> >> I have a RedHat 7.2 system with xinetd configured to run wu-ftpd. Our > fire > >> wall does not allow the auth service through, so the user has to wait > 20-40 > >> seconds for it to time out before they can logon. I tried disabling this > >> for ftpd in the ftpaccess file with "timeout RFC931 0" > >> > >> This seems to have no affect. Anyone know how to tell ftpd not to use > the > >> auth service. > > > How do you know it does? Given the amount of anonymous ftp done, > partcularly by > > Windows boxes that dun't comprehend auth, and via Squid hides people from > any > > possible auth request it doesn't make sense to me that it would. > > This is on a linux to linux ftp. While the ftp connect is waiting, the > server > shows the following: > > [root@UNS root]# netstat -a > Active Internet connections (servers and established) > Proto Recv-Q Send-Q Local Address Foreign Address State > tcp 0 0 *:http *:* LISTEN > tcp 0 0 *:ftp *:* LISTEN > tcp 0 0 *:ssh *:* LISTEN > tcp 0 1 UNS.cdm.oclc.org:1025 ibml01.dev.oclc.or:auth SYN_SENT > tcp 0 0 UNS.cdm.oclc.org:ftp ibml01.dev.oclc.or:1092 > ESTABLISHED > tcp 0 48 UNS.cdm.oclc.org:ssh dhcp30-94.dev.oclc:4282 > ESTABLISHED > udp 0 0 *:syslog *:* > Active UNIX domain sockets (servers and established) > Proto RefCnt Flags Type State I-Node Path > unix 6 [ ] DGRAM 861 /dev/log > unix 2 [ ] DGRAM 1053 > unix 2 [ ] DGRAM 1023 > unix 2 [ ] DGRAM 995 > unix 2 [ ] DGRAM 873 > unix 2 [ ] STREAM CONNECTED 483 > > The auth connection goes away at the same time the ftp login prompt appears > at > the ftp client. I don't think that's a coincidence.
It's evidence, not proof. Here's what you should do;-) Run tcpdump. I installed wu-ftpd on my test machine (my wife thinks it's hers, but we know different;-)) I ran tcpdump thus: tcpdump -s 4096 -w ftp-auth host possum possum is the test machine. I tried various ways of looking at the dump and finished up with this: tcpdump -r ftp-auth -X -q | less There is indeed an auth request, and on my system a response. After some puzzling over this - I have identd installed but not running and nothing listening I decided the response means "connection refused." To be absolutely sure, I'd frig around and run wu-ftpd under strace. My guess is your firewall is dropping the packets instead of allowing the response. I suggest this is "Bad Behaviour" in your circumstances, and you might explain the trouble it causes to the firewall folks and see if they will remedy the problem. -- Cheers John Summerfield Microsoft's most solid OS: http://www.geocities.com/rcwoolley/ Note: mail delivered to me is deemed to be intended for me, for my disposition. ============================== If you don't like being told you're wrong, be right!
