28:50 2021 [pid 20603] [user] FTP command: Client "ip", "TYPE I"
Tue Dec 14 12:28:50 2021 [pid 20603] [user] FTP response: Client "ip", "200 Switching to Binary mode."
Tue Dec 14 12:28:50 2021 [pid 20603] [user] FTP command: Client "ip", "SIZE 0005.jpg"
Tue Dec 14 12:28:50 2021 [pid 20603] [user] FTP response: Client "ip", "213 290033"
Tue Dec 14 12:28:50 2021 [pid 20603] [user] FTP command: Client "ip", "RETR 0005.jpg"
Tue Dec 14 12:28:50 2021 [pid 20603] [user] FTP response: Client "ip", "150 Opening BINARY mode data connection for 0005.jpg (290033 bytes)."
Tue Dec 14 12:28:51 2021 [pid 20603] [user] OK DOWNLOAD: Client "ip", "dir/obmen/0005.jpg", 290033 bytes, 281.55Kbyte/sec
Tue Dec 14 12:28:51 2021 [pid 20603] [user] FTP response: Client "ip", "226 Transfer complete."
Tue Dec 14 12:28:53 2021 [pid 20603] [user] FTP command: Client "ip", "QUIT"
Tue Dec 14 12:28:53 2021 [pid 20603] [user] FTP response: Client "ip", "221 Goodbye."

Разбил лог на 2-е части, т.к. не влез в одно сообщение

sasha198407 ()
Ответ на: комментарий от sasha198407

Нужно сравнивать с логами tcpdump на стороне клиента, выглядит так, будто на клиенте задержка секунд 20 между «227 Entering Passive Mode» и последующим CONNECT(который похож на отвал по таймауту, так как начинает соединение заново).

Pinkbyte ★★★★★ ()

pam_service_name=vsftpd

А зачем тебе pam?

pacify ★★★★★ ()
Ответ на: комментарий от anonymous

Нормальный протокол. А что самое смешное, выгружать квитанции с 1C можно ток по нему, если я не ошибаюсь. Я работаю в проекте, где квитанции надо раскидывать по клиентам. Это crm. Разумеется, многие компании ведут свою отчётность в 1c. Ну так вот, приходится на уровне php поддерживать ftp, чтобы это работало. Такие вот дела.

u0000 ()
Ответ на: комментарий от sasha198407

сейчас обнаружил плюсом к этой проблеме еще одну. Если файл открылся один раз, то при повторном его открытии 1С пишет Ошибка открытия файла на FTP!!! А на сервере в логах

Wed Dec 15 11:25:02 2021 [pid 9672] [user] FAIL DOWNLOAD: Client "ip", "/dir/obmen/0004.jpg", 358207 bytes, 0.58Kbyte/sec
Wed Dec 15 11:25:02 2021 [pid 9672] [user] FTP response: Client "ip", "421 Data timeout. Reconnect. Sorry."

sasha198407 ()
Ответ на: комментарий от sasha198407

мамке своей поерничай. у тебя 1С 20 секунд пытается запустить Extended Passive Mode, что у него не получается (видимо) потому что никакого IPv6 у тебя нет. отключи EPSV а лучше вообще перейди на Active

anonymous ()
Ответ на: комментарий от thesis
Wed Dec 15 11:34:16 2021 [pid 9692] CONNECT: Client "ip"
Wed Dec 15 11:34:16 2021 [pid 9692] FTP response: Client "ip", "220 (vsFTPd 3.0.2)"
Wed Dec 15 11:34:16 2021 [pid 9692] FTP command: Client "ip", "AUTH TLS"
Wed Dec 15 11:34:16 2021 [pid 9692] FTP response: Client "ip", "234 Proceed with negotiation."
Wed Dec 15 11:34:16 2021 [pid 9692] FTP command: Client "ip", "USER user"
Wed Dec 15 11:34:16 2021 [pid 9692] [user] FTP response: Client "ip", "331 Please specify the password."
Wed Dec 15 11:34:16 2021 [pid 9692] [user] FTP command: Client "ip", "PASS <password>"
Wed Dec 15 11:34:16 2021 [pid 9691] [user] OK LOGIN: Client "ip"
Wed Dec 15 11:34:16 2021 [pid 9693] [user] FTP response: Client "ip", "230 Login successful."
Wed Dec 15 11:34:16 2021 [pid 9693] [user] FTP command: Client "ip", "SYST"
Wed Dec 15 11:34:16 2021 [pid 9693] [user] FTP response: Client "ip", "215 UNIX Type: L8"
Wed Dec 15 11:34:16 2021 [pid 9693] [user] FTP command: Client "ip", "FEAT"
Wed Dec 15 11:34:16 2021 [pid 9693] [user] FTP response: Client "ip", "211-Features:"
Wed Dec 15 11:34:16 2021 [pid 9693] [user] FTP response: Client "ip", " AUTH TLS\x0D\x0A"
Wed Dec 15 11:34:16 2021 [pid 9693] [user] FTP response: Client "ip", " EPRT\x0D\x0A"
Wed Dec 15 11:34:16 2021 [pid 9693] [user] FTP response: Client "ip", " EPSV\x0D\x0A"
Wed Dec 15 11:34:16 2021 [pid 9693] [user] FTP response: Client "ip", " MDTM\x0D\x0A"
Wed Dec 15 11:34:16 2021 [pid 9693] [user] FTP response: Client "ip", " PASV\x0D\x0A"
Wed Dec 15 11:34:16 2021 [pid 9693] [user] FTP response: Client "ip", " PBSZ\x0D\x0A"
Wed Dec 15 11:34:16 2021 [pid 9693] [user] FTP response: Client "ip", " PROT\x0D\x0A"
Wed Dec 15 11:34:16 2021 [pid 9693] [user] FTP response: Client "ip", " REST STREAM\x0D\x0A"
Wed Dec 15 11:34:16 2021 [pid 9693] [user] FTP response: Client "ip", " SIZE\x0D\x0A"
Wed Dec 15 11:34:16 2021 [pid 9693] [user] FTP response: Client "ip", " TVFS\x0D\x0A"
Wed Dec 15 11:34:16 2021 [pid 9693] [user] FTP response: Client "ip", " UTF8\x0D\x0A"
Wed Dec 15 11:34:16 2021 [pid 9693] [user] FTP response: Client "ip", "211 End"
Wed Dec 15 11:34:16 2021 [pid 9693] [user] FTP command: Client "ip", "OPTS UTF8 ON"
Wed Dec 15 11:34:16 2021 [pid 9693] [user] FTP response: Client "ip", "200 Always in UTF8 mode."
Wed Dec 15 11:34:16 2021 [pid 9693] [user] FTP command: Client "ip", "PBSZ 0"
Wed Dec 15 11:34:16 2021 [pid 9693] [user] FTP response: Client "ip", "200 PBSZ set to 0."
Wed Dec 15 11:34:16 2021 [pid 9693] [user] FTP command: Client "ip", "PROT P"
Wed Dec 15 11:34:16 2021 [pid 9693] [user] FTP response: Client "ip", "200 PROT now Private."
Wed Dec 15 11:34:16 2021 [pid 9693] [user] FTP command: Client "ip", "PWD"
Wed Dec 15 11:34:16 2021 [pid 9693] [user] FTP response: Client "ip", "257 "/""
Wed Dec 15 11:34:16 2021 [pid 9693] [user] FTP command: Client "ip", "TYPE A"
Wed Dec 15 11:34:16 2021 [pid 9693] [user] FTP response: Client "ip", "200 Switching to ASCII mode."
Wed Dec 15 11:34:16 2021 [pid 9693] [user] FTP command: Client "ip", "PASV"
Wed Dec 15 11:34:16 2021 [pid 9693] [user] FTP response: Client "ip", "227 Entering Passive Mode (10,128,0,22,82,38)."
Wed Dec 15 11:34:16 2021 [pid 9693] [user] FTP command: Client "ip", "LIST -a"
Wed Dec 15 11:34:16 2021 [pid 9693] [user] FTP response: Client "ip", "150 Here comes the directory listing."
Wed Dec 15 11:34:16 2021 [pid 9693] [user] FTP response: Client "ip", "226 Directory send OK."
Wed Dec 15 11:34:16 2021 [pid 9693] [user] FTP command: Client "ip", "PWD"
Wed Dec 15 11:34:16 2021 [pid 9693] [user] FTP response: Client "ip", "257 "/""
Wed Dec 15 11:34:16 2021 [pid 9693] [user] FTP command: Client "ip", "CWD /.bash_logout"
Wed Dec 15 11:34:16 2021 [pid 9693] [user] FTP response: Client "ip", "550 Failed to change directory."
Wed Dec 15 11:34:16 2021 [pid 9693] [user] FTP command: Client "ip", "TYPE I"
Wed Dec 15 11:34:16 2021 [pid 9693] [user] FTP response: Client "ip", "200 Switching to Binary mode."
Wed Dec 15 11:34:16 2021 [pid 9693] [user] FTP command: Client "ip", "SIZE /.bash_logout"
Wed Dec 15 11:34:16 2021 [pid 9693] [user] FTP response: Client "ip", "213 18"
Wed Dec 15 11:34:16 2021 [pid 9693] [user] FTP command: Client "ip", "MDTM /.bash_logout"
Wed Dec 15 11:34:16 2021 [pid 9693] [user] FTP response: Client "ip", "213 20211124163326"
Wed Dec 15 11:34:47 2021 [pid 9693] [user] FTP command: Client "ip", "PWD"
Wed Dec 15 11:34:47 2021 [pid 9693] [user] FTP response: Client "ip", "257 "/""
sasha198407 ()
Ответ на: комментарий от sasha198407
ИмяFTPСервера               = "ip";
        ПортFTPСоединения           = 21;
        //

        ПользовательFTPСоединения   = "user" ;
        ПарольFTPСоединения         =  "passwd" ;
        ПассивноеFTPСоединение      =  Истина;
        ЗащищенноеСоединение = Новый ЗащищенноеСоединениеOpenSSL();
        Соединение = Новый FTPСоединение(ИмяFTPСервера, ПортFTPСоединения, ПользовательFTPСоединения, ПарольFTPСоединения,, ПассивноеFTPСоединение,,ЗащищенноеСоединение, УровеньИспользованияЗащищенногоСоединенияFTP.Требовать)

это настройки в 1С

sasha198407 ()
Ответ на: комментарий от sasha198407

Итого, быстрый клиент:
«227 Entering Passive Mode (10,128,0,22,82,38).»
Медленный клиент:
«227 Entering Passive Mode (10,128,0,7,82,54).»

Возникает вопрос, почему айпишники серверов разные.

thesis ★★★★★ ()
Ответ на: комментарий от sasha198407

Ответ сервера на PASV - это строка с айпишником и портом сервера, куда он ждет подключения для передачи данных. У тебя в логе 1с айпишник не такой, как в логе «быстрого» клиента.

thesis ★★★★★ ()
Ответ на: комментарий от sasha198407

А на сервере сколько айпишников настроено? Вообще мне лень думать, уходить надо, поэтому попробуй сунуть в конфиг pasv_address=айпишник_сервера_который_надо_юзать и сравни ответы клиентам на PASV еще раз.

thesis ★★★★★ ()
Ответ на: комментарий от thesis

Да нет. Это просто я тупанул. Проблема обнаружилась на боевом сервере и я скинул лог медленного соединения с боевого сервера. Потом развернул другой сервер (что б боевой «не колупать»), на нем проблема повторяется и когда попросили лог быстрого подключения. то я по запаре скинул лог уже тестового сервера. Ниже лог медленного соединения с тестового сервера. Ну если честно, то он не особо отличается от лога с боевого.

Wed Dec 15 12:02:54 2021 [pid 9728] CONNECT: Client "ip"
Wed Dec 15 12:02:54 2021 [pid 9728] FTP response: Client "ip", "220 (vsFTPd 3.0.2)"
Wed Dec 15 12:02:54 2021 [pid 9728] FTP command: Client "ip", "AUTH SSL"
Wed Dec 15 12:02:54 2021 [pid 9728] FTP response: Client "ip", "234 Proceed with negotiation."
Wed Dec 15 12:02:54 2021 [pid 9728] FTP command: Client "ip", "USER user"
Wed Dec 15 12:02:54 2021 [pid 9728] [user] FTP response: Client "ip", "331 Please specify the password."
Wed Dec 15 12:02:54 2021 [pid 9728] [user] FTP command: Client "ip", "PASS <password>"
Wed Dec 15 12:02:54 2021 [pid 9727] [user] OK LOGIN: Client "ip"
Wed Dec 15 12:02:54 2021 [pid 9729] [user] FTP response: Client "ip", "230 Login successful."
Wed Dec 15 12:02:55 2021 [pid 9729] [user] FTP command: Client "ip", "PBSZ 0"
Wed Dec 15 12:02:55 2021 [pid 9729] [user] FTP response: Client "ip", "200 PBSZ set to 0."
Wed Dec 15 12:02:55 2021 [pid 9729] [user] FTP command: Client "ip", "PROT P"
Wed Dec 15 12:02:55 2021 [pid 9729] [user] FTP response: Client "ip", "200 PROT now Private."
Wed Dec 15 12:02:55 2021 [pid 9729] [user] FTP command: Client "ip", "PWD"
Wed Dec 15 12:02:55 2021 [pid 9729] [user] FTP response: Client "ip", "257 "/""
Wed Dec 15 12:02:55 2021 [pid 9729] [user] FTP command: Client "ip", "FEAT"
Wed Dec 15 12:02:55 2021 [pid 9729] [user] FTP response: Client "ip", "211-Features:"
Wed Dec 15 12:02:55 2021 [pid 9729] [user] FTP response: Client "ip", " AUTH TLS\x0D\x0A"
Wed Dec 15 12:02:55 2021 [pid 9729] [user] FTP response: Client "ip", " EPRT\x0D\x0A"
Wed Dec 15 12:02:55 2021 [pid 9729] [user] FTP response: Client "ip", " EPSV\x0D\x0A"
Wed Dec 15 12:02:55 2021 [pid 9729] [user] FTP response: Client "ip", " MDTM\x0D\x0A"
Wed Dec 15 12:02:55 2021 [pid 9729] [user] FTP response: Client "ip", " PASV\x0D\x0A"
Wed Dec 15 12:02:55 2021 [pid 9729] [user] FTP response: Client "ip", " PBSZ\x0D\x0A"
Wed Dec 15 12:02:55 2021 [pid 9729] [user] FTP response: Client "ip", " PROT\x0D\x0A"
Wed Dec 15 12:02:55 2021 [pid 9729] [user] FTP response: Client "ip", " REST STREAM\x0D\x0A"
Wed Dec 15 12:02:55 2021 [pid 9729] [user] FTP response: Client "ip", " SIZE\x0D\x0A"
Wed Dec 15 12:02:55 2021 [pid 9729] [user] FTP response: Client "ip", " TVFS\x0D\x0A"
Wed Dec 15 12:02:55 2021 [pid 9729] [user] FTP response: Client "ip", " UTF8\x0D\x0A"
Wed Dec 15 12:02:55 2021 [pid 9729] [user] FTP response: Client "ip", "211 End"
Wed Dec 15 12:02:55 2021 [pid 9729] [user] FTP command: Client "ip", "OPTS UTF8 ON"
Wed Dec 15 12:02:55 2021 [pid 9729] [user] FTP response: Client "ip", "200 Always in UTF8 mode."
Wed Dec 15 12:02:55 2021 [pid 9729] [user] FTP command: Client "ip", "PASV"
Wed Dec 15 12:02:55 2021 [pid 9729] [user] FTP response: Client "ip", "227 Entering Passive Mode (10,128,0,22,82,31)."
Wed Dec 15 12:03:16 2021 [pid 9731] CONNECT: Client "ip"
Wed Dec 15 12:03:16 2021 [pid 9731] FTP response: Client "ip", "220 (vsFTPd 3.0.2)"
Wed Dec 15 12:03:16 2021 [pid 9731] FTP command: Client "ip", "AUTH SSL"
Wed Dec 15 12:03:16 2021 [pid 9731] FTP response: Client "ip", "234 Proceed with negotiation."
Wed Dec 15 12:03:16 2021 [pid 9731] FTP command: Client "ip", "USER user"
Wed Dec 15 12:03:16 2021 [pid 9731] [user] FTP response: Client "ip", "331 Please specify the password."
Wed Dec 15 12:03:16 2021 [pid 9731] [user] FTP command: Client "ip", "PASS <password>"
Wed Dec 15 12:03:16 2021 [pid 9730] [user] OK LOGIN: Client "ip"
Wed Dec 15 12:03:16 2021 [pid 9732] [user] FTP response: Client "ip", "230 Login successful."
Wed Dec 15 12:03:16 2021 [pid 9732] [user] FTP command: Client "ip", "PBSZ 0"
Wed Dec 15 12:03:16 2021 [pid 9732] [user] FTP response: Client "ip", "200 PBSZ set to 0."
Wed Dec 15 12:03:16 2021 [pid 9732] [user] FTP command: Client "ip", "PROT P"
Wed Dec 15 12:03:16 2021 [pid 9732] [user] FTP response: Client "ip", "200 PROT now Private."
Wed Dec 15 12:03:16 2021 [pid 9732] [user] FTP command: Client "ip", "PWD"
Wed Dec 15 12:03:16 2021 [pid 9732] [user] FTP response: Client "ip", "257 "/""
Wed Dec 15 12:03:16 2021 [pid 9732] [user] FTP command: Client "ip", "FEAT"
Wed Dec 15 12:03:16 2021 [pid 9732] [user] FTP response: Client "ip", "211-Features:"
Wed Dec 15 12:03:16 2021 [pid 9732] [user] FTP response: Client "ip", " AUTH TLS\x0D\x0A"
Wed Dec 15 12:03:16 2021 [pid 9732] [user] FTP response: Client "ip", " EPRT\x0D\x0A"
Wed Dec 15 12:03:16 2021 [pid 9732] [user] FTP response: Client "ip", " EPSV\x0D\x0A"
Wed Dec 15 12:03:16 2021 [pid 9732] [user] FTP response: Client "ip", " MDTM\x0D\x0A"
Wed Dec 15 12:03:16 2021 [pid 9732] [user] FTP response: Client "ip", " PASV\x0D\x0A"
Wed Dec 15 12:03:16 2021 [pid 9732] [user] FTP response: Client "ip", " PBSZ\x0D\x0A"
Wed Dec 15 12:03:16 2021 [pid 9732] [user] FTP response: Client "ip", " PROT\x0D\x0A"
Wed Dec 15 12:03:16 2021 [pid 9732] [user] FTP response: Client "ip", " REST STREAM\x0D\x0A"
Wed Dec 15 12:03:16 2021 [pid 9732] [user] FTP response: Client "ip", " SIZE\x0D\x0A"
Wed Dec 15 12:03:16 2021 [pid 9732] [user] FTP response: Client "ip", " TVFS\x0D\x0A"
Wed Dec 15 12:03:16 2021 [pid 9732] [user] FTP response: Client "ip", " UTF8\x0D\x0A"
Wed Dec 15 12:03:16 2021 [pid 9732] [user] FTP response: Client "ip", "211 End"
Wed Dec 15 12:03:16 2021 [pid 9732] [user] FTP command: Client "ip", "OPTS UTF8 ON"
Wed Dec 15 12:03:16 2021 [pid 9732] [user] FTP response: Client "ip", "200 Always in UTF8 mode."
Wed Dec 15 12:03:16 2021 [pid 9732] [user] FTP command: Client "ip", "EPSV"
Wed Dec 15 12:03:16 2021 [pid 9732] [user] FTP response: Client "ip", "229 Entering Extended Passive Mode (|||21063|)."
Wed Dec 15 12:03:16 2021 [pid 9732] [user] FTP command: Client "ip", "TYPE A"
Wed Dec 15 12:03:16 2021 [pid 9732] [user] FTP response: Client "ip", "200 Switching to ASCII mode."
Wed Dec 15 12:03:16 2021 [pid 9732] [user] FTP command: Client "ip", "LIST"
Wed Dec 15 12:03:16 2021 [pid 9732] [user] FTP response: Client "ip", "150 Here comes the directory listing."
Wed Dec 15 12:03:17 2021 [pid 9732] [user] FTP response: Client "ip", "226 Directory send OK."
Wed Dec 15 12:03:17 2021 [pid 9732] [user] FTP command: Client "ip", "CWD /"
Wed Dec 15 12:03:17 2021 [pid 9732] [user] FTP response: Client "ip", "250 Directory successfully changed."
Wed Dec 15 12:03:17 2021 [pid 9732] [user] FTP command: Client "ip", "CWD dir/obmen"
Wed Dec 15 12:03:17 2021 [pid 9732] [user] FTP response: Client "ip", "250 Directory successfully changed."
Wed Dec 15 12:03:17 2021 [pid 9732] [user] FTP command: Client "ip", "EPSV"
Wed Dec 15 12:03:17 2021 [pid 9732] [user] FTP response: Client "ip", "229 Entering Extended Passive Mode (|||21003|)."
Wed Dec 15 12:03:17 2021 [pid 9732] [user] FTP command: Client "ip", "TYPE I"
Wed Dec 15 12:03:17 2021 [pid 9732] [user] FTP response: Client "ip", "200 Switching to Binary mode."
Wed Dec 15 12:03:17 2021 [pid 9732] [user] FTP command: Client "ip", "SIZE 0005.jpg"
Wed Dec 15 12:03:17 2021 [pid 9732] [user] FTP response: Client "ip", "213 257106"
Wed Dec 15 12:03:17 2021 [pid 9732] [user] FTP command: Client "ip", "RETR 0005.jpg"
Wed Dec 15 12:03:17 2021 [pid 9732] [user] FTP response: Client "ip", "150 Opening BINARY mode data connection for 0005.jpg (257106 bytes)."
Wed Dec 15 12:03:17 2021 [pid 9732] [user] OK DOWNLOAD: Client "ip", "/dir/obmen/0005.jpg", 257106 bytes, 530.56Kbyte/sec
Wed Dec 15 12:03:17 2021 [pid 9732] [user] FTP response: Client "ip", "226 Transfer complete."
Wed Dec 15 12:03:18 2021 [pid 9732] [user] FTP command: Client "ip", "QUIT"
Wed Dec 15 12:03:18 2021 [pid 9732] [user] FTP response: Client "ip", "221 Goodbye."

Извиняюсь за эту неразбериху. Просто в голове уже кавардак.

sasha198407 ()
Ответ на: комментарий от sasha198407

Ай, да все фигня. Надо запускать по сниферу с каждой стороны и прямо в процессе подключения смотреть, с какой стороны и когда именно возникает этот двадцатисекундный затык на установке второго соединения. Это самое простое и ленивое, что можно сделать.

thesis ★★★★★ ()

Решил. Сервер, который я развернул располагается в яндекс облаке. У их ВМ есть 2 IP - это внутренний (ip самого сервера) и внешний(ip через который сервер смотрит в мир). И как я понял, внешний IP находится не на самой машине, а это адрес, грубо говоря, роутера и собственно трафик из мира натится с внешнего IP на внутренний. В общем прописал в vsftpd pasv_address=<внешний IP-адрес> . Теперь быстро открывает. Всем спаибо за участие и полезные мысли.

sasha198407 ()
Последнее исправление: sasha198407 (всего исправлений: 1)
Для того чтобы оставить комментарий войдите или зарегистрируйтесь.